I was trawling the Internet this evening and couldn’t help but let you know about this little piece of history I found.  Not that I’m one to harp on about the good old days but some of the people working within the pre-media industry now are too young to have even worked with ISDN, to remember how easy it was to get files to and from customers.  There was only one way of sending files via ISDN - 4-Sight or Hermstedt.

For those old timers in the industry who remember using ISDN here’s an article by John Henshall called “SAY GOODBYE TO THE WORLDWIDE WAIT“.  It gives a good insight into what ISDN did for the graphic arts industry and is a completely nostalgic trip down memory lane.  Written in 2000 it really wasn’t that long ago either, shows how quickly technology and in particular file transfer technology moves forward!

As the last supplier of ISDN products to the graphic arts and prepress industry I feel its our duty to provide for users a bit of the history of file transfer.  John’s story reflects the position of many graphics businesses of the time who wanted to reduce the time to market and reduce the cost of sending disks, scans and other images using couriers.

Bookmark It

Hide Sites

What is an FTP server and why do I need a secure FTP server?

It’s worth giving a bit of background to FTP by answering these two valid questions to start off with.  An FTP server is essentially an area on a computer to which remote users have access to upload and download files from and to using an FTP client or other compatible FTP software.  Security is a concern if the data you want to send, host or download is confidential, personal, financial or could affect the outcome of your business in any way.

Setting up an FTP server and its limitations….

To set up an FTP server you require a computer, operating system and FTP server software.  Generally speaking FTP servers are quite basic in their make up, many operating systems already have them built in for example Microsoft Windows or Apple’s OSX.

The problems with standard FTP servers are not just down to the inadequacies of the server or delivery protocol itself but frequently how they’ve been installed.  The two main issues are:

Installation - this is usually error number one for many users and the most fatal flaw when installing an FTP server.  If you’re going to set up an FTP server install it in a Demilitarized Zone (DMZ) which is an area outside your network but accessible by your internal computers.  The reason for this - well if you go and set up an FTP server internally on your network…. inside your network then its likely you’ll suffer problems…read on.

Authentication - during FTP communications passwords are sent by the client to the server in plain text which basically means it can be read by other, less unscrupulous . So it’s worth considering using a secure FTP server like a StingRay or a secure FTP protocol either FTP over SSH or SSL

Scenario - OK - lets assume at this stage that you’ve set up an FTP server on a Windows PC for example running inside your network.  Your customers are uploading files using FTP to your server and everybody’s happy.  Right?  Wrong!  As noted previously on this blog FTP server username and passwords are stolen, bought and sold.  There are even video’s on Google Video on How To Hack A Windows Server! The thing is, when someone has access to your server which, probably wouldn’t take a determined person long, then as the server is inside your business they have access to everything…… your whole network is insecure!

Installing your FTP server in the DMZ is the first step this way the rest of your network is secured but then what about the data on your server?  Well that’s fair game if it’s sitting there and its still likely that it could be used to bridge the firewall to your network.  How?  Well the key thing here is your Operating System and the fact that files can be executed on your Mac or PC for example.  Once a file is on your server and it auto-runs or unknowingly you open it then BINGO they have control of your FTP Server - a Trojan Horse attack.

So what’s the answer…..?

We’ll clearly I’m going to mention StingRay at this point but these are the very valid reasons why StingRay is a fantastic FTP server:

Firstly, StingRay FTP Server is built on Linux.  Why’s this good?  Well Linux is by developers, for developers and with good reason there are limited numbers of malware applications that can attack your server.

Secondly, StingRay FTP Server doesn’t allow files to be executed or opened on the ftp server appliance.  The functionality has been removed from the operating system.

Thirdly, StingRay FTP Server has two Ethernet ports, one for your internal network and one for the Internet or DMZ.  Why is this important?  Well the routing between the two ports has been removed meaning that if someone were to gain access to the server then they wouldn’t be able to gain access to your network as well.

Fourthly, each StingRay FTP Server has a unique, encrypted root password meaning that if one StingRay user ever found out their root password (which they wouldn’t be able to) then they wouldn’t be able to hack any other system.

If you’re looking for a secure file transfer appliance then StingRay is a serious consideration.  There’s more on the Hermstedt Web Site on security if you’d like to know more, alternatively give us a call and we’ll give you details for an online server and you can check it out yourself.

Bookmark It

Hide Sites

I read with interest yesterday an article by Meg Suggs about Managed File Transfer.  To paraphrase the article Meg suggests that “Managed File Transfer is replacing FTP servers” as the solution of choice.

It got me thinking about what it was about Managed File Transfer that businesses wanted or needed?  First off Managed File Transfer is defined by Wikipedia as:

“Managed File Transfer (MFT) refers to software and hardware technologies that enable “secure and reliable exchange of documents between organizations.” In broader terms, Managed File Transfer suites enable organizations to automate, manage and secure the exchange of large volumes of data between two or more entities.”

So why the shift to Managed File Transfer?  Well I think Wikipedia sums it up pretty clearly, its a way of providing a little more management, automation and security throughout the file transfer process than you’d achieve with a standard FTP server or email for that matter.

Interestingly Meg also referred to an article written early last year about the inadequacies of standard FTP servers and how “an illegal database containing more than 8,700 stolen File Transfer Protocol server credentials including usernames, passwords and server addresses was found. The stolen information belonged to companies from around the world and the database allowed for anyone to purchase those credentials and use them to launch malicious attacks against the compromised systems”.

With information readily available on the Internet providing individuals with the opportunity to create havoc and bring down complete company IT infrastructure it begs the question, why do companies take the risk by implementing cheap file transfer solutions when the potential cost to their business is so huge?

In addition to the security considerations the business process should also be taken into account.  Long gone are the days when file transfer was a standalone function.  File Transfer should be fully intergrated with other processes within the business providing greater automation and efficiency.  As file transfer becomes more integrated its even more important that the information transmitted and stored is done so securely.

For those interested StingRay Managed File Transfer Server ticks all of the boxes and more information can be read here.

Bookmark It

Hide Sites