Take a Tour

x Close

Take a Tour

Secure File Sharing:
Answers to Common Questions

Are you trying to select a new file sharing solution, but you have a few questions first?
Explore these common questions about file sharing solutions and find out their answers.
Back to Index

What is the Goal for a File Sharing Solution?

Download this page as PDF

Every company has different needs when it comes to file sharing within their organization and with outside parties.

Which of these objectives do you want your file sharing solution to facilitate?

Secure File Transfers

Our secure file sharing solution allow you to remain ITAR compliant in exporting controlled data.

File Sharing Links

If you often share files with vendors or clients, a solution with quick file sharing links is beneficial. You can send these links without the recipient needing a username and password to retrieve files.

Collaboration

Do you need a file sharing solution that enables live online editing of a file by two or more people? If so, your ideal solution would include, in addition to editing, track changes capabilities and archived versions of files.

Device Synchronization

For companies with mobile work capabilities, a file sharing solution that syncs data on your desktops, laptops, and mobile devices is helpful. You can access up-to-date data at all times, on any device.

If your goals are focused on secure file transfers and occasional file sharing links, then you should concentrate your search on "FTP hosting services". If your goals are focused on collaborative editing and device synchronization, you should concentrate your search on "EFSS services".

How Does Hosted FTP Compare to Alternatives?

Download this page as PDF

If you’re shopping for file sharing solutions, you know there are a number of options available to buyers. Let’s look at how a hosted FTP solution stacks up against other popular choices.

Compared to EFSS Providers

Other file sharing alternatives or EFSS (enterprise file synchronization and sharing) solutions like Box, Dropbox, Egnyte or ShareFile might seem like appealing options, but many of these options lack the security and controls needed to truly keep your data safe. These services also do not support the Explicit FTPS or SFTP protocols for automated transfers.

And, there is a big cost factor to choosing EFSS vs. FTP. EFSS services charge from $15 to $30 per user, per month, so the costs for a medium-sized business to acquire EFSS could easily be $3000 per month. On the other hand, FTP services will give you unlimited users for as little as $250 per month.

Compared to In-House Infrastructure/Server

An in-house FTP solution is one that a company builds and maintains internally. But, there a number of requirements that come with building your own in-house file sharing solution, including:

Purchasing dedicated hardware and maintaining it.

Selecting an operating system and maintaining it.

Licensing FTP or SFTP server software (typical cost $3000-6000).

Ongoing FTP/SFTP server software maintenance (usually 25% of license fee annually).

Securing the solution behind firewalls so that it can be accessed over the public internet, but is isolated from the rest of your in-house servers.

Doing it yourself requires a vast amount of work and a large upfront investment. When you trust a hosted FTP solution, like FTP Today, you simply sign up, pay a small monthly fee, and you will be securely sharing files in no time. The software is always up to date and secure. You have no maintenance responsibilities whatsoever.

Compared to Similar Providers

When it comes to a comparison with other providers, it can feel like all your options are basically the same. But, not every hosted FTP solution was created equal. There are a number of evaluation categories you should think about when choosing an FTP including:

  • Security
  • Software Compatibility
  • Folder Access Permissions
  • Administrative Roles
  • Event Triggers
  • Branding
  • Auditing

Solutions like ExaVault, SmartFile, or BrickFTP should all meet your basic needs, but FTP Today is the only solution that meets them all with a heavy focus on security.

Is a Cloud-Based FTP Solution Safe?

Download this page as PDF

Because the cloud is still so new, many people wonder if it’s the most secure FTP solution available. Learn more about two FTP cloud options, how they compare to each other, and how they compare to having a physical FTP server in-house.

Private Cloud

Private cloud solutions, an option offered by some FTP hosts today, are not shared network environments. Your IP address assignments are managed and controlled by the FTP host, not the cloud provider.

Security is not a concern due to the dedicated firewall around the networks and the expertise of the FTP host. In this setup, there are either multiple physical hosts dedicated to one company or a pool of isolated resources exclusive to the FTP host’s clients. Though resources might be pooled, your data is stored behind a fortified network.

Public Cloud

Some FTP service providers live on a public cloud. Public cloud solutions, though they may come with a smaller price tag, open companies up to potentially large security vulnerabilities. These public cloud services, like Amazon Web Services or Microsoft Azure, are available to anyone and the resources – like networks – are shared by all users. IP addresses are randomly assigned, without any inherent network isolation.

