Basic | Essentials | Premium | Elite | Ultimate | |
---|---|---|---|---|---|
All Plans Include a Designated Customer Success Manager |
FTP CLOUD $ 90 BUY NOW $ 100 BUY NOW 10 - 100 GB 25 - 50 Users |
FTP CLOUD $ 180 BUY NOW $ 200 BUY NOW 25 - 250 GB 50 - 100 Users |
FTP CLOUD $ 270 BUY NOW $ 300 BUY NOW 50 - 500 GB UNLIMITED Users |
GOVFTP CLOUD $ 315 BUY NOW $ 350 BUY NOW 25 - 250 GB 50 - 150 Users |
GOVFTP CLOUD $ 450 BUY NOW $ 500 BUY NOW 50 - 500 GB UNLIMITED Users |
Compliance Readiness | |||||
SOC 2 FTP Today has received a SOC2 certification on its GOVFTP Cloud as of December 2021. All FTP Today data center partners are also audited annually under SSAE-18 standards. Audit reports are available for review upon a signed NDA. |
|||||
ISO 27001 All infrastructure partners are certified under the international ISO 27001 standard. |
|||||
PCI-DSS Subscription plans that meet PCI-DSS cloud compliance requirements for the financial services industry. |
|||||
HIPAA / HITECH (signed BAA) HIPAA ready subscription plans are available with our signed BAA. |
|||||
EU-US GDPR Privacy (signed DPA) All data center partners are EU-US Privacy Shield Certified. Subscription plans noted are available with our signed GDPR DPA. |
|||||
FedRAMP Moderate Noted plans will be hosted on a FedRAMP Moderate Authorized platform and infrastructure. |
|||||
FISMA Moderate Noted plans will be hosted on a FISMA Moderate Authorized platform and infrastructure. |
|||||
NIST SP 800-53 NIST SP 800-53 controls are the operational, technical, and management safeguards used by information systems to maintain the integrity, confidentiality, and security of federal information systems. |
|||||
NIST SP 800-171 Noted plans are hosted in a cloud that meets all ITAR, EAR, DFARS, and NIST SP 800-171 requirements. |
|||||
DFARS 252.204-7012 Noted plans are hosted in a cloud that meets all ITAR, EAR, DFARS, and NIST SP 800-171 requirements. |
|||||
DFARS 252.204-7020 Noted plans are hosted in a cloud that meets all ITAR, EAR, DFARS, and NIST SP 800-171 requirements. |
|||||
CMMC Level 1 & Level 3 Noted plans will be hosted on a Department of Defense Authorized platform with the appropriate NIST 800-171 controls to meet CMMC Level 1 and Level 3. |
|||||
DoD Impact Level 2 Noted plans will be hosted on a Department of Defense Authorized platform. |
|||||
ITAR / EAR Noted plans are hosted in a cloud that meets all ITAR, EAR, DFARS, and NIST SP 800-171 requirements. |
|||||
GLBA | |||||
StateRAMP | |||||
Threat Protections | |||||
Dedicated Firewalls Each of our private clouds is a Virtual Private Data Center, surrounded both externally and internally by two firewalls in an active-passive configuration. |
|||||
VMware High Availability All servers are protected by VMware High Availability and automatic VMotion to another host machine in the event of a failure. |
|||||
Vulnerability Scanning Network and application scans are run routinely to assess and mitigate potential protocol or application vulnerabilities. Customers are also welcome to run their own vulnerability scans on their own site. |
|||||
Intruder IP Blacklisting INDUSTRY EXCLUSIVE: FTP Today has developed proprietary rules that enable us to proactively block offending IP addresses within seconds by measuring various attack signatures. A master blacklist is shared across our entire network. |
|||||
Daily Backups The FTP Cloud offers 7 days of offsite backups. The GOVFTP Cloud offers 30 days of onsite backups (plus offsite DR). |
|||||
Disaster Recovery In addition to 30 days of onsite backups, every server on our GOVFTP platform is replicated in near real time to a Standby DR infrastructure hundreds of miles away in a second FedRAMP Authorized location. |
|||||
Network IPS A comprehensive suite of security features such as firewall capabilities, monitoring, alerts, Intrusion Detection System (IDS) and Intrusion Prevention System (IPS). |
|||||
Host IDS A Host-based Intrusion Detection Service (HIDS) monitors for and issues alerts for any unauthorized operating system changes. |
|||||
Virus & Spyware Protection Comprehensive real-time protection preventing viruses, spyware, and other Web threats to internal or external endpoints. |
|||||
Site Wide Settings | |||||
Dedicated IP Address Every FTP Today customer site has a unique dedicated IP address. If your plan includes Standby Disaster Recovery, it includes two dedicated IP addresses. |
|||||
Geo-fencing by Country INDUSTRY EXCLUSIVE: Allows you to limit logical access to specific countries (such as the U.S.) and block all other countries to prevent hacking or data exports. |
|||||
At-rest Encryption All FTP Today cloud storage systems encrypt all data at rest using AES-256 cipher strength. |
|||||
In-transit Encryption Encryption on all secure transmission protocols meets FIPS 140-2 requirements. |
|||||
