What to consider when choosing a file transfer protocol

file transfer protocol

Share this content

Facebook
Twitter
LinkedIn

We all know “you need the right tool for the job.” When choosing between popular file transfer protocols, that adage remains, reports Fortra.

But, how do you know which one is right for your organisation, especially when trying to execute safe, compliant file transfers across your unique ecosystem?

This brief guide will help you define your requirements and explain which protocol is right for you.

Are you in it for convenience?

If so, your legacy File Transfer Protocol (FTP) “might” do.

Originally developed in 1971, this protocol was invented to secure computer files before the internet was even invented. Understandably, it is unable to step up to today’s robust security challenges.

However, it is still found grandfathered into over 21 million servers. The good news? Its longevity means that most trading partners will have it.

The bad news? It’s not safe.

Fortra’s Lead Solutions Engineer, Heath Kath puts it this way: “If you wouldn’t use an old, unsecure desktop computer from the 1970s to do your job, it’s probably safe to say you shouldn’t use FTP either.”

Need to meet requirements?

If you need external requirements dictated by an external client, such as the government, which requires the FIPS 140-2 standard (used to approve cryptographic modules), then you will need more secure protocols such as:

  • SFTP (SSH File Transfer Protocol)
  • FTPS (FTP Secure)
  • HTTPS (Hypertext Transfer Protocol Secure)

File transfer solutions that can be configured to the FIPS 140-2 setting help prevent users from encrypting files with anything other than validated FIPS 140-2 compliant cryptographic algorithms (e.g. AES).

When vetting a Managed File Transfer (MFT) solution at the federal level, National Security System (NSS) Procurement requirements must be considered.

Chris Bailey, Senior Product Manager, SFT, Fortra notes: “[Federal] buyers should also be looking at solutions that boost security via multi-factor authentication (MFA) via TOTPs (Time-based, One-Time Passwords), as well as those solutions that apply a WAF (Web Application Firewall) to the application layer of web-based applications used by government entities […]

“Ensuring your MFT solution incorporates one is just another layer of security you can add around your sensitive data.”

Solutions like Fortra’s GoAnywhere MFT meet the stringent security standards required for federal government buyers and its Validation Report and Security target are posted on the NIAP Product Compliant List.

Sending files to non-technical users?

If so, Hypertext Transfer Protocol Secure (HTTPS) might be right for you.

HTTPS doesn’t require you to install client applications for your end-users because it can all be done over an internet browser.

This simplifies secure online file transfers for non-technical clientele and provides TLS-encrypted communication. Popular SaaS tools, such as Dropbox or Google Drive use this protocol.

And, while convenient, this is not always secure as data is co-mingled and security controls are at the mercy of the provider.

Want secure internet file transfers?

Secure File Transfer Protocol (SFTP), the newer, safer version of FTP, is designed to deliver secure file transfers over the internet using Secure Shell (SSH).

It encrypts the entire connection before any files are sent over, verifying the client-server relationship with a three-way handshake.

The data travels over the encrypted connection in packets and is put back together at the end.

In addition, SFTP uses a single connection though just one port, which can make it easier to install firewall solutions.

Looking to speed non-sensitive data?

File Transfer Protocol over SSL/TLS (FTPS) is an older protocol that many organisations are phasing out, but it does offer transfer speeds that are faster than SFTP.

It uses multi-factor authentication just like SFT, but it provides an additional security mode to protect data in transit.

It can transfer between networks or over the internet, providing flexibility, and is still regarded as a reliable, efficient, and cost-effective choice.

FTPS requires an additional port number to be opened for the data channel for each file transfer request, which can pose a security risk for your network.

Need proof of safe delivery?

With Applicability Statement 2 (AS2), you can help meet regulatory compliance requirements as well as trading partner needs, as it allows for digital signature authentication for both senders and receivers and allows users to request an MDN (Message Disposition Notification) or receipt, which verifies that messages were successfully received and decrypted.

This serves as legal proof that files were delivered without being altered in transit. AS2 also provides validation of file integrity, with confirmation of successful transfers.

Data is protected with digital certificates and encryption standards while in transit across networks, systems and locations.

Supporting multiple protocols

Not sure which protocol is right for your organisation? Want to play it safe and keep your options open as you scale?

The reality is that some secure file transfer protocols will work for some scenarios and some will work for others.

Rather than create an IT Ops nightmare by juggling multiple SFT options separately, GoAnywhere Managed File Transfer (MFT) solution supports all the above protocols at once.

Get centralised encryption management for all your file transfer needs with a single pane of glass, easy deployment and flexible automation features.

With a secure file transfer solution like GoAnywhere, the array of protocols is at your disposal. You can:

  • Manage file transfers, even remotely
  • Configure file transfers from anywhere
  • Meet industry-specific compliance requirements
  • Integrate with your web and cloud applications

This can all be done from a single, streamlined platform that supports the protocols you and your trading partners need.

Newsletter
Receive the latest breaking news straight to your inbox