Cloud-hosted FTP servers are a common approach for many administrators seeking to leverage the scalability and reliability of hosted infrastructure for secure file sharing. In this post, we’ll review cloud-hosted FTP setup resources and best practices to keep your cloud file sharing operating at peak efficiency.
How to set up Cerberus FTP Server in the cloud
Cerberus FTP Server by Redwood can be easily installed on any cloud-hosted virtual machine. Instructions on setting up virtual machines for common cloud providers appear below:
Cloud-hosted FTP Server best practices
If you are hosting your FTP server in the cloud, the best practices below can help you ensure nothing interrupts your file transfer activities.
Implement encryption at rest
Cloud FTP providers practice strong data security measures, but no service is fully immune to potential threats. In the unlikely event that a cloud provider experiences a data breach of its servers, your data could be exposed. Encrypting your data is the best solution to mitigate the risk of a cloud-hosted FTP data breach because it will prevent anyone who doesn’t have the appropriate decryption key from accessing the information.
Most cloud providers offer an encryption-at-rest offering, and secure file transfer applications like JSCAPE by Redwood are able to provide encryption-at-rest for their own file volumes as well.
Enable continuous monitoring, auditing and alerts
When moving any data into the cloud, including for cloud-hosted FTP, you’re placing your trust in another organization’s data security practices. To give you peace of mind, and serve as a backup in case any security challenges arise for your cloud provider, you should set up three levels of data security for your cloud FTP environment:
1. Continuous data monitoring: This practice involves standing up tools that monitor your data utilization and access trends in order to identify any outliers or unusual activity. By following data as it moves through your systems, you can then keep an eye outt for suspicious transfers. As an example, Cerberus FTP Server’s Enterprise Plus edition includes automated network monitoring and rogue transfer detection to prevent malicious data access.
2. Real-time alerts: You’ll want to configure your cloud-FTP server to alert you in realtime to any common security scenarios in order to flag them for evaluation. Some of these scenarios include:
- Repeat failed logins
- Suddenly active older or dormant accounts
- Transfers of large data volumes or entire directories
- Connections to unknown clients
3. Auditing: The more detail you include in your audit reports, and the more frequently you review them (either manually or automatically), the more likely you are to catch potential gaps and loopholes before a malicious actor does. At a minimum, you should be auditing for the following scenarios:
- Expired or inactive users and administrators
- Any unknown devices or users attempting to connect (or transfers directed toward these devices)
- Directory access requests where security groups do not allow access
- Newly established administrative privileges
- File access outside of normal business hours
- Any attempts to access protected data
Implement strict access management and multi-factor authentication
The more tightly you govern access to your cloud-hosted FTP solution, the less likely you’ll have to worry about managing unknown clients. Public key authentication provided by SFTP is an ideal tool for this scenario because it will help you limit connections to trusted clients.
You’ll also want to ensure that any administrators use multi-factor authentication in order to mitigate against captured passwords.
Extend your security policies and tools to your cloud environment
Your organization’s security policies should include data loss prevention (DLP) and Internet Content Adaptation Protocol (ICAP) tools to help guard your users and organization against risky actions. While it may take some configuration, it’s critical to bring your cloud-hosted FTP solution under your internal policy umbrella to ensure the same protections for sensitive data are in place.
Conclusion
We hope that this information has helped you understand more about cloud-hosted FTP servers and how you can ensure their secure use. If you’d like to try Cerberus FTP Server in the cloud, download your trial today.