%20Logos%202022/sharetru-white-logo.svg){kind=logo}
Why Sharetru?
Platform
It can be difficult to tell how a particular myth actually begins. Sometimes it's a simple as a small bit of misinformation that gets passed around enough times until people start to believe it as fact. This is very true in the world of FTP hosting providers, where a number of peculiar myths exist. These common myths are not only turning people away from a completely viable service, but they're also harming the reputation of the technology in general. These myths are often propagated by "FTP alternatives" who are trying to sell their own software or service as if it was a better method of file sharing.
Not only was FTP always designed to be a sure file sharing solution from its inception, but it also offers a huge number of security provisions that many similar types of file sharing technologies do not. Few other services allow you to create user accounts with unique levels of access permissions, for example, giving you complete control over who is accessing a piece of data, where they're accessing it from and why they wanted to get to it in the first place.
Another common myth is that FTP in general does not support encryption. In reality, the reverse is true: While the original FTP protocol created in 1971 did not provide encryption, neither did HTTP on the world wide web in the 1990's. In fact, most Internet protocols, like SMTP, POP and IMAP used in email, were created before encryption mechanisms were even thought necessary.
Security concerns came along later. Just like HTTPS, FTPS is an extension of FTP that uses SSL encryption in transit. This is the same encryption standard protecting your online banking and ecommerce transactions. Another protocol, SFTP, supports a slightly different form of in-transit encryption called SSH. Some FTP hosting providers also support at-rest encryption on the FTP server itself, making sure that your data is completely secured at all times regardless of the state that it is currently taking.
Another incorrect piece of information that people believe is that FTP is subject to packet sniffing during the transfer of data due to limitations inherent in the technology. In reality, with in-transit SSL or SSH encryption this is not possible -- as long as both control and data channels are encrypted. But, even though protocol allows the FTP client to choose whether channels are encrypted via SSL, it is a simple matter for those administering the FTP server to enforce that the client not use unencrypted channels.
For some reason, people think that FTP is natively vulnerable to things like bounce and spoof attacks. That may have been true at one time in the early 1990’s, but protections have long since been implemented. Those managing FTP servers should always keep them patched and updated. By outsourcing your FTP server to expert FTP hosting providers, you can be relieved of any responsibility for monitoring new vulnerabilities and applying system patches.
Brute force attacks are when a hacker tries many combinations of usernames and passwords in an attempt to gain access to a system login account. By enforcing password strength and expiration, especially if you allow end users to choose their own passwords, FTP hosting providers can assure that passwords are not easy for hackers’ automated tools to guess. In addition, any suspicious activity can be immediately identified and protected against by the IT professionals working at the provider level. By including advanced features like the ability to create black lists based on IP address or even country of origin, FTP providers can go a long way towards making sure that brute force are things you don't have to worry about at all.
