SBN

Best Enterprise SFTP Server Solutions [Updated for 2021]

Best Enterprise SFTP Server Solutions [Updated for 2021

We’ve found the best SFTP servers for your enterprise. When security is on the line, you want to make sure you use the best and most secure servers.

What is the best SFTP server software? The best SFTP server software includes the following:

  • Accellion
  • Solarwinds
  • Files.com
  • GoAnywhere
  • Bitvise

Top SFTP Server Providers in 2021

Services

Compliance 

File Size Limits

Accellion Kiteworks®

SFTP Transfers, Shared Links, Managed File Transfer, CISO Dashboard, Single-Tenant Cloud, DLP, Data Orchestration

HIPAA, HITECH, CMMC, FedRAMP, PCI

Up to 16TB

SolarWinds

SFTP Transfers, Single-Tenant Cloud, CISO Dashboard, DLP, Data Orchestration

HIPAA, HITECH, 

Up to 4GB

Files.com Cloud

SFTP Transfers, Shared Links, Multi-Tenant Cloud

HIPAA

Up to 5TB

GoAnywhere

SFTP Transfers, Managed File Transfer 

HIPAA, HITECH, PCI 

Up to 10GB

Bitvise

SFTP Transfers, FTPS support, SSO, Script Configuration

PCI, HIPAA, FIPS 140-2

Determined by Operating System

Modernizing Enterprise SFTP

What Is an SFTP Server?

Modeled off classic File Transfer Protocol (FTP), Secure FTP (SFTP) is a protocol that allows you to transfer files between one computer and another securely. 

FTP is perhaps one of the most foundational protocols in modern computing. In essence, FTP defines a protocol where two computers can share a direct connection and send files over that connection. Because FTP was conceived and built in the earliest days of the internet, it is a bit archaic in a few key areas, primarily when it comes to security. 

Imagine sending a letter to a friend. You place the letter in your mailbox, knowing that the post office will be able to read the address on the envelope and get it to the right destination. That envelope doesn’t protect the message from theft, however. Anyone with the inclination could take that letter during its journey, open it, and read everything you wrote. That’s FTP in a nutshell: it’s fast and reliable but provides no security measures against theft. 

SFTP addresses this issue by recreating FTP using more modern and secure technology: Secure Shell (SSH). SSH creates an encrypted channel through which data passes. If someone intercepted that data, they wouldn’t see the actual data—they would see the encrypted form of the information that would be difficult, if not impossible, to break. If we consider the letter example above, SFTP would operate almost identically. Still, instead of sending a plain text letter, it would scramble all the words on that letter and only unscramble them when the person receiving the letter reads it. 

Much like FTP, SFTP follows a client/server model. A server computer storing files would accept authorized connections from SFTP clients who would download or upload more files for storage. 

By default, SFTP cannot function without a server computer and one or several clients connecting to that server. That means having software (or a dedicated host offered by a third-party provider) installed on a server computer and client software installed on client computers. 

What Should I Look for in an SFTP Server?

What you look for in SFTP servers and what features you want depends almost entirely on your business and technical needs. However, there are some general features that a solid SFTP server should provide to demonstrate that it can help you achieve your goals or adapt to do so. 

In general, look for the following features when selecting an SFTP server:

  • Security Measures That Meet Your Business Needs: By and large, you want a server that can support the encryption you need while also protecting stored data in the server through technologies like firewalls, anti-malware, and hardening techniques. Typically you’ll want AES-128 or AES-256 encryption for data-at-rest and TLS 1.2+ for data-in-transit.
  • Compliance Support: secure file transfer itself isn’t compliant with most industry regulations out of the box. However, a provider that offers compliant servers has typically used expert engineers and compliance offices to customize their offerings based on your specific industry. Look for service providers that can support frameworks like HIPAA, PCI, FedRAMP, GDPR, or whichever industry regulations you need to meet. You must configure over 100 controls to meet most of these regulations, requiring functionality and policies such as data access controls, separation of administrative duties, and block-listing or allow-listing domains. Most important, ensure the logging and reporting is sufficient for passing compliance audits with a reasonable amount of effort.
  • Security Monitoring Integration: Security Information and Event Management (SIEM) is an increasingly vital SFTP security tool for compliance and system management. Your server should include either built-in SIEM or integration with SIEM-as-a-Service providers. 
  • DLP Integration: Enterprise organizations using extensive file transfer capabilities will invariably need to invest Data Loss Prevention (DLP) features. Look for a server that supports integration with these tools.
  • Disaster Recovery and Availability: Backups and disaster recovery usually come in two flavors: “cold” for long term but slower access, and “hot” always-on recovery with backup redundancy across multiple backup servers to ensure you never have a disruption due to system failure. Look for a system that can ideally support both, but at least hot recovery backups to mitigate downtime. 
  • Managed File Transfer (MFT)Services: Many providers will also offer secure file transfer as part of a more extensive managed file transfer (MFT) package. MFT can bring more granular controls over batch processing, scheduling and auditing, and provides automation without the need to write and maintain code or scripts. It also provides an operations console to ensure reliable transfer services in spite of failures in networks and remote servers, with analytics to help tune throughput and transfer times. 
  • Data Orchestration: secure file transfer is considered a legacy technology against other modern cloud platforms, and yet it still serves an integral part as the backbone of a large-scale secure file transfer. Accordingly, a server that works with data orchestration tools can help make transfers between servers, on-prem or legacy cloud storage and shared cloud services seamless and simple. 
  • Support for Security and Operational Analytics: Understanding your data’s activity and its transfer is critical for compliance and business operations. Pick a server with a CISO Dashboard that gives you essential intelligence on logging, security events and data governance insights. 
  • Large or Unlimited File Sizes: Not all servers can support large or unlimited files. Look for a server solution that provides file transfer limits that fit your needs. 

