For our non-technical readers, this might be just another mysterious acronym, so first the easy part:
SFTP stands for Secure File Transfer Protocol, which, handily, is an accurate shorthand description of what it does.
It enables the secure transfer of files between computers over a network.
So, it's just Secure FTP? Not quite…
The original FTP – File Transfer Protocol – has been around since 1971. You could be excused for assuming that SFTP just means Secure FTP - an enhanced, more secure version of the original. You’d be far from the first to think this, but you’d be wrong!
The glaring issue with FTP is summed up by that missing S. It’s just not secure.
With FTP, all data being transferred, including usernames and passwords for authenticating the parties, is transmitted in “plain text”, without encryption.
That might not have been seen as a big risk in the pre-Internet era. In today’s hyper-interconnected world, however, this is a big deal when transmitting sensitive data, e.g. sending private financial data (think EFT files) to your bank.
Enter SFTP…
OK, so what is it then?
SFTP isn’t just an extra layer on top of (Simple) FTP. It runs over an entirely different protocol known as Secure Shell (SSH).
In fact, a more accurate name for SFTP is SSH File Transfer Protocol.
SSH was developed in the 1990s, responding to the growing need for safer ways to transfer data across increasingly interconnected networks. Its use of public key cryptography for encryption means that the contents of a transmission remain hidden to an observer, even if they have access to the entire stream of data.
So, how does SFTP work? It’s difficult to answer that without getting just a little technical, but in a nutshell:
- The client (e.g. your computer) first establishes an SSH connection to the server (e.g. your bank’s computer).
- During this process, authentication occurs using either passwords or cryptographic key pairs.
- Once the secure session is established, SFTP commands are sent through the encrypted channel. These commands allow users to upload, download, delete, rename, and manage files on the remote system.
- Because all commands and data are encrypted, SFTP protects against eavesdropping, tampering, and unauthorised access.
Keeping it Simple
While this is all driven by the desire for security, another feature to explain SFTP’s widespread adoption is simplicity.
Unlike FTP, which requires separate connections for commands and data, SFTP does everything over a single connection channel, making it easier to configure through firewalls and network security systems.
SFTP Use Cases
SFTP can be used in any scenario requiring the secure transfer of data, but some high-profile examples include:
- Businesses transferring financial records, payroll data, and confidential documents between departments or partner organisations.
- Web developers wanting to securely upload website files to hosting servers.
- Healthcare organisations needing to exchange patient records while maintaining compliance with privacy regulations.
- Banks and government agencies needing to transfer large volumes of sensitive data safely between systems.
And it’s not just about big business and government.
It’s more than likely that you are using SFTP every day without even knowing it, e.g. when you drag and drop files between locations in your file management tool.
SFTP and Orchid EFT Processing
Orchid’s EFT Processing modules are tightly integrated into Sage 300 and Sage Intacct payment and receipt processing routines. Selected transactions are included in an EFT file, in the format required by your bank, with 800+ formats from 80+ countries supported.
Typically, when not using SFTP, the EFT file is saved within your local environment, then manually uploaded to your bank using the bank-provided software.
With SFTP, the EFT file is uploaded directly to your bank via their nominated SFTP Server, making the process both more efficient and more secure.
Refer to our Online Help library to find out more about:
• Using SFTP with EFT Processing for Sage 300
• Using SFTP with EFT Processing for Sage Intacct
