Types of Secure File Transfer Encryption


Millions of files with sensitive health, financial and legal information are sent every day around the world. Encryption keeps the information away from attackers and prevents identity theft, fraud and other crimes.

What Is Encryption?

Encryption is a method of making information unreadable to anyone besides the intended recipient. It keeps attackers from eavesdropping on conversations and stealing valuable financial or health information.

How Does Encryption Work?

When a message is encrypted, the original message (plain text) is scrambled to create an unreadable message (cipher text). After the intended recipient receives it, they decrypt the message to make it readable again.

To send and receive encrypted messages, both parties must use a key. According to Norton, a key is “a collection of algorithms that scramble and unscramble data back to a readable format.”

As a managed file transfer (MFT) company, we provide our customers with three types of encryption for security: encrypted protocols, file-level encryption and storage encryption.

Encrypted Protocols

We recently phased out support of file transfer protocol (FTP) client and server endpoints in our platform because FTP does not encrypt files during transfer. Anyone who uses FTP is at a higher risk for a man-in-the-middle attack or other types of eavesdropping attacks. Unlike FTP, FTP over SSH (SFTP), FTP over SSL (FTPS) and HTTPS encrypt files during transfer.

With FTP transfers, the username, password and data are sent in plain text, leaving the server and the files vulnerable. Some FTP servers do not require a username or password, which is even less secure.

SFTP uses SSH, or Secure Shell, to encrypt the files and send them over a secure channel. To transfer files with SFTP, the user logs into a client to authenticate themselves.

FTPS encrypts the username and password and sends files over an encrypted channel. Specifically, FTPS uses Transport Layer Security (TLS) to secure the channel. TLS uses certificates to check that the user is connected to the right server.

HTTPS and HTTP are both used to send data between web browsers and websites. Unlike HTTP, which sends information in plain text, HTTPS uses TLS to encrypt data.

You can see an example of HTTPS in most website browsers if you click the padlock icon next to the URL bar. If you click “Certificate,” you can view details such as who it was issued to, who it was issued by, etc.

File-Level Encryption

In addition to using secure protocols, we encourage our customers to use PGP, or file-level, encryption to protect the file itself. PGP stands for Pretty Good Privacy, and it was invented in 1991.

PGP works by using two keys – one public and one private. The public key is shared with anyone and used to encrypt the message. The private key is never shared and decrypts the message.

Here is an example:

  1. Bob wants to send a file with Alice, so he asks for her public key.
  2. He uses her public key to encrypt the file before it is transferred.
  3. He transfers the file with SFTP.
  4. Once she receives it, she uses her private key to decrypt the message.

By using an encrypted protocol and PGP encryption, Bob’s file transfer to Alice is protected from end-to-end.

File Storage Encryption

After files are transferred, some of our customers store them in the cloud for weeks, months or years to satisfy legal or business requirements. All data stored in Thru is encrypted by AES 256-bit encryption to protect our customers’ data.

Giving our customers multiple layers of encryption is not enough to protect their data and ensure business continuity. We take more measures to meet their file transfer security and compliance requirements.




Have questions about managed file transfer?

Get answers, not a sales pitch. Our experts have analyzed, discussed and solved difficult file transfer challenges since 2002. We are here to help you.

Scroll to Top