There are quite a few routes you can take when it comes to a file transfer solution and the type of encryption to use, but say you are an SMB with very limited budget. How are you going to protect your data when you don’t have the money that an enterprise has access to? It leaves SMBs at a serious disadvantage when it comes to data encryption, especially if they are on the hook for staying compliant.
We get it. IT budgets are tight. Not every IT team can afford a managed file transfer (MFT) solution, and not every IT team works for a company in a highly regulated industry like healthcare. However, with a reasonable amount of time and effort, a simple FTP server customized to your needs fills in the security and reliability checkboxes.
Different Types of File Transfer and Encryption
There are a few popular forms of FTP, and the biggest difference between them is the type of encryption used. The most popular types of FTP are:
› FTP with TLS (FTPS)
› SSH File Transfer Protocol (SFTP)
› Hypertext Transfer Protocol Secure (HTTPS)
As mentioned before, FTP by itself provides no additional security mechanism besides asking for a password. If the data you are sending is not considered sensitive and/or is restricted to transferring files within your network, then FTP can be perfectly fine to use. Many companies use FTP with basic password protection just to send large files within their network that would otherwise be an issue or restricted by IT via email. Don’t use this simplest form of FTP if sensitive data is being transferred outside your business network.
FTPS is simply the means of securing files being transferred through FTP with transport socket layer security, otherwise known as TLS. TLS is also known as secure socket layer (SSL), because TLS is the direct successor of SSL. Encryption with TLS begins with a handshake at the start of a session, in most instances a web session, since TLS is used by most major websites to encrypt data.
SFTP, also known as secure file transfer protocol, allows the reliable access and movement of data from one location to another. It includes some extra features that allows resuming interrupted file transfers and the ability to remove files remotely.
As the name implies, HTTPS is a more secure version of HTTP. Much like how FTPS uses TLS encryption to transfer files, HTTPS uses TLS to authenticate web pages with corresponding web servers. The secured layer is necessary to avoid eavesdropping and as of recently, is required by Google to maintain good ranking in Google search. HTTPS has been around for a while, but was originally used for making payments over the web. As data privacy has become more important, it is deployed on many websites across several industries.
Deciding on a File Transfer Solution
Which file transfer solution you use simply comes down to your budget, what you are transferring, and the type of encryption you need. Some encryption standards are a bit weighty yet necessary to meet regulatory compliance. Other encryption standards are easier to implement and can make transferring data faster.
Once you have an idea of what is required, you can then decide whether using FTP is adequate for your needs or not. If it is, then you will need to decide on how you will host your data transfers. An easy-to-use and versatile client and server combination is WS_FTP Pro by Ipswitch.