SFTP Server Provider Reviews

Solarwinds

SolarWinds offers the underlying features that make servers suitable for enterprises (DLP, dashboards, orchestration). However, they only mention HIPAA and HITECH as part of the compliance standards they meet. This limitation may cause some business customers to pause before purchasing. 

Files.com Cloud

Files.com Cloud is a robust platform that offers secure file transfer and does it well. With a large file size limit and HIPAA compliance technology (and an available BAA), Files.com could be a go-to for some organizations. Their multi-tenant cloud architecture could be a limitation for some customers. 

GoAnywhere Secure File Transfer

GoAnywhere is one of the few servers we’ve seen that can handle PCI compliance—a big bonus for office workers in retail or payment processing. GoAnywhere also offers limited MFT services and a decent file size limit of 10GB for all customers.

Bitvise SFTP

Bitvise is a great utility for expert power users. Built with a focus on terminal commands, scripting configurations and bulk transfers, this solution can meet HIPAA and PCI compliance. It does require a lot of know-how to get up and running, however, and isn’t part of an effective enterprise solution without some significant building out. 

Check All Your Boxes with the Kiteworks Content Firewall

SFTP servers today have to pull more weight than just providing secure file transfer. Enterprise tools, MFT integration, security and compliance configurations are what set an SFTP server apart from the pack.

The Accellion Kiteworks Platform builds its SFTP server out with enterprise businesses in mind. Security, compliance and functionality are paramount to what we offer, and that’s why Kiteworks is positioned as a unified secure file transfer, storage and analytics solution for data-driven businesses. 

With the Kiteworks Platform, you get: 

  • Security and Compliance: Our systems utilize AES-256 encryption for data-at-rest and TLS 1.2+ for data-in-transit. Its hardened virtual appliance, granular controls, authentication and other security stack integrations, and comprehensive logging and audit enable you to achieve compliance efficiently.
  • SIEM Integration: Keep your environment secure with integrated SIEM for alerts, logging and event response. Integrations include IBM QRadar, ArcSight, FireEye Helix, LogRhythm and others. It also helps the Splunk Forwarder and includes the Splunk App. The Kiteworks platform also standardizes audit logs and report entries into a single log for widespread SIEM consumption.
  • DLP: The Kiteworks platform includes powerful DLP features to protect against data loss and empower disaster recovery. Our DLP integrates with your existing DLP servers and logging tools to provide protection and, if necessary, block violations of DLP policy.
  • Disaster Recovery: Speaking of recovery, the Kiteworks Content Firewall provides hot recovery backups across two backup locations with automatic fall over to empower always-on operations with little or no downtime during an emergency. 
  • Audit Logging: With the Kiteworks platform’s immutable audit logs, you can trust that you can detect attacks sooner and that you’re maintaining the correct chain of evidence to perform forensics. Since the system merges and standardizes entries from all the components, its unified Syslog and alerts save your SOC team crucial time and help your compliance team prepare for audits.
  • Single-Tenant Cloud Environment: Your file transfers, file storage, and access will occur on a dedicated Kiteworks instance, deployed on your premises, on your IaaS resources, or hosted as a private, single tenant instance by Accellion. That means no shared runtime, databases or repositories, resources, or potential for cross-cloud breaches or attacks. 
  • Data Orchestration with the Cloud: Accellion also offers orchestration tools so that you can connect your legacy on-prem data servers, SFTP servers and modern cloud environments for backup, migration or data scaling purposes. 
  • Seamless Automation and MFT: The Kiteworks platform supports MFT automation to facilitate content transfer into and out of secure file transfer and other repositories like file shares and AWS S3.
  • Self-Service Ease of Use: Business users access the back end of the Kiteworks SFTP server through familiar web file sharing folders. Employees and administrators alike can utilize intuitive interfaces to navigate files, create folder and set file and folder permissions. 
  • Data Visibility and Management: Our CISO Dashboard gives you an overview of your data: where it is, who is accessing it, how it is being used, and if it complies. Help your business leaders make informed decisions and your compliance leadership maintain regulatory requirements.

If you want to learn more about how Accellion is innovating SFTP, read our Modernizing Enterprise SFTP eBook. Also, make sure to sign up for the Accellion newsletter to stay on top of news, product announcements, and events.

Modernizing Enterprise SFTP

*** This is a Security Bloggers Network syndicated blog from Cyber Security on Security Boulevard – Accellion authored by Bob Ertl. Read the original post at: https://www.accellion.com/secure-file-transfer/best-sftp-server/

Avatar photo

Bob Ertl

Bob Ertl is Senior Director of Industry Solutions at Accellion. He is responsible for product marketing at Accellion. With over 20 years of product management / product marketing experience, he specializes in delivering software innovations that transform the effectiveness of business teams. Prior to Accellion, he concentrated on business intelligence and data warehousing at Oracle, Hyperion, Brio and several start-ups, as both a consultant and product vendor, across a variety of vertical industries. Bob holds a Bachelor’s degree in Electrical and Computer Engineering from the University of Wisconsin-Madison.

bob-ertl has 33 posts and counting.See all posts by bob-ertl