· What is FTP?
· Why is Cloud Not Better Than FTP To Transfer Large Files?
· FTP is Insecure
· FTP is Cumbersome
· Why is Binfer a great alternative to FTP?
· Binfer Sync Compared with FTP
· Transfer Big Files Without FTP
· References
FTP is a file transfer protocol. It was created in 1980 with the original objective of facilitating file transfer between internal networks. It was not designed to be a secure protocol or to transfer files over a public network.
Due to lack of other viable alternatives, it was patched and band-aided to allow for public application of file transfer. Without understanding its internals and deploying it carefully, one is exposed to great security risks and unforeseen costs
It started as a command line program and is also available as a graphical user interface. Today, it is mostly used to transfer files to a webserver. However, many businesses use it to transfer files between clients and offices
FTP requires two key components to work:-
FTP server is specialized software installed on a particular machine, commonly called a server. This requires advanced knowledge of ports, permissions, file systems and user management.
The FTP client is another specialized software used by end users. To connect to an FTP server, the end user must know details such as IP address, port, user and password.
Managed file transfer / cloud based file transfer is an enhanced FTP. Cloud based file sharing is an incremental improvement from FTP. Simplifies the management of FTP servers by offloading server hardware and software management. However, this is not a direct switch from FTP to MFT / cloud based solutions. Replacing FTP with MFT introduces additional issues
· There is a considerable cost increase
· Are more expensive in the long run.
· Need to be HIPAA compliant for certain kind of data.
· Lack of control over data.
· Is as secure as the vendor’s security controls.
· Unclear implementation of at rest and in-transit encryption methods.
· Heavy target of hackers.
· Several high profile public breaches every month, most go undetected.
FTP was not designed to be a secure protocol. Unless special precautions are take, FTP connections are un-encrypted. Which means that data is transferred in clear text. Data is vulnerable to interception. Following are the well known and documented vulnerabilities of FTP:
· Packet capture
· FTP bounce attack
· Brute force attack
· Spoofing attack
· Username enumeration
With the massive data breaches happening regularly, everyone is concerned about data security. Secure FTP using SSH is just adding another layer of complexity and overhead. Lack of audit trails and transfer logs make it even harder to track data transfer activities.
An advanced technical knowledge is required to manage FTP. Being a 40 year old legacy technology, it cannot tackle modern day tasks adequately. Following are some of the issues faced by users of FTP.
· Slow transfers
· Complicated setups
· Unreliable
· Limited logs
· Administration overhead
Transferring large files with FTP is a major problem and is not easy. There is no easy way to verify that files have been received by the recipient. Server administration is needed to be a central point of storage which adds to the cost in terms of both human personnel and hardware. Being a central drain also hinders the person to person workflow.
FTP is mainly used to upload website files to a web server. In the default settings, FTP does not encrypt anything. User credentials such as userid and password are all sent in clear text. In addition to authentication information, even files are sent in self-evident text. This makes it very easy for a person to withhold information and be privy to its contents.
Binfer’s Sync product is the best replacement for FTP. Binfer Sync offers the following great features that make transferring files between computes very easy.
· Does not need a special server to hold the files for transfer.
· Encrypts all data transfer using AES 256 bit encryption.
· Maintains detailed logs of all transfers,
· Automatically updates changed files.