Custom Branded Web UI Proprietary FTP Today web application, used not only for administration, but also as a powerful browser-based file transfer client. No plugins required. |
|||||
FTP, FTPS, SFTP & HTTPS FTP and Explicit FTPS are supported on port 21. Implicit FTPS is supported on port 990. SFTP is supported on port 22. HTTPS is supported on port 443. Protocol(s) are easily disabled. |
|||||
Custom Domain Name & Custom SSL Certificate Point your own subdomain (such as sftp.yourdomain.com) with a CNAME to your FTP Today subdomain. We will install a new SSL certificate to match your subdomain rather than *.ftptoday.com or *.govftp.com at our expense. |
$ | ||||
API Access Use our Admin API to add, change or remove users and folder permissions, retrieve logs and more! |
|||||
Sandbox (5 GB Test Site) | $ | $ | |||
User Authentication | |||||
Password Authentication The first line of defense is a good password. |
|||||
SSH Key Authentication Automated systems and SFTP software can use public SSH-key authentication instead of password. |
|||||
Inactive User Suspension Auto-suspend inactive users on a future calendar date, or based on the number of days since their last login. |
|||||
Password Strength Controls Set password length and strength requirements. |
|||||
Password Expiration Controls Set password expiration and reset requirements. |
|||||
New User Invitations w/ Initial Password Selection Email system to invite users to choose their own initial password. |
|||||
Multi-factor Authentication (OTP) Users can be required to use 2FA and admins can restrict the OTP method allowed (Email, SMS or TOTP app) for each user. |
|||||
Account Lockouts Establish policies for temporary lockouts for failed logins. |
|||||
Single Sign-On Single sign-on support for Identity Providers (IdP) such as Azure AD, Okta, Duo, Auth0 and SAML. One integration included. |
|||||
IP Address Restrictions INDUSTRY EXCLUSIVE: Restrict each user by protocol and/or by their remote IP address for tight security. |
|||||
User Facing Clickwrap Agreements Require users to check a box and accept custom contract terms prior to login. Records date, timestamp and IP address for a legally binding clickwrap agreement. |
|||||
Permissions & Automation | |||||
Access Directory The permission to enter or pass through a parent folder to reach a child folder, without seeing anything else in the parent. |
|||||
List Directory The permission to view a folder's entire directory listing. |
|||||
Upload The permission to upload a file to a given folder. This includes permission to create a sub-folder. |
|||||
Download The permission to download a file or a sub-folder from a given folder. |
|||||
Delete The permission to delete files or sub-folders from a given folder. |
|||||
Email Notifications Unlimited, granular email notifications per folder triggered by Upload, Download, Delete events or by reaching a given Storage Threshold. |
|||||
File Retention / Purge Purge files based on age, configurable on a per-folder basis or site wide. |
|||||
InfiniShare™ File Sharing | |||||
Restrict Who Can Create Links Only those users allowed by the Administrator can create file sharing links. |
|||||
Create Links to Send Files When permitted, authenticated users can send files to non-authenticated guests by creating links to certain files. |
|||||
Create Links to Receive Files When permitted, authenticated users can receive files from non-authenticated guests by creating links to certain folder locations. |
|||||
Set #Days before Links Expire Administrators can limit the number of days each link can be available before it automatically expires and can optionally allow users to override this limit. |
|||||
Set #Uses before Links Expire Administrators can limit the number of times each link can be used before it automatically expires and can optionally allow users to override this limit. |
|||||
Return Receipt on Link Usage Administrators can set whether a link will send a return receipt to the sender when the recipient uses the link, and can optionally allow users to override this limit. |
|||||
Passwords for Links Administrators can set whether a link will require a password from the link recipient, and can optionally allow users to override this setting. |
|||||
Auditing & Reports | |||||
Dashboard A quick view of storage usage, currently connected users and their most recent activity. Also a place for recent announcements or messages from FTP Today. |
|||||
Reports Activity formatted in clean reports with the ability to drill down to specific time periods within the past 90 days. Results exportable to CSV. |
|||||
Log History Detailed log files allow you to review and audit activity for every user session in minute detail. Monthly log files kept available for the life of your account. Log files do not count against your storage pool quota. |