The Difference Between FTP and SFTP

It security compliance

All businesses need a way to transfer files among various computers and servers throughout its network in order to update sites and to make it easy for employees to access important information. Many companies deal with data that isn’t necessarily considered private, and therefore don’t worry as much about protecting the information that is shared over the network. Others, however, store tons of personal customer information, including names, addresses and financial accounts, and need to ensure that this data is protected from potential threats. Two common file transfer services that are used to accomplish these tasks are FTP and SFTP, and while they may sound familiar, many don’t know the difference between them.

FTP

FTP, or File Transfer Protocol, is a form of easy file transfer that allows files to be shared over a network. Through an FTP server, users are able to download information from the server to their computer, or they can upload information from their computer to the server. While this is an extremely popular method of transferring files that has been around for a long time, it does have its flaws. FTP is generally not a secure way to send or receive information. Although it often requires users to input a username and password before granting them access, files are sent in plaintext and are therefore vulnerable. Plaintext means that the information in the files is as it appears and can be ready by anyone.

SFTP

SFTP, or Secure File Transfer Protocol, also provides easy file transfer services, however it is a more secure method of uploading and downloading information. An SFTP server uses a secure data stream to transfer files. Files that are sent over this data stream are encrypted, or hidden, so that only users with the decryption code can access the files. While they serve similar functions, FTP and SFTP are actually two completely different programs. FTP uses two different channels to exchange files, while SFTP uses only one secure stream for the entire uploading and downloading process.

Although FTP is the traditional method of easy file transfer, it doesn’t provide the secure file transfer services that SFTP does. Companies that store or share private information should be using SFTP to ensure that data is protected and to decrease the chances of a security breach.

About: Ed