Dedicated hardware firewalls at the FTP Today network perimeter protect both our external facing and internal IP address blocks. Software firewalls at the server level provide automated intruder blacklisting within seconds and update a master blacklist with all servers on our network within a few minutes.
FTP Today operates on the principal of least privilege. The principle means giving a user only those privileges which are essential to perform its intended function. There is no administrative access to any FTP Today machines from the public Internet. FTP Today staff with root privileges only have such access over a VPN. Privileged staff are prevented from accessing customer data by our confidentiality policy. Data center technical staff have no root-privileged access to FTP Today's virtual machines.
FTP Today’s software provides customer with logical controls such as limiting active protocols on the service (FTP, FTPeS, FTPS, SFTP and HTTPS). The customer is also provided logical control over IP address restrictions both by country and by user. Password and SSH-key authentication are also the responsibility of the customer to manage, along with assigning users access and permissions to file folders.