If you know information security, then you know secure FTP – most organizations use these servers to exchange information with their partners securely. The problem is that hackers know that too.
By 2021, the costs of cybercrime damage will hit $6 trillion annually and it will more than triple the number of unfilled cybersecurity jobs to 3.5 million. Not only is it a rapidly rising problem, but your lack of personnel leaves your information at risk.
Here are 5 tips to get your server back on track and keep your information safe – before you run into the worst-case scenario.
1. Ditch Standard FTP
If you’ve still got that standard FTP from 30 years ago, it’s time for it to retire to the big computer in the sky.
FTP simply isn’t equipped to deal with modern security risks, and because of the lack of privacy and integrity in the system, it’s easy for a hacker to piggyback and steal your information while it’s in transit.
There are several options available instead. Professionals recommend FTPS, SFTP or both.
2. Gate It
Or rather, use a gateway, also known as an enhanced reverse proxy.
Many organizations like to use the DMZ segment of the network to store their FTP servers. The problem with that is that the DMZ faces the public internet – in other words, it’s the most vulnerable place for data to be stored.
An increasingly popular approach is the DMZ Gateway, and it works the way it sounds. When you install the Gateway software, a private control channel is opened from the server to the DMZ startup which trading partners can connect to in order to receive data from the session.
3. Use Something Stronger Than “Password”
Seriously, if it seems obvious to you, it’s obvious to a hacker.
What makes a strong password? First, it should be at least seven characters long and include letters and numbers as well as one special character. Second, passwords should be updated at least every 90 days – and don’t try to reuse old passwords.
Let’s say you’re mariettavetclinic.com. If your password is mariettavetclinic, your password is weak. If your password is ClinicVets123!, then you’re in business.
4. Use – and Lock – Good Account Management
As a general rule, don’t create OS-level accounts for your trading partners – it creates a pathway to other server resources.
In-company accounts should also be monitored, meaning no anonymous users or shared accounts. Once these appear, it becomes easier for a hacker to slip into your secure FTP unnoticed.
Administration of your server should also be limited to a set number of users with multi-factor authentication.
5. Think Black(lists) and White(lists)
IP blacklists and whitelists that is.
An IP blacklist works like any other blacklist – it blocks a range of IPs from accessing your system. For example, you could block IPs from certain countries.
A whitelist works the other way – it grants system access only to specified IPs, such as your trading partners.
Secure FTP with SiteUptime
Your website is the front for your business – as long as your customers can reach it.
SiteUptime provides free and advanced remote monitoring services to keep your site up and running without a hitch, including our Multi-Check technology, which allows us to ensure your site is accessible from multiple internet points.