The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

What is FTP Security? Securing FTP Usage

by Nate Lord on Friday September 7, 2018

Contact Us
Free Demo
Chat

File Transfer Protocol is widely used in corporate networks yet has inherent data security risks. Here’s an overview of some of the challenges of FTP security and methods to address them.

A Definition of FTP Security

File Transfer Protocol (FTP) is a standard network protocol used to transfer files between computers over the Internet. FTP is built on client-server architecture and was developed by Abhay Bhushan in 1971. The protocol is still commonly used today, but FTP security is a major concern that can limit its usage when not addressed.

FTP Diagram
Image via StudyCampus.com.


Security Challenges of FTP

FTP was not built to be secure. It is generally considered to be an insecure protocol because it relies on clear-text usernames and passwords for authentication and does not use encryption. Data sent via FTP is vulnerable to sniffing, spoofing, and brute force attacks, among other basic attack methods.

There are several common approaches to addressing these challenges and securing FTP usage. FTPS is an extension of FTP that can encrypt connections at the client’s request. Transport Layer Security (TLS), Secure Socket Layer (SSL), and SSH File Transfer Protocol (also known as Secure File Transfer Protocol or SFTP) are often used as more secure alternatives to FTP because they use encrypted connections.

Network Data Loss Prevention Improves FTP Security

Network data loss prevention solutions are often used to secure data sent over FTP sessions. Network DLP solutions are able to inspect and control FTP traffic, blocking or allowing transfers based on policies governing what users can take what actions with data. NDLP solutions can also encrypt data sent via FTP to ensure it is only readable by authorized parties.

Network data loss prevention solutions also are crucial for FTP security in cases when employees may inadvertently share sensitive data and confidential files using FTP. By prompting users, encrypting files, or blocking unauthorized FTP transfers altogether, network DLP tools ensure that sensitive data is not being put at risk of interception or exfiltration.

While FTP has inherent data security risks, the use of alternative secure protocols and data protection solutions such as network DLP can enable secure FTP usage.

Tags: Data Protection 101

Nate Lord

Nate Lord is the former editor of Data Insider and is currently an account manager covering the southeast, Great Lakes, and Latin America regions at Digital Guardian. He has over 7 years of experience in the information security industry, working at Veracode prior to joining Digital Guardian in 2014. Nate enjoys learning about the complex problems facing information security professionals and collaborating with Digital Guardian customers to help solve them.