5 FTP Security Fails & Fixes | Secure Your File Transfers

Home 9 Cybersecurity Threats & Solutions 9 5 FTP Security Fails & Fixes | Secure Your File Transfers

This article was published by Computing Security Magazine.

When Patrick Clark, a network analyst from Greenville, NC, asked fellow analysts and engineers for their thoughts on how FTP servers could be more secure, the prevalent response was: “Don’t use them.” Here follows his own take on this.

The pervasiveness of File Transfer Protocol (FTP) means that not using it is simply not an option for most organisations-it’s an easy, inexpensive way for customers, partners and employees to connect. But there are many things that you can do to make your FTP server more secure:

1. Secure your transfers with an encrypted protocol

Many FTP Servers support either Secure File Transfer Protocol (SFTP), which is a different protocol than FTP and is natively secure, or FTP over SSL (Secure Socket Layer), which is the same FTP protocol we’ve all come to know and love, but it runs through a secure tunnel.

2. If you are using certificates, don’t use self-signed certificates

Using a self-signed certificate is akin to trying to board an international flight with a piece of paper that reads “I am me.” Though you may be 100% certain of who you are, the person at the ticket counter has no way to confirm your identity. Self-signed certificates are also very susceptible to man-in-the-middle attacks. Someone could intercept the connection and present you with their own self-signed certificate, fooling you into thinking that you are using a secure connection with your FTP server, but you are really using a secure connection to an attacker’s server. They now also have your login credentials and anything else you gave them.

A third-party certificate signing authority gives you slightly stronger verification that you are actually using the key that belongs to the server to which you are trying to connect. Self-signed certificates are best used for testing purposes or in-house processes.

3. Don’t use anonymous access

Enabling anonymous access to your server is like posting an open invitation to your housewarming party on every street corner. Anonymous access makes it impossible to track which users are posting or pulling files from your server. You’ve already gone through the trouble of setting up so many user accounts for the express purpose of limiting and tracking access. By enabling anonymous access, you simply void that hard work and provide an unmanned access point.

4. Don’t make it easy for hackers

Most hackers will look for, and inevitably find, easy targets. Though you may not deter the most motivated of hackers, you can make yourself a less attractive victim. The implementation of anti-hacking (password guessing) and anti-hammering (Denial of Service) thresholds and IP blacklists can go a long way in keeping hackers away. Also, keep the firewall locked down, minimise open ports and stay vigilant about installing security patches.

5. Avoid freeware (it’s true you get what you pay for)

Don’t get me wrong: there are lots of great freeware products available. But, if security is really a concern, buy from a reputable company that depends on selling quality products and offering helpful technical support. If the software is free, the person or company providing it has nothing to lose, if you are unhappy with their product or service. Make sure that your vendor has an interest in your success.

We reviewed a number of FTP servers that are in line with recommendations, but ultimately chose and implemented Titan FTP Server Enterprise Edition from South River Technologies. It’s a high performance, stable SFTP server, with a large library of event triggers to derail hackers, and to us it offered the best SFTP server price for performance value.

Ready to try Titan FTP in your own environment?

Media Contact

Meredith Fitzpatrick

Senior Director of Marketing

Search

More News

Categories

Newsletter Sign Up

Stay up to date on the latest news & updates.
About South River Technologies
South River Technologies (SRT) is a leader in secure file access and managed file transfer solutions, helping businesses optimize file sharing, compliance, and automation without compromising performance. With a reputation for security, reliability, and innovation, SRT’s WebDrive, Titan SFTP, and Cornerstone MFT solutions are trusted by thousands of enterprises worldwide and recognized by industry experts.
Visit Us On Social Media
Contact Details

Hours

Monday-Friday: 8:30AM EST to 5:30PM EST

Phone

Toll-Free: 866.861.9483

For more information, media inquiries, or a demo request, please contact South River Technologies