Insecure file transfers leave organizations at risk
According to a new survey, 78 percent of respondents are still using unencrypted protocols to transfer some of their files, and only 44 percent are using two-factor authentication when connecting to their file transfer server.
The study for VanDyke Software, conducted by Amplitude Research, interviewed 450 professionals involved in data protection and file transfers and finds that 48 percent of companies are transferring files at least multiple times per day and sometimes 'continuously'.
File transfer servers are most likely to be running Windows and hosted in the cloud. 78 percent of companies say they are hosting their file transfer servers mostly or completely on Windows, compared to 36 percent for Linux/UNIX, and just 25 percent for macOS. Two-thirds (67 percent) of companies are hosting some or all of their file transfer servers in the cloud.
Where secure protocols are used HTTPS is the most common, employed by 60 percent, while slightly more than a third use FTPS (35 percent) and SSH2/SFTP (34 percent). More than half (58 percent) use non-secure HTTP at least sometimes when connecting to their file transfer server, and 38 percent use non-secure FTP.
The most common type of authentication when connecting to a file transfer server is using a password (55 percent), followed by two-factor authentication (44 percent), single sign on (SSO) (32 percent), and public key (22 percent).
Danielle Argiro, product director at VanDyke Software says, "Considering the impact that a data breach can have on an organization, it is concerning that fewer than half of the respondents to this survey use two-factor authentication to connect to their file transfer server."
You can read more on the VanDyke site.