Using SFTP with the Cloud
For several decades, SFTP, which stands for Secure File Transfer Protocol or SSH File Transfer Protocol, has been arguably the most widely used solution for transferring sensitive data across the internet. In the past few years, however, we’ve seen increased adoption of what’s known as SFTP cloud.
Also known as cloud SFTP, this new innovation to an otherwise well-established technology offers fresh new benefits to organizations that transfer sensitive data in their business processes. So, what exactly is SFTP cloud, and how do you use it?
What is SFTP cloud or cloud SFTP?
SFTP cloud or cloud SFTP refers to any secure file transfer solution that combines SFTP with cloud-based services. In most cases, these services are of the cloud storage variety. This combination enables businesses to implement file transfer workflows while taking advantage of the benefits of both SFTP and cloud characteristics like scalability, high availability, minimal upfront cost, flexible pricing and global access.
Recommended read: Amazon S3 vs. Local Storage - Where Should You Store Files Uploaded to Your File Transfer Server?
SFTP cloud use cases
Businesses are discovering many ways of leveraging SFTP cloud solutions. Here are some popular use cases that you might find suitable for your organization:
Cloud-based data backup and archiving
You can connect your secure FTP server to a cloud storage service and use the virtually unlimited storage capacity of the cloud for backing up and archiving files uploaded to your server. This setup can significantly reduce the risk of data loss. Not only does this allow you to keep copies of your files in an offsite location, but it also lets you store them in a robust infrastructure backed by multiple levels of redundancy.
Pro Tip: Schedule automated backups from your SFTP server to your cloud storage outside office hours to minimize network congestion.
Integration with cloud-based applications
When you upload files from your SFTP server to a cloud storage service like Amazon S3, you’ll be bringing those files closer to cloud-based applications. These applications can be cloud-native apps or regular apps hosted in a cloud-based VM. Once you grant those cloud-based applications access permissions to your uploaded files, those apps can then do all sorts of things with them. For instance, your cloud-based apps can process them, analyze them or simply view their contents.
In effect, the SFTP cloud solution serves as an enabler for hybrid cloud integration.
Secure remote access to files stored in the cloud
Once you already have files stored in the cloud, you can allow users to access those files remotely and securely through SFTP clients. Widely used SFTP clients like FileZilla and JSCAPE AnyClient by Redwood support public key authentication.
This type of authentication requires connecting parties to have valid user accounts and to authenticate using a password and an SFTP key. Combined with data-in-transit encryption, this two-factor authentication mechanism significantly reduces the risk of unauthorized access to your cloud-based files.
You can implement an SFTP solution cloud in multiple ways. Here are three different approaches.
Approach #1: On-premises SFTP server that uses cloud storage
The first option is to deploy an SFTP server on-premises and then connect that SFTP server to a cloud storage service like Amazon S3, Azure Blob Storage or Google Cloud Storage. One advantage of this setup is that your SFTP server is stationed in close proximity to your on-premises applications. If most of your data transfer workflows are carried out locally, putting your SFTP server on-premises can reduce performance issues caused by network latency.
Approach #2: SFTP server on a cloud-based VM
Another way to approach this is to deploy your SFTP server on a cloud-based virtual machine (VM), e.g., an Amazon EC2 instance. In other words, both your SFTP server and your storage can benefit from cloud characteristics like flexible pricing, scalability and so on. Not only that. In this option, you’re placing your SFTP server closer to other cloud-based applications you might be running.
Approach #3: SFTP delivered as a cloud-based service
In the other two cloud SFTP setups discussed earlier, you’re responsible for deploying, managing and maintaining your SFTP server. In fact, in the first approach, you’re also responsible for deploying, managing and maintaining your physical server and network.
Approach #3 is much easier to handle from an IT administrative standpoint. It only involves subscribing to a cloud-based SFTP service delivered under a Software-as-a-Service (SaaS) model. As with all SaaS solutions, this approach greatly reduces your capital expenditure (CAPEX) while offering flexible pricing.
The matrix below sums up your administrative responsibilities for the three different approaches to implementing an SFTP cloud solution. Except for “SFTP application configuration,” these admin responsibilities typically involve deployment, management and maintenance.
Administrative responsibilities |
Approach #1 |
Approach #2 |
Approach #3 |
Physical server and network |
✅ |
||
Server operating system |
✅ |
✅ |
|
Cloud storage |
✅ |
✅ |
|
Cloud-based VM and virtual network |
✅ |
||
SFTP application |
✅ |
✅ |
|
SFTP application configuration |
✅ |
✅ |
✅ |
Which approach is the best? It depends on the specific business needs of your organization. That’s why it’s better to choose a solution that supports multiple use cases and different approaches.
