Dedicated hardware firewalls at the FTP Today network perimeter protect both our external facing and internal IP address blocks. Software firewalls at the server level provide automated intruder blacklisting within seconds and update a master blacklist with all servers on our network within a few minutes.
FTP Today operates on the principal of least privilege. The principle means giving a user only those privileges which are essential to perform its intended function. Data center technical staff have no root-privileged access to data on FTP Today virtual machines. There is no privileged access to any FTP Today machines from the public Internet. FTP Today staff with root privileges only have such access over a VPN. Privileged staff are prevented from accessing customer data by our confidentiality policy.
FTP Today’s software provides customer with logical controls such as limiting active protocols on the service (FTP, FTPeS, FTPS, SFTP and HTTPS). The customer is also provided logical control over IP address restrictions both by country and by user. Password and SSH-key authentication are also the responsibility of the customer to manage, along with assigning users access and permissions to file folders.