FTP can be an efficient way to move large files between servers or individuals. The protocol itself is proven and mature but often its implementation is the security issue. Many organizations built their FTP systems so long ago that they are horribly outdated and can't keep up with current security standards. FTP uses clear text to transfer files, regardless of whether or not those files contain sensitive information. Nowadays, organizations understand the need to focus more on data encryption and certification of the people receiving that data. Outdated FTP systems don't provide the on-the-fly adjustments, guaranteed delivery or error-handling needed to meet ever-changing needs.
Encrypted file transfer
Encrypted file transfer is a safer option. Although Secure File Transfer Protocol (SFTP) or FTP over Secure Sockets Layer (FTPS) adds encryption and helps mitigate risk, this is not enough. Encryption standards don't make the files being transferred impenetrable to security threats. Organizations must ensure that attachments are fully encrypted while in transit and while at rest awaiting receipt.
The proliferation of software as a service (SAAS) and cloud computing also heightens the security threat. To have a successful SAAS or cloud offering, the underlying technology must be proven, secure and scalable. A solution that securely passes files through the cloud can make moving your business-critical data simpler and more accessible. However, files should never be stored in the cloud, as data at rest is the weakest link.