Solved

sftp pros and cons

Posted on 2014-11-19
3
279 Views
Last Modified: 2014-11-20
We have some employees who send data to a 3rd party for processing via an SFTP server (that they own). Data isnt hugely sensitive but needs a degree of security assurance. there is a proposal to decommission the SFTP server and replace it with a web based application/portal. We don't know much about the configuration of the web portal as yet, but their tech team claim it is more secure than SFTP. From a laymans management perspective, what kind of features would you look for in terms of a web based app to ensure its more secure than SFTP? Does SFTP have its flaws? What data transfer protocols are seen as more secure (if any?)... Appreciate if you could keep your answers at any entry level so we are blinded with technical jargon, we just want to understand the risks...
0
Comment
Question by:pma111
  • 2
3 Comments
 
LVL 6

Accepted Solution

by:
Sir Learnalot earned 500 total points
ID: 40452648
SFTP is secure and relies on the SSH protocol... however a web application (IF AND ONLY IF) setup properly can be more secure. For example you can add dual layer authentication (requiring users to use something additional to a username and password to login).
0
 
LVL 6

Expert Comment

by:Sir Learnalot
ID: 40452662
Ofcourse like anything, sftp has its flaws. For example SSH vulnerabilities (e.g. heartbleed) have been discovered before, but that doesnt mean a portal is immune to threats. Overall, I would recommend making the switch if you trust the tech team to do a good job and to setup dual factor authentication
0
 
LVL 26

Expert Comment

by:Dr. Klahn
ID: 40454541
My two cents worth:

Relying on the support (and more importantly, the goodwill) of an outside team is eventually going to be trouble.  Sooner or later, somebody will leave and it will be necessary to instantly find a different solution.

Eventually just about every encryption method in wide use is either broken or compromised.  Witness WEPcrack and the WPA Protected Setup exploits.

The security in a data transfer application lies as much in the constant support of an experienced team as it does in a secure protocol.  When the protocol is broken, as it eventually will be, quick response is required.

There are more hostiles trying to compromise Web data transfer than there are trying to compromise SFTP.

Trying to fix a security hole in every web server on the planet would be a support nightmare and could take a good long time if the software was "turnkey corporate".

If the data is critical, send it over an encrypted VPN using a strong encryption method.  Then encrypt it again over the VPN connection using SFTP or a secure web server.  Package the information using ZIP or RAR and encrypt the file.  Just because you're not paranoid doesn't mean somebody is not out to get you.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question