[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 299
  • Last Modified:

Best way to share files securely over the internet

Hi Guys, i got a question here. My company need to share work files over the internet with another company. It should be web based. May I know which is the best method of doing this? I do have Citrix or I can set up a Windows 2003 FTP server. Should i setup another File server as these files are sensitive and lock down that file server using local policy and publish it thru Citirx? Please advise.
0
totallypatrick
Asked:
totallypatrick
1 Solution
 
SandeepratanCommented:
imo, you can use the windows server 2003 FTP with strong passwords, you do not need to setup another file server as you can use windows permissions to secure your folder from all unwanted users on the network, a more secure option is setup a sftp on some linux machine if you have to make it more secure then ftp.  
0
 
CSIPComputingCommented:
I used to transfer quite sensitive pricing files from a large corporate, and the ONLY method they would accept was SFTP, which encrypts the data in flight.  Beware, FTP traffic can be sniffed, and it if's not encrypted, your data can be stolen.

Rather than having to install a linux box, the very respected WS_FTP Server has an SFTP option.  It's a purchase, but it secures your data - the cost is insignificant when you consider the cost of your data being stolen.
0
 
AlexPaceCommented:
The 30 day free trial of Robo-FTP Server is super easy to get going in SFTP mode because it can generate its own SSH keys.

1. Download from here: http://www.robo-ftp.com/download/
2. Install the software then run the "Server Console" ... click thru the 30day eval stuff at the beginning.
3. Click the "Install" button to start it as a Windows Service under the default Network Service account
4. Click the "SFTP Server" menu, switch to Server Keys tab, create both keys then click "Apply" button
5. Switch back to "General Settings" tab, choose root folder then click "Start SFTP" button
6. Click the "Users" menu, click "New" button, type user name, select SFTP
7. Click "SFTP Logon Details" and set password and user's home folder then click "OK" then "Apply"

Now you have an SFTP server!

SFTP is easier for network administrators than FTPS because it uses a single TCP/IP port for both the protocol-level commands and the actual data transfer.  FTPS is just as secure and probably more common but, like FTP, it requires both a control channel and a data channel... and when the control channel is encrypted the firewall can't "sniff" it to open the data channel on the fly as they often do on unencrypted plain FTP connections.
0
 
joharderCommented:
If you set up this content within Citrix, the user(s) from the other company will need to successfully authenticate in order to access these files.  Their authentication would be controlled by means of Active Directory, whereas FTP solutions typically just assign a userID/password based on permissions on that server.  The latter may or may not be enough security for these files.
0
 
AlexPaceCommented:
For the best security you can set it up so the client uses an SSH key instead of a password for SFTP authentication.  This is better than having a 100 random characters in the password.  Only some banks require this level of security.
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now