I am designing a process for end users to upload files to an FTP server. The critical requirement is to ensure the connection to the server is secure.
I know it is possible for many FTP client applications to create a secure FTP connection (e.g. FTPES or SFTP – and yes the FTP server does support these) but its an optional setting in the client. In other words we can request people create secure FTP connections but we can't force them to.
I should mention here that the FTP server belongs to a third party provider and if there are server settings to enforce FTPES or SFTP connections, we can't get these enabled.
So, the question is – is there a way to enforce secure FTP connections? Here's a few speculations:
-
Maybe there's an FTP client that forces a secure FTP connection to be used and I tell end users this is the only client they can use. This is a bit lame!
-
Maybe there's an FTP client that can get its FTP connection details (url, protocol & login) from a remote server (i.e. a server I control) and therefore I can dictate them and the end user never sees them.
-
Maybe I could establish some kind of "2 hop" connection where the user initially connects to a server I control that requires a secure connection but (transparently to the user) the connection is actually redirected to the real FTP server.
Best Answer
Your third idea seems most promising: consider an FTP Proxy Server. Your users connect to the proxy with the connection requirements you set, such as encryption, and the proxy server connects to destination server with the parameters you configure.
Unless you can either enforce or audit a policy, you can not get users to follow it. And a security framework is only as strong as its weakest link.
The scenario seems strange to me - you have a requirement for confidentiality, to be met by encrypting the data traffic, but you are working with a third party that won't meet this requirement. There may be a need to run the problem up the management flag pole, as well.