In-House Server

Building and maintaining your own in-house, physical server can be a costly enterprise. While the network remains exclusive to your company, you’re responsible for all costs, like software updates, physical hardware, security measures like a firewall, ongoing maintenance, and any additional personnel. It’s often too high a cost for many companies to keep secure.

What Kind of Control Can I Have Over Users?

Download this page as PDF

Secure file sharing starts with your internal controls – who has access to data and for what purpose. One of the most crucial FTP features to consider are the granular access controls. Consider the following controls, and look for an FTP host that can accommodate your needs.

Secure Protocol Enforcement

Ensure users are only sharing files using secure protocols, like FTPS or SFTP, based on your company’s file sharing standards.

See a Sneak Peek >

Country Access Restrictions

Restrict access to your secure FTP by IP address, verifying that the only users accessing your files are based in approved locations.

Sneak Peek >

Multiple Authentication Methods

For an added layer of security, engage multiple authentication methods, like a password and/or an SSH-key. An SSH-key is typically used for scripted (automated) SFTP connections. A public key for the file sharing solution is matched to a user’s key before file access is granted.

Sneak Peek >

Multi-Factor Authentication

Require your users to enter a OTP (one-time password) delivered via SMS (text message) or a connected email account. With top secure FTP solutions, requirements for multi-factor authentication can be determined on a user-by-user basis.

User IP Restriction

Going a step further than country access restriction, you can set IP restrictions on a user-by-user basis, too. Even if a password is compromised, a hacker won’t be able to use it from a non-approved location.

Sneak Peek >

Password Enforcement

Weak passwords are a huge threat to secure file sharing. Set password enforcement requirements for your FTP solution, including password edits and resets, strength, expiration, and new user password establishment protocols.

Sneak Peek >

User Permissions

Determine who has the power to access, download, upload, delete, and copy files. These user permissions ensure only those who need to be altering files are capable of doing so.

Sneak Peek >

Is the FTP Solution Regulatory Compliant?

Download this page as PDF

When you’re looking for the best FTP software, keep your compliance needs in mind. This is essential for avoiding risks like large fines, loss of business, damage to your reputation, and in extreme cases, jail time. Do any of the following types of compliance impact your secure FTP needs?

ITAR (International Traffic in Arms Regulations)

The protection of defense related articles is imperative under ITAR. Be sure to select an ITAR compliant file sharing host that operates exclusively in the United States and provides granular access controls, especially IP address restriction by country, that keep your files out of the hands of foreign persons or nations.

HIPAA (Health Insurance Portability and Accountability Act of 1996)

Digital PHI (protected health information) is a valuable commodity for hackers, making it essential that you have a HIPAA compliant FTP solution. To ensure the file sharing solutions you’re considering support HIPAA compliance, look for these features:

  • Access Controls: Unique User Identification, Emergency Access Procedure, Automatic Logoff, Encryption, and Decryption
  • Audit Controls
  • Integrity Policies
  • Person or Entity Authentication
  • Transmission Security: Integrity Controls and Encryption

PCI DSS (Payment Card Industry Data Security Standard)

Payment card data is one of the most vulnerable forms of data today. So, your PCI DSS file sharing solution should have the strictest security measures to help you align with this standard. There are 12 requirements for specified for PCI DSS compliance, and FTP Today has features that directly address each one.

1

Install and maintain a firewall configuration to protect cardholder data.

2

Do not use vendor-supplied defaults for system passwords and other security parameters.

3

Protect stored cardholder data.

4

Encrypt transmission of cardholder data across open, public networks.

5

Use and regularly update anti-virus software on all systems commonly affected by malware.

6

Develop and maintain secure systems and applications.

7

Restrict access to cardholder data by business need-to-know.

8

Assign a unique ID to each person with computer access.

9

Restrict physical access to cardholder data.

10

Track and monitor all access to network resources and cardholder data.

11

Regularly test security systems and processes.

12

Maintain a policy that addresses information security.

Can a Hosted FTP Solution Maintain My Brand?

Download this page as PDF

Many file sharing solutions are simply stock products. They look the same regardless of the company using it. While this may not impact basic functionality, it can impact how you represent your company. Ensure you choose a branded file sharing solution, like the one offered by FTP Today, to provide your users and clients with a seamless flow between your company brand and the file sharing solution you use.

With FTP Today, you can customize in the following ways:

Add your logo to your web browser login and file transfer screens.
Select custom colors for the Web UI to match your logo and company branding.
Choose the White Label option and eliminate the "Powered by FTP Today" from the Web UI.
Use a dedicated IP address and customer SSL certificate to maintain site identity.

Do you want more information on FTP Today’s solution?

Contact Us to Learn More