SFTP | What Is Secure File Transfer Protocol?

Is SFTP just another data transfer protocol, and is it the same as FTPS? These answers may surprise you, so keep reading to find out.

What does SFTP stand for? SFTP stands for Secure File Transfer Protocol or SSH File Transfer Protocol. SFTP is a protocol that encrypts information as it is being transferred to protect the data from attacks.

What Is SFTP?

Secure File Transfer Protocol is a form of file transfer that provides security for data during transmission using Secure Shell protection.

One of the fundamental forms of file transfer, which is still used today, is File Transfer Protocol. FTP uses a two-channel approach to establishing connections between computers:

1. The command channel initiates and sends FTP commands between each computer to help facilitate the transfer.
2. The data channel is where the actual movement of data happens.

FTP is rather simple: A single computer (the client) attempts to connect to an FTP server to download or upload files. The server handles the incoming connection and accepts login credentials if configured to require authentication. Once the connection is established, the server and the client can exchange files.

The limitation of FTP is that it includes no inherent security. While a data server may have some form of encryption, FTP does not include encryption for data in transit. Because of this fact, a man-in-the-middle attack or other forms of data theft could steal data transmitted via FTP and immediately read it. This kind of approach is not useful for any application that needs any form of security.

Enter Secure FTP. This protocol models its functionality off of FTP but makes connections via SSH. That means that the file transmission is protected through encryption.

SFTP has several advantages over FTP:

• Encryption: SSH uses encryption to protect data during transit. If that data is stolen or listened to during a transfer, the hacker would still need to break the encryption to read it. Because of this, secure FTP is suitable for applications that call for data security.
• Simplified Use: FTP uses multiple channels to execute transfers, which means multiple connections to various ports on the server. Users only connect to a single port (the SFTP port, typically defaulting to port 22) on an SFTP server.
• Tunneling: SSH supports a process of tunneling, where data is transferred through an encrypted “tunnel.” Unlike direct transfers (of which FTP is an example), when SFTP uses SSH, it can protect all data transmitted, including authentication credentials. SSH tunneling also allows users to use multiple applications within an encrypted tunnel.

Because of these advantages, SFTP is a common form of secure file transfer for many enterprise documents and data management solutions.

SSH File Transfer Protocol (SFTP)

SSH (Secure Shell) is a cryptographic network protocol used for secure communication between two networked devices such as computers, servers, and mobile devices. It provides secure remote login, secure file transfer, and other services over an insecure network. It uses a client-server architecture and public-key cryptography to authenticate the remote computer and grant access to the requested resources. SSH also provides strong encryption and authentication to protect against various attacks such as man-in-the-middle, eavesdropping, and spoofing. SSH helps protect important data while it is being transmitted over the network, as well as allowing secure access to remote systems. SSH is also used to remotely execute commands, creating a secure tunnel between two machines.

SSH File Transfer Protocol (SFTP) is an enhanced version of SSH that uses the same Secure Shell encryption to provide secure file transfer over networks. SFTP provides strong encryption and authentication to protect against various attacks, allowing the secure transfer of files between two networked systems. It is a secure, reliable, and fast protocol for transferring data over a Secure Shell connection, offering features such as directory listing, file permissions, and authentication. SFTP also supports data compression and hashing, which can help reduce the amount of data transferred and its complexity. SFTP is uniquely qualified for secure file transfer because of its strong encryption, authentication methods, and efficient data transfer protocol.

FTP vs. SFTP vs. FTPS

While FTP, SFTP, and FTPS are all used for file transfers, they have unique attributes and key differentiators. The key differences between FTP, SFTP and FTPS are their encryption methods.

FTP (File Transfer Protocol) is a standard protocol used to transfer files over the internet. It is an insecure protocol, meaning data is transferred in plain text, and it does not include any encryption. A business would use FTP and not SFTP or FTPS if they do not have a secure connection or if they do not need to transfer sensitive data. FTP is easier to set up and is quicker to transfer files, since it does not use encryption, however it is less secure than SFTP or FTPS.

SFTP (Secure File Transfer Protocol) is a secure protocol that provides data encryption using the SSH protocol over the internet. A business would use SFTP and not FTP or FTPS if they require a secure connection and they need to transfer sensitive data. SFTP provides a secure connection, as it uses encryption, however it is slower than FTP, as encryption needs to be applied to the data being transferred.

FTPS (File Transfer Protocol over SSL/TLS) is a secure protocol that uses SSL/TLS encryption for file transfer services. It is a more secure version of FTP, as data is transmitted with encryption over the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. A business would use FTPS and not FTP or SFTP if they require a secure connection and they need to transfer sensitive data. FTPS provides a more secure connection than FTP, as it uses SSL/TLS encryption. However, it is slower than FTP or SFTP, as encryption needs to be applied to the data being transferred.

In summary, FTP is an insecure protocol that does not provide any encryption, SFTP is a secure protocol that provides encryption, and FTPS is a secure protocol that uses SSL/TLS encryption.

Using SFTP for Secure Data Transfer

SFTP is a popular choice for secure data transfer because it provides a secure connection for exchanging data over a public or private network. It uses strong encryption, which helps protect data from being viewed or modified throughout the transfer process. It also offers secure authentication to ensure that the data is being sent to the correct recipient. Additionally, SFTP is easy to set up and use, and is often used in organizations as a secure alternative to traditional file transfer methods such as FTP and HTTP.

