Short for "SSH file transfer protocol," but often dubbed "secure file transfer protocol," SFTP is a technology used by millions of people all over the world to securely share files, collaborate on projects and house information in the digital space for the purposes of both productivity and efficiency on a daily basis. Making the decision to move your business into the world of SFTP in the first place is an important first step towards keeping your information protected and guarding your employees, your clients and ultimately your entire operation from harm. It is just that, though - a first step.
What You Need to Know About Your SFTP Provider
Many people unfortunately think that by going with SFTP they've "done enough" as far as protecting external files is concerned. What these people fail to realize is that while the technology underneath is solid, it is ultimately the features, the policies and the actions of the provider in question that will allow you to rest easy at night knowing that you've taken every last step available to you to keep that information protected.
Case in point: encryption. Just by virtue of the fact that you're using SFTP at all, your external files are encrypted, right? Not necessarily - there are two key types of encryption that you need to concern yourself with in this case: at rest encryption and in transit encryption. In transit encryption encodes data as it is being either sent from a computer in your office to a server or is in the process of making its way from that server back to your physical location. If someone were to intercept those packets of information during transmission, the information contained inside would essentially be unreadable without the associated encryption keys.
But what happens when that information has reached its destination (the SFTP server)? What if someone with malicious intentions were to gain access to your SFTP server? Would they have unfettered access to everything contained on it, giving them the ability to steal a much larger volume of data than they would have if they were just intercepting your transmissions in the first place? Without at rest encryption, this would very much be the case - and your business would be looking at a world of trouble before you even realized that you had a problem. If you think that it's concerning that not all major SFTP providers offer advanced features like at rest encryption, you are very much correct.
This is just one of the many examples of a situation where your SFTP provider could be opening your entire operation to the type of harm that most small businesses can never recover from. Is your SFTP provider doing everything that it can to protect your external files? Use the quiz below to find out now.