Before we get all techy about transfer protocols and let our geek flag fly by using tons of IT acronyms, here’s a real-life example to break the ice.
We all have a person in our life who is very skeptic about leaving their credit card number and other personal info while shopping online. How can one be sure personal data will end up where it should, right? Most people wonder about risks of ordering something online or if there truly is a way private information stays magically protected in cyberspace.
Well, it’s not really magical and sure is less exciting than Harry Potter: the key is in trusted third parties and good encryption. That is how a majority of secured websites work: they are based on HTTPS (Secure Hyper Text Transfer Protocol) which cooperates with another protocol called SSL (Secure Sockets Layer) in order to move data safely to the right destination.
But what are file transfer protocols anyway? An average internet user deals with a number of them on a daily basis without even knowing it. When you download an eBook, you’ve purchased or clicked on the search engine result – transfer protocols ensure your action is successful by enabling your computer’s communication with other devices or online servers and resources.
Simply put, file transfer protocols are used for transferring files between a server and a client on a computer network. The diversity of today’s numerous networks implies a usage of many different complex protocols because there cannot be only one universal set of rules via which we control and handle all data transferring.
Knowing the basics of transfer protocols is beneficial: only when you scratch beneath the surface and explore the possible options can you choose the ones that are suitable for your business. So, it is about transmitting data between the two parties, but what types of protocols are there?
FTP (File Transfer Protocol)
File Transfer Protocol was developed in the 70’ and it was one of the first attempts to standardize exchanging files (within the TCP/IP network). So, we’re talking about the time of basic, text-based computers when FTP was used for simple file sending and receiving.
Today, the FTP is mostly used for downloading which actually means transferring a certain file from one computer to another. In most cases, you won’t even know the exact location of the computer you’re receiving files from. The computer designed for receiving the FTP connection is called an FTP site (or FTP server). It is like a huge library of files and an authorized person has the power to organize them according to their preferences, keep them locked (i.e. demands a User ID and Password) or open to the public (i.e. typing your email as username to get access).
With FTP programs (e.g. WS_FTP), you can do several things, such as:
- Publish a website
- Upload and download media
- Add images to online auctions
When it comes to your business, it’s good to know FTP is reliable: it can handle single and bulk files transfers. However, its huge setback is the lack of security. There are also problems regarding the firewall protecting systems which may cause server-client connectivity issues.
FTP could be an ok option for businesses that don’t operate with high-confidential files or don’t work in the field of finance or healthcare, but there are better and safer alternatives to it.
TFTP (Trivial File Transfer Protocol)
Trivial File Transfer Protocol is actually a much simpler version of FTP. It was developed in the 70’ specifically for computers that lacked disk memory that was needed for full FTP support. Files can be uploaded to a server and downloaded from it as well.
Just like FTP, TFTP uses server and client software and transfers the files over the network. In comparison to FTP, it supports fewer features and typically – it’s not even used for exchanging images, documents, or spreadsheets. It is suitable for internal use such as the network management tasks (copying bootstrap, backing up configuration files, or installing OS over the LAN network). Here’s what you can expect with TFTP:
- Faster transfer: because it uses UDP (User Datagram Protocol) as the transport layer protocol
- Small code size: it is like a stripped-down version of FTP
- Good for targeted use: small tasks within LAN
Just like with FTP, the downside of TFTP is that it is considered insecure. It doesn’t have encryption nor an authentication system. Despite the security concerns, it is widely used as there is no protocol that can match the TFTP when it comes to specific tasks. Of course, limiting its usage to inner network is highly advisable.
SFTP (Secure File Transfer Protocol)
Secure File Transfer Protocol (or SSH File Transfer Protocol) is good for businesses who need greater security. It is frequently compared to FTP and has two strong advantages. Firstly, we’re talking higher security: with the secure protocol (SSH), client/server authentication is ensured and data-in-motion encryption supported. Secondly, it is more firewall-friendly.
