Majority companies are now using the FTP hosting servers in order to
exchange their personal information with other partners. Therefore, these
servers are always hacker’s targets that ultimately put these FTP hosting servers at stake of data
breaching. So, if you want to make your server compliant and secure for your
organization, here we have come up with some tips.
1.
Ensure Strong
Encryption
The encryption ciphers are available in secure SFTP hosting services in order
to protect data while transfer. The ciphers are a complex of algorithms
carrying data and key. So, disable all outdated ciphers and ensure the use of a
new and stronger one.
2.
Implement All IP Whitelists
And Blacklists
The IP blacklists removes wide ranged IP
addresses whether they are permanent or temporary. Such as, they offer you the
blockage of different countries from accessing your data. It also includes
another option that is the access of data to some particular IP addresses. The
only problem with this whitelist is that your partner must have one fixed IP.
3.
Manage A Good Account
It is very risky to make OS level accounts for
file transfer as it allows access of different resources to server. Moreover,
the FTP application and user credentials must be separate and access of shared
accounts or anonymous users must be strictly prohibited. Make some general
rules including user name with at least 6-7 characters or account disability
after 180 days of inactivity.
4.
Place One Gateway
Behind
Most organizations use DMZ as their network for
storing FTP servers. As DMZ is public internet, it is liable to be attacked. It
is better to move user credentials and files on some private network that are
mostly safe. DMZ gateway is also a good option offering secure SFTP hosting service.
No comments:
Post a Comment