WHAT IS NIST? THE COMPLETE GUIDE TO THE NIST CYBERSECURITY FRAMEWORK
Explore this comprehensive guide on how the NIST Cybersecurity Framework can be applied to your organization.
FTP Admin 101: Summary of Workshop
FTP Today, a leading provider of secure FTP file transfer services, recently conducted a webinar titled "Admin 101: Setting up Defaults, Users and Workspaces."
It was designed to give both novice and veteran administrators of FTP Today a better idea of just how powerful some of these features can be and how they can help you protect your business mission critical information from a wide range of digital threats in the modern environment.
Setting up Site Security
The webinar began with a discussion of the security hierarchy built into FTP Today, many layers of which are missing at other FTP providers. Multiple firewalls and hacker blacklists are at the top of the list, as they are the most immediate level of defense against external threats. These are managed by FTP Today for the protection of all its customers. The remaining security layers are controlled by each customer’s FTP site administrator(s).
The site default functionality that is built into FTP Today is designed to save administrators as much time as possible and to meet industry compliance obligations related to the security of data files while in transit and at rest. You set certain security provisions on a site-wide basis, meaning that every user account that you create for file transfer thereafter will automatically follow these same rules.
FTP site administrators first choose to allow or disallow each access protocol -- FTP, Explicit FTPS, Implicit FTPS, SFTP and HTTPS -- at the site level; rules then apply to all users. Other default settings can lock files during upload and allow a file upload to be restarted if an Internet connection is dropped. More than anything, these defaults give administrators complete control over how the service works for their needs and preferences.
The next security layer is Country Access Settings. This allows administrators to allow, or more importantly disallow, login prompts from being granted to computer systems outside of countries where known business partners reside. This takes hacker prevention to another level, since most hack attempts originate outside the U.S., for example.
Once a login prompt is granted, user IP and protocol restrictions come next, followed by allowed usernames. The next layer of protection takes the form of a username and password or a username and SSH key. User authentication by password is often the first and only layer of security at other FTP hosting providers, whereas FTP Today has provided its customers with many more layers of protection and control.
Workspaces and Permissions
Finally, having met all the security requirements for a successful login, highly granular access permissions provide control over who has access to which files and folders on your secure FTP server.
The webinar touched on the concept of workspaces, which are folders with per-user permissions of visibility and the ability to upload, download or delete files. You might simply have one private workspace for each user or you might also create shared folders for two or more users (with different user permissions within the same folders, if desired). Users can therefore be added to a workspace based on their business role and the data files that they need to access, similar to their own position within the company in the first place.
Is your file sharing solution protecting your business?
Download our free Ebook and learn valuable statistics about internal file sharing threats you should know to protect your enterprise business.
About Martin Horan
Founder of FTP Today and an expert in secure file transfer and Internet protocols. A software and IT geek since a young age, Martin has successfully led his companies through the digital age by spotting market niches and filling them with quality IT services.