Is Secure File Transfer Protocol (SFTP) Its Own Worst Enemy?

by David Fletcher on August 2, 2016

SFTP or Secure File Transfer Protocol has long been a de facto standard for secure file transfer.  Originally designed by the Internet Engineering Task Force (IETF), this extension of the Secure Shell protocol (SSH) 2.0 provides secure file transfer capabilities over the SSH network protocol.

In a nutshell, SFTP encrypOwn Worst Enemyts your data and moves it through an impenetrable encrypted tunnel that makes interception and decoding virtually impossible. While incredibly useful for business-to-business data sharing, SFTP poses a problem in our security-conscious world. Oddly enough, the problem is that SFTP works too well.

Let me explain. SFTP works so well that no one can see what’s being transferred—not even the people who need to see it for security reasons. Case in point: Edward Snowden. No matter what your thoughts on the subject, the fact is that Snowden used his privileged user status to transfer and steal sensitive files. Why was he able to do this? Because no one could see what he was doing. As a “privileged user” on the network, he had extensive access to sensitive files—files that he was able to transfer about, as he desired, without detection.

In addition to the threats posed by unscrupulous privileged users, there’s another threat that’s cause for alarm. It’s called Advanced Persistent Threat (APT).  Basically, an APT is a ceaseless, sophisticated attack carried out by an organized group to accomplish a particular result—typically, the acquisition of information. The classic APT mode of operation is to doggedly steal the credentials of privileged users. The purpose, of course, is to gain unfettered access to sensitive or secret data. Once “in,” these APTers can transfer data and steal it without detection.  On a side note, Snowden used some of these APT tactics to steal credentials and validate self-signed certificates to gain access to classified documents.

APTs are often discussed in the context of government, but let me be clear: Companies are also a primary target. Take the recent Wall Street Journal article about a foreign government stealing plans for a new steel technology from US Steel. Such behavior is just the tip of the iceberg when it comes to how far some entities will go to steal information and technology.

So given that transferring files is an essential business operation, what can you do to protect your organization from these dangerous threats? At Micro Focus, our customers are asking for a holistic approach to secure file transfer—one that provides more visibility, flexibility, and control. That’s why we’re introducing Reflection® for Secure IT Gateway. This new SSH-based solution sits between the user and the SFTP server, and acts as a central point of control. Its job is to track every file going in and out of your enterprise, including who transferred it and what’s in it.   It also provides the ability to essentially offload files and allow for 3rd party inspection and can then either stop the transfer and notify if something seem amiss or complete the transfer as required.

Reflection for Secure IT Gateway comes with a powerful browser-based interface that you can use to accomplish a number of transfer-related tasks:

  • Expose files for inspection by third-party tools
  • Automate pre- and post-transfer actions
  • Grant and manage SFTP administrator rights
  • Provision users
  • Configure transfers
  • Create jobs for enterprise level automation
  • Delegate tasks

Read more about Reflection for Secure IT Gateway or download our evaluation software and take a test drive. Learn how you can continue to benefit from the ironclad security of SFTP while also gaining greater file transfer visibility, flexibility, and control.

Previous post: