What Is Secure File Transfer?
Secure file transfer is the result of incorporating a combination of security measures, including encryption, authentication, access controls and auditing, to protect file-based data shared within or between enterprise networks.
Secure File Transfer Protocols
Businesses share sensitive files using common protocols such as Secure File Transfer Protocol or SSH File Transfer Protocol (SFTP), HTTP over SSL (HTTPS) and File Transfer Protocol over SSL/TLS 1.2/1.3 (FTPS). Therefore, a secure file transfer solution needs to be protocol-agnostic, meaning it can exchange a variety of files, internally or externally, regardless of transfer protocol, file type or file size.
SFTP
SFTP is a secure file transfer protocol that uses SSH to encrypt files. The connection is encrypted before any files are transferred. SFTP is one of the most used protocols for file transfers.
HTTPS
HTTPS uses the Transport Layer Security (TLS) protocol to encrypt files. Recipients can download files directly from a web browser. HTTPS file transfers are handled by our Thru Node, which is a lightweight managed file transfer (MFT) agent.
FTPS
Like HTTPS, FTPS uses the TLS protocol to encrypt files. FTPS has two modes: one explicit and one implicit. Administrators choose between the modes based on their security requirements and partners’ requirements.
Methods of Encrypting File Transfers
For complete end-to-end protection of sensitive or personal information, files are encrypted at the file level in addition to using encrypted protocols during transit and storage encryption at rest.
File Payload Encryption
How are file payloads secured?
Encrypt files all the way to its destination using the OpenPGP standard, based on Pretty Good Privacy (PGP) software. Thru’s MFT solution supports customer creation, import and management of keys and tokens.
Data Encryption in Transit
How is data in transit secured?
Encrypted protocols provide an additional level of defense when transferring files. Secure files in transit using SFTP, FTPS and HTTPS.
Secure File Transfer Protocols page »
Data Encryption at Rest
How is data at rest secured in the cloud?
All files stored in Thru cloud platform are encrypted by AES 256-bit FIPS-compliant encryption with redundant and transparent policy and cryptographic key management.
How SFTP and MFT Work Together to Deliver Files
SFTP has become synonymous with secure file transfer. SFTP servers are ubiquitously used by organizations to exchange files with partners. Relying just on SFTP alone may be adequate for some types of file transfers, but sensitive, business-critical file transactions require additional enterprise-grade protection, control and visibility.
An MFT solution enhances secure file sharing by providing this required functionality. MFT is a file transfer system that utilizes multiple protocols including SFTP and is able to act as a client or server to enable push or pull connectivity between the MFT system and its endpoints. Readily available capabilities of MFT include comprehensive end-to-end security; tracking, logging and retention settings; and high availability and disaster recovery (HADR).
Best Solution to Secure File Transfers
Many MFT solutions are available, so look for a comprehensive solution with core functionality including
- End-to-end encryption to protect sensitive information.
- Advanced authentication to validate identities of users—human, application and system.
- Role-based access controls (RBAC) to prevent unauthorized users from modifying endpoints or workflows.
- Multiple endpoints to programmatically transfer files.
Thru’s Secure Managed File Transfer Features »
Compliance and Standards
Depending on specifics of corporate governance or security requirements, deploy MFT in our cloud or in your virtual private cloud in Azure or AWS.
Compliance »
Data Center & Application
Mitigate security breaches and protect files from potential threats at every level along every step in the transfer.
Cloud & Application Security »
Automated File Transfers
Schedule or automatically transfer files within the enterprise network, outside its network or to/from an integration platform.