Data Transfer Security

Added Data Transfer Security

In addition to securing data transfers through a secure channel (SFTP, FTPS, SCP, etc), the data files should be encrypted (PGP, Winzip, etc).  This ensures that even if the files were transferred to a wrong recipient, the recipient would not be able to decrypt the contents without the file encryption keys.

SFTP vs SCP vs FTPS

FTPS is FTP using the SSL protocol for encryption. This is different from the SCP/SFTP family of protocols which use SSH as their transport tunnel. You will usually use the same client programs for scp and sftp (WinSCP for instance; SFTP is an upgraded version of SCP), whereas you usually use a web browser or web Download manager (like filezilla) for FTPS. FTPS is web-based, whereas SFTP is based on secure shell protocols pioneered on *NIX systems.  FTPS use has been waning for a very long time now, and is usually used in niche circumstances these days.  The SSH family is a set of protocols focused on server administration and remote access to the servers processing capability, rather than simple content distribution. it would allow privledged users of a system to connect to a shell to perform work on the server itself, and many file management tasks related to that work involve transferring files between the localhost and the server, which is why SCP and eventually SFTP were developed.

References:

http://www.codeguru.com/csharp/.net/net_general/internet/article.php/c14329/FTPS-vs-SFTP-What-to-Choose.htm

http://superuser.com/questions/677966/ftps-versus-sftp-versus-scp

Data Transfer Security

Leave a Reply

Your email address will not be published. Required fields are marked *