FTP is a Bad Idea

July 14, 2010 / CloudPrime, Security / 0 Comments

bad-toasterApplication-to-application messaging is a critical component of most enterprise grade organizations. On a daily basis, tens if not hundreds of thousands of application messages, files, requests, etc. are processed over their messaging fabric. What is interesting to note is how a lot of organizations are creating their application messaging network. For lack of a better solution, a lot of organizations are relying on FTP to transmit sensitive data over the network. This is bad.

FTP is a simple protocol that allows for the exchange of data over a network, but it should NOT be depended upon for sending any information that is regarded as sensitive or confidential in nature. The reason why FTP is a problem is because it does not encrypt data as it passes over the network and you only need a username and password to send/receive files. The real threat is that messages can be sniffed out or intercepted en-route, exposing each party to big-time security problems.

There are some simple ways to help secure FTP transactions, but for the most part, it is still an unsecure and unreliable way to send messages and by some estimates can cost an organization $300k to $1M per year in maintenance and recovery costs, even though FTP is “free”.

To further mitigate the issues with FTP, a lot of organizations will employ “roll your own” solutions that help secure the message network and provide the necessary features needed to comply with various requirements and compliance regulations. Where this becomes an issue is that typical RYO solutions can be rigid, hard to maintain, and are expensive to deploy (not to mention the resources that will be needed manage and update the network on a regular basis).

In the end, both FTP and “Roll your own” solutions leave a lot of gaps in an organization’s application messaging infrastructure that not only may hurt them from an operational and security standpoint, but end up costing them millions in maintenance and recovery costs.

Cloak Labs solves these problems by providing a completely managed service that allows applications to communicate with each other in a secure, reliable, and cost-effective way.


  • Cloak Labs’ patented technology makes sending messages through “the Cloud” safe
  • Guaranteed delivery of all transactions
  • Non-repudiation
  • Rules-based, encrypted message archival
  • Easy to deploy software Security Gateways
  • No hardware to buy or upgrade

To learn more about how Cloak Labs can help your organization implement secure and reliable application-to-application messaging network, contact us today.


Would you like to share your thoughts?

Your email address will not be published. Required fields are marked *

Leave a Reply