Why use JSCAPE MFT for your SFTP cloud implementation
JSCAPE MFT by Redwood is a Managed File Transfer (MFT) solution that enables you to implement SFTP cloud through different approaches. Here are the key reasons why you would want to use JSCAPE MFT for your SFTP cloud project.
Enables all 3 approaches to cloud SFTP
JSCAPE MFT supports all three approaches to implementing an SFTP cloud. You can use JSCAPE MFT Server if you wish to deploy JSCAPE MFT on-premises or on a cloud-based VM. Alternatively, you can use JSCAPE Managed File Transfer-as-a-Service (MFTaaS) if you prefer to do away with the administrative overhead and upfront costs associated with the other two approaches.
Both JSCAPE MFT Server and JSCAPE MFTaaS have the same features, functionality and look-and-feel.
Runs on all major operating systems
With JSCAPE MFT Server, you can easily complete an SFTP cloud project through Approach #1 or Approach #2. That’s because not only is JSCAPE MFT Server easy to deploy, manage and maintain, but it also supports all major operating systems. You can install JSCAPE MFT Server on Microsoft Windows, Linux, UNIX and macOS X, among others.
Supports all major cloud providers
If you choose approach #2, your SFTP cloud implementation would be a walk in the park. That’s because JSCAPE MFT readily supports all major cloud providers, including Amazon Web Services (AWS), Microsoft Azure and Google Cloud. You can easily deploy JSCAPE MFT on cloud-based VMs on any of those three cloud environments and then integrate the cloud-based instances with cloud storage services native to those environments.
Simplifies integration through a robust API and connectors
JSCAPE MFT simplifies integration by providing a robust API and an extensive range of connectors in the form of “trading partner” and “network storage” objects. Some of the cloud services JSCAPE MFT readily integrates with include:
- Amazon S3
- Box
- DropBox
- Google Drive
- Google Cloud Storage
- IBM Cloud
- Microsoft Azure Blob
- Microsoft Azure Data Lake
- Microsoft Azure File
Supports other file transfer protocols
In addition to SFTP, JSCAPE MFT also supports other protocols, like File Transfer Protocol Secure (FTPS), Applicability Statement 2 (AS2), Odette File Transfer Protocol (OFTP), Web-based Distributed Authoring and Versioning Secure (WebDAVS) and many others. This means you can create similar hybrid cloud solutions by combining these services with cloud storage.
Provides comprehensive protection through an array of security features
JSCAPE MFT is known for its comprehensive selection of security features, which augment SFTP’s built-in security controls. Some of these features include the following:
- PGP data-at-rest encryption
- Multi-factor authentication
- File, user and virtual path permissions
- IP address-based access control
- Malware protection
- Audit logs
- Data Loss Prevention (DLP)
- Single Sign On (SSO)
- And many more
Streamlines regulatory compliance initiatives
JSCAPE MFT’s vast selection of security features can greatly simplify regulatory compliance initiatives. You can leverage these features to meet several regulatory requirements mandated by data protection laws and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), European Union General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI DSS).
Provides extensive management and monitoring capabilities
JSCAPE MFT’s intuitive administrative web interface features an array of management and monitoring capabilities that give you full control over your file transfer and file-sharing activities. For instance, as soon as you log in, you’ll be greeted by a dashboard that displays key metrics at a glance.
These metrics include system resource utilization, connections, uploads, downloads, external uploads, external downloads, logins and triggers. The information provided can help you make informed decisions in making the necessary adjustments. For instance, you can set user quotas to make more efficient use of your bandwidth. You can also set notifications that get triggered when certain levels are breached.
Offers low-code/no-code automation functionality
To respond to file transfer-related events in real-time and, in turn, speed up business processes, organizations automate tasks whenever they can. If you plan to incorporate your SFTP cloud solution in business process automation projects, JSCAPE MFT can simplify that endeavor. JSCAPE MFT has low-code/no-code automation functionality that allows you to quickly configure automated SFTP workflows through an intuitive graphical user interface.
FAQ
Why do businesses seek cloud file transfers?
Businesses seek cloud file transfers to take advantage of cloud technology characteristics like scalability, cost efficiency, reduced capital expenditure, high availability, flexible pricing and global accessibility.
Is SFTP cloud-based?
Although some software vendors and cloud providers now offer SFTP as a cloud-based service, SFTP originated as an on-premises secure file transfer solution. SFTP servers are usually deployed in a company’s office or hosted in a data center. However, with the rise of cloud technology, SFTP is increasingly being delivered as a cloud-based service. This allows for easier access, scalability and cost-efficiency for businesses.
Is it also possible to have a cloud-based FTP server?
Absolutely. While most cloud service providers will probably not offer a cloud-based FTP service, you can configure your own FTP cloud solution using JSCAPE MFT. As discussed earlier, JSCAPE MFT supports several file transfer protocols. This includes FTP and its secure version, FTPS.