Organizations use SFTP for secure data transfer because it helps protect sensitive data and confidential information. By using SFTP, organizations are able to ensure that data is not exposed to potential risk, such as unauthorized access, data corruption, and other security threats. Additionally, because SFTP uses encryption to protect data during transfer, it ensures that data remains confidential and prevents attackers from intercepting it. It also provides an efficient method for organizations to securely exchange large amounts of data, which may be beneficial for remote file transfers.

SFTP is a more secure alternative to email for file transfer, as email does not use encryption, which protects data from being viewed or modified in transit. Additionally, email does not offer authentication, which makes it more vulnerable to malicious actors. SFTP also offers greater speed and reliability compared to email. With SFTP, files are transferred directly from the sender to the recipient rather than being stored on a mail server, which can reduce the risk of data being tampered with or being leaked from the server.

What Port Does SFTP Use?

SFTP usually uses port 22. This is because port 22 is reserved for SSH (Secure Shell), which is used to secure the connection between the two computers. Port 22 is the standard port for SFTP, but other ports can also be used if they are open on the server. Port 22 is the preferred port for SFTP because it is the standard port used by SSH and is the most secure port available. Port 22 offers a higher level of encryption compared to other ports, making it more difficult for malicious attackers to access and tamper with the data being transferred. Also, port 22 is a well-known port, making it easier for network administrators to manage their firewalls.

What Is FTPS?

File transfer providers often offer secure FTP and FTP over SSL (FTPS) features. It’s important to understand that while it only seems like a small change in a name, the differences between SFTP and FTPS are significant.

SFTP is based on the FTP protocol, but it is an implementation of FTP logic within the SSH protocol. Conversely, FTPS is FTP run through another protocol known as the Secure Sockets Layer (SSL).

As a side note, the original SSL specification has gone dormant, and the Transport Layer Security (TLS) is in its place. TLS essentially does the same thing, with a modern implementation.

The difference between SSL and SSH goes down to functionality. SSH creates a tunnel between computers through which commands and applications can operate. SSL/TLS, however, does not allow for such commands. Instead, it leverages SSL certificates as authentication proofs to encrypt direct transfers.

SFTP and FTPS accomplish the same tasks, and because of this, they can often be used as effective and secure file transfers. However, secure FTP offers a more robust and elegant implementation that plays better with modern security measures like firewalls (due to tunneling), meaning that SFTP is used more often than FTPS. Many security experts and compliance managers have essentially moved focus to SFTP, meaning FTPS is fading from use year after year.

Is SFTP the Same as a Virtual Private Network?

A virtual private network (VPN) is a private internet connection over public internet channels, typically connecting to a local area network (LAN) for professional purposes. With a VPN, a user’s computer and network traffic are routed over a “private” virtual connection that tunnels into a larger, “private” network. The private aspect of this network still operates on top of a public internet connection. SFTP software commands and encryption combinations , essentially making this traffic private to outside users.

There are some commonalities here, particularly the notion of using encrypted communications to run private data over public networks. However, SFTP is dedicated solely to file transfer and sharing, whereas a VPN essentially allows a user to enter an entire public network and its resources. This kind of application provides two advantages over SFTP:

1. Business LAN Access: With a VPN and the right credentials, a user can access a private LAN as if they were on a device within the LAN itself. As such, the computer connecting to the LAN over the VPN has similar, if not identical, capabilities to a computer within a private office.
2. Private IP Protection: Users can connect to a remote SFTP server through a VPN, which means their IP address is protected from unauthorized tracking.

SFTP can be used with a VPN for additional security, but they do not accomplish the same things individually.

What Role Does SFTP Play in Compliance?

Almost every compliance framework requires some form of encryption for data at rest and data in transit between devices. Solutions like FTP simply do not meet these requirements, unlike secure FTP.

That is not to say that secure FTP meets all requirements out of the box. Secure file transfer solutions can come with stronger or weaker encryption algorithms in place, limiting their usefulness for compliance. For example, if an older SFTP program uses defunct encryption algorithms like DES or MD5, they will not meet encryption requirements.

In general, if an SFTP host uses AES-128 or AES-256 symmetric cryptography on server-stored information and in-transit encryption utilizing RSA 2048 keys (like TLS 1.2 or higher), then it will almost certainly meet most encryption standards, including those for regulations like HIPAA, FedRAMP, or SOC 2.

Additionally, platforms like SFTP gateways can help large enterprises facilitate secure, fast, and high-volume transfers between legacy and cloud systems without breaking compliance.

What Should I Look for in an SFTP Solution?

A secure FTP solution should satisfy three crucial criteria:

1. Security: The server and the transmission protocol must have proper encryption. Additionally, dedicated firewalls, strict identity and access management with multi-factor authentication, and role-defined access controls are all important for top-notch security and most compliance standards.
2. Usability: Even the most secure solution must be usable by people in an organization. User experience not only makes the program effective and useful, it promotes better security through features like passwordless authentication and ease of implementation across multiple platforms.
3. Scalability: An enterprise-grade secure FTP platform should support the kind of scalability necessary to support rapid company growth. This includes features like unlimited bandwidth, unlimited file sizes, and unlimited connections.

SFTP: A Critical Function for Data-driven Enterprises

SFTP serves two critical functions across an enterprise. On the one hand, employees can rely on secure FTP for important, secure file sharing where speed and privacy are paramount. On the other hand, SFTP can serve as the foundation for more extensive managed file transfer solutions where batch processing, scheduled transfers, and event-driven transfers are part of day-to-day business operations.

Take a look underneath the hood of Kiteworks, including our SFTP capabilities, by scheduling a tailored demo based on your business requirements.

 

Back to Risk & Compliance Glossary