Your business can definitely benefit from using SFTP, here’s why:
- Low risks during data transmitting: encryption disables possible intruders (that might intercept your files during the exchange) from reading anything as it scrambles the content making it incomprehensible; there is a well-developed authenticity system ensuring access only to verified personas
- Better data accessibility: with great power, SFTP can handle communications with clients, but also with other SFTP servers, which makes the data easily accessible in short time
- Transferring large files: whether we’re talking about one large file or multiple files you wish to send all at once – you won’t experience any inconveniences; it saves you time and can be a better alternative to cloud-systems; drag-and-drop system makes it all easier
To sum it up, SFTP is simple and easy to use and definitely a better alternative to FTP. Using SFTP could be one piece of the security puzzle that keeps your company safe online.
HTTP (Hypertext Transfer Protocol)
Hypertext Transfer Protocol is one of the most widely used application layered protocols. Without it, our surfing experience would be much different. Thanks to HTTP, you can enjoy browsing through web pages, view links and jump from one website to another, etc. It is the base of the all-level communication within the World Wide Web. Basically, everything you see on your screen during your time online is there because of the HTTP: it presents data so you can interact with it.
Using the HTTP protocol, computer scientists around the world began making the Internet easier to navigate by inventing point-and-click browsers.Katie Hafner, journalist
From a business’ point of view, HTTP is great because users only need a valid web browser (e.g. Chrome, Internet Explorer, Firefox, or other) to access the desired data: there’s no need to install anything on their computers.
Definitive pros of HTTP include:
- Easy implementation
- Works great with transferring files (client-to-client and client-to-server)
- Minimal problems with firewall: great connectivity ensured
It’s good for accessing simple HTML pages. However, a major pitfall is again – the lack of security. You can use it if this is not a big obstacle for your type of business.
HTTPS (Secure Hypertext Transfer Protocol)
As we mentioned, Secure Hypertext Transfer Protocol works with SSL (Secure Socket Layer), another protocol that was primarily developed for the purpose of safe online transactions. Next time you’re worried about whether or not your data is secured, check the URL bar and look for ’HTTPS’. So, it is like a secure version of HTTP.
There are three layers of protection via HTTPS:
- Encrypted data: to keep it safe from possible interceptions
- Authentication: users are recognized when communicating with the website
- Data Integrity: all modifications during the transfer are detected
In 2014, Google announced sites that switch to HTTPS will have a better ranking which is fairly logical for promoting online security. Also, there is new Google Chrome update coming up in January that will clearly mark all HTTP pages that collect passwords or credit cards as NON-SECURE, as part of a long-term plan to mark all HTTP sites as non-secure. Getting a certificate can be a bit tough, but we encourage you to check the undeniable benefits of securing your site with HTTPS (better SEO included!).
Let’s take Real.Me as an example: if you take a look at the URL address, you will see ’HTTPS’, which means data transmitting is secured. In addition to safety reasons, it would be unusual (and unprofessional) to see ’HTTP’ in the URL bar as Real.Me is the family of apps that helps you preserve privacy online. If you look at the bottom of their landing page, you will see it is secured by rapid SSL.
Another great example is Hack.Me: it is a free, community-based project that’s supported by eLearnSecurity. It invites everyone to build, host, and share vulnerable web application codes – for educational purposes and raising awareness about online security. In layman terms, application vulnerability is a weak spot or a flaw in an application that an attacker can use for facilitating a cyber crime or exploit files. So, the access to the server here is open to public as anyone can sign up and upload different challenges and share their skills with others. However, the whole platform uses the HTTPS (as you can see in the URL bar), which means your personal data is safe. There is a specific “sandbox“ security system every time a person decides to run a new hackme project: the user gets isolated access and so it is safe for them to use the application.
This is just the tip of the iceberg when it comes to file transfer protocols. There are dozens of them and you’re likely to use several different ones for your business. It is good to deepen your knowledge about them since they can ensure your data exchange runs smoothly while providing you with the level of safety you assess as optimal.
Since we are always going on and on about online security and privacy, it was only fair we made sure this website runs on secure HTTPS as well. 🙂 Try mapping out what exactly does your business need, understand what different transfer protocols provide, and then make the smartest possible decision. For anything that remains unclear, you can always turn to us. 🙂