SFTP: The Sensible Approach to Switch Your Cloud Information
With the growing buzz about everything “cloud computing,” most organizations are either starting to consider the cloud or have already moved some of their business processes to a cloud platform.
No matter where you stand, technology is no stranger to the cloud. Consumers use cloud applications, services, and storage daily, while many organizations streamline certain business processes in their cloud environment. But in a way, cloud computing platforms (and how we use them) are still just getting started.
In contrast to a couple years ago, cloud security, not simply cloud awareness, is the new trending topic in the industry. Cybersecurity strategies are constantly changing to reflect how cloud data is processed, exchanged, and stored. Cyberattacks are evolving too, with hackers working to find new vulnerabilities and weaknesses to exploit.
Knowing how to protect the files you store in the cloud is more important than ever.
RELATED READING: How to Promote Cloud Security in Your Organization
Your current cloud provider, whether that’s Microsoft Azure, Amazon Web Services, Google Cloud, or another platform, probably has processes in place to keep your cloud data safe. But security is a two-way street. Don’t leave something as precious as data security to your provider alone. Instead, set up your own security tactics, both on-premises and in the cloud, to ensure your files are safeguarded from risk, user error, and malicious intent.
Protecting a File’s Journey to the Cloud
Do you need to do either of the following in your organization?
- Transfer sensitive files from on premises to the cloud
- Connect to internal and external trading partners via cloud-based file systems
If so, you’ll probably use a file transfer protocol to get the file where it needs to go. This can be achieved using a server that creates a tunnel for file transfer activity to pass through.
Some providers, like Microsoft Azure, allow you to set up servers on a virtual machine in the cloud. Others may need you to set it up on-premises and have a client send your files to a folder in the cloud. Regardless of which method you choose, it’s important to ensure your files are secure in transit—for outbound and inbound file transfers. Cloud file transfers can experience the same risks, vulnerabilities, and cyberattacks that regular file transfers do, so always be aware of your security gaps and strive to fill them.
What’s one way to build better security practices into the cloud? When sending and retrieving files, use a secure file transfer protocol like SFTP.
What’s Wrong with FTP for Cloud File Transfers?
No one knows how many organizations still use basic FTP to transfer sensitive files, but there’s evidence that the number is still high.
If others use FTP, you might ask, why can’t I stick with FTP? Perhaps you have legacy FTP servers set up and can’t move to a new process, or maybe FTP seems easier to use and implement. We understand; there are many free FTP clients out there, and if you don’t have the resources to switch over to a secure file transfer protocol, the task can be daunting.
But FTP is quickly becoming unsupported by many institutions (e.g. UEDI in 2017). Not only was it made in the 1970s, when we didn’t have the security concerns we do today, it hasn’t been updated to meet the considerations we have now. User credentials are sent in the clear. The contents of the file transfer are unencrypted, meaning they can be sniffed, grabbed, and even recompiled into the original message.
When it comes down to it, FTP simply doesn’t meet today’s security needs or compliance requirements, and it doesn’t support the cybersecurity practices required for exchanging and storing sensitive files in the cloud. That’s why many leading organizations are looking into FTP alternatives, such as SFTP.
RELATED READING: Secure Your Cloud Data
Secure FTP: The Real MVP for Cloud File Transfers
If you’re making plans to move some of your business processes to the cloud or need to implement a server in the cloud to exchange files with your trading partners, consider using SFTP for your cloud file transfer needs.
SFTP wins over FTP every time in two areas:
1. Authentication
An SFTP server requires trading partners to authenticate in two different ways. They can either prove their identity with a user ID and password (this information is encrypted over the SFTP connection rather than sent over plain text) or validate with an SSH key or SSH key/password combo.
Using an SSH key requires the trading partner to have one half of their authentication (private key) on their personal computer, while the other half (public key) is loaded onto the server and associated with their account. This way, authentication succeeds only if the SSH key pair matches.
2. Implementation
While many organizations use FTP because it’s free and easy to set up, SFTP is also simple to implement. As a bonus, it works with your firewall to send and retrieve communications. A single port is used, providing a secure channel for data to flow through.
