Solved

Best way to share files securely over the internet

Posted on 2011-09-08
5
287 Views
Last Modified: 2012-05-12
Hi Guys, i got a question here. My company need to share work files over the internet with another company. It should be web based. May I know which is the best method of doing this? I do have Citrix or I can set up a Windows 2003 FTP server. Should i setup another File server as these files are sensitive and lock down that file server using local policy and publish it thru Citirx? Please advise.
0
Comment
Question by:totallypatrick
5 Comments
 
LVL 2

Expert Comment

by:Sandeepratan
ID: 36501712
imo, you can use the windows server 2003 FTP with strong passwords, you do not need to setup another file server as you can use windows permissions to secure your folder from all unwanted users on the network, a more secure option is setup a sftp on some linux machine if you have to make it more secure then ftp.  
0
 
LVL 10

Accepted Solution

by:
CSIPComputing earned 500 total points
ID: 36502152
I used to transfer quite sensitive pricing files from a large corporate, and the ONLY method they would accept was SFTP, which encrypts the data in flight.  Beware, FTP traffic can be sniffed, and it if's not encrypted, your data can be stolen.

Rather than having to install a linux box, the very respected WS_FTP Server has an SFTP option.  It's a purchase, but it secures your data - the cost is insignificant when you consider the cost of your data being stolen.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36503947
The 30 day free trial of Robo-FTP Server is super easy to get going in SFTP mode because it can generate its own SSH keys.

1. Download from here: http://www.robo-ftp.com/download/
2. Install the software then run the "Server Console" ... click thru the 30day eval stuff at the beginning.
3. Click the "Install" button to start it as a Windows Service under the default Network Service account
4. Click the "SFTP Server" menu, switch to Server Keys tab, create both keys then click "Apply" button
5. Switch back to "General Settings" tab, choose root folder then click "Start SFTP" button
6. Click the "Users" menu, click "New" button, type user name, select SFTP
7. Click "SFTP Logon Details" and set password and user's home folder then click "OK" then "Apply"

Now you have an SFTP server!

SFTP is easier for network administrators than FTPS because it uses a single TCP/IP port for both the protocol-level commands and the actual data transfer.  FTPS is just as secure and probably more common but, like FTP, it requires both a control channel and a data channel... and when the control channel is encrypted the firewall can't "sniff" it to open the data channel on the fly as they often do on unencrypted plain FTP connections.
0
 
LVL 15

Expert Comment

by:joharder
ID: 36512052
If you set up this content within Citrix, the user(s) from the other company will need to successfully authenticate in order to access these files.  Their authentication would be controlled by means of Active Directory, whereas FTP solutions typically just assign a userID/password based on permissions on that server.  The latter may or may not be enough security for these files.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36512118
For the best security you can set it up so the client uses an SSH key instead of a password for SFTP authentication.  This is better than having a 100 random characters in the password.  Only some banks require this level of security.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now