If your sensitive domain needs to provide FTP services, then secure FTP (File Transfer Protocol) or EFT (Enhanced File Transfer) will certainly help to protect data when it's being transferred from the server to a client or vice versa. FTP, like many other common Internet protocols such as HTTP and SMTP, was created before the introduction of SSL (Secure Sockets Layer) and so it's inherently insecure as data isn't encrypted during transit. In the case of FTP, this means that user names, passwords, FTP commands and transmitted files can be captured using a packet sniffer. Therefore it's essential to use a secure FTP service when handling sensitive data.
There are various secure FTP protocols. (FTP over SSH [Secure Shell] is often referred to as secure FTP but this is misleading as there are other methods of securing FTP, such as FTP over SSL [FTPS], Secure Copy [SCP], and SSH File Transfer Protocol [SFTP].) The two preferred options are FTPS or SFTP. FTPS is just an extension of FTP using an SSL layer below the standard FTP protocol to encrypt the control and data channels. This means that it's supported by most servers and, because it uses the same ports as FTP, there is no need to open additional firewall ports. Another benefit is that as FTPS uses certificates, which verify digital identities, a trust relationship can be established without having to directly exchange security information.
SFTP is a more recent protocol that uses SSH to provide a secure service where the server both encrypts the data and handles the file transfer. SSH uses keys, in a similar fashion to PGP, so SFTP clients must install their keys on the SFTP server. SFTP includes many file-management capabilities such as delete, rename, interrupted transfer resumption and directory listings.
It's important to set the correct permissions on an SFTP server to ensure least privilege access is maintained. Don't set up an FTP service on an unfamiliar OS because it will be difficult to get the access control correct. Also make the FTP server a single-function server. The more functions there are to configure, the greater the likelihood that a configuration error or combination of software components will introduce a security vulnerability. The most secure configuration is a single-purpose server.
FTP is a tricky service to secure correctly, which is why you may want to look at an EFT (Enhanced File Transfer) server. It supports a range of security protocols for easy integration with other systems and also handles the security of files once they've been uploaded, a security control many administrators overlook. EFT also provides monitoring, auditing, and reporting services, which are especially useful when complying with any statutory or industry regulations.
For more information:
This was first published in February 2010