What is FTPS?
FTPS (File Transfer Protocol Secure) is an extension of the popular File Transfer Protocol that supports Transport Layer Security (TLS) and the new defunct Secure Sockets Layer (SSL).
Broadly speaking, FTPS is a secure file transfer protocol that allows businesses to connect securely with their trading partners, users, and customers. Sent files are exchanged through FTPS and authenticated by FTPS supported applications such as client certificates and server identities.
How does FTPS work?
FTPS supports file transfer encryption through algorithms like AES. Together, FTPS utilizes various security measures and encryption strategies to connect with foreign servers and verify authenticity.
FTPS can help enterprises achieve cybersecurity compliance requirements such as HIPAA, PCI DSS, SOX, 23 NYCRR 500 and other state regulations.
Encrypting identifiable information is key to secure data management and fulfilling compliance requirements. FTPS uses TLS to secure server connections, shielding important identifiable data like issuer names, subject names, public key information, and signatures. FTPS then uses X.509 certificates to authenticate connections between encrypted servers.
One of the most commonly cited faults of FTPS is its difficulty connecting through highly secure firewalls. FTPS employs multiple port identifiers for implicit and explicit connection types, necessitating the opening of new ports every time a file transfer request or directory listing is entered. An overabundance of port requests can put a system at risk if proper risk management strategies are not in place.
While FTPS is far more secure then basic FTP, other secure file transfer protocols exist, such as the popular public key authentication SFTP. Every system is unique, and understanding the difference between these technologies is key to successfully managing your security regime.