The SSH File Transfer Protocol ensures that data is transferred securely between two communicating parties, which has become essential for many work processes in companies. For example, field service agents send their work results to the company headquarters, the server architecture of a company network is kept up to date and secure via remote maintenance and repair instructions are accessed online by the on-site repair technician. To do this, data must be transferred bidirectionally over an Internet connection to and from the company server. Files for websites are also sent in this way to the corresponding web spaces. The File Transfer Protocol (FTP) has been used to perform this data transfer since 1971.
Data management via FTP is similar to working in Windows Explorer, Mac Finder or Linux Nautilus. The difference is that data is transferred to and from the remote servers. The transfer tunnel to and from the user (FTP client) and server (FTP server) always presents a potential point of attack for data theft and tampering or the introduction of malware into the user’s system. Not to mention, the lower the security standard is, the greater the threat, and FTP is very low. Using FTP, the username and access password are sent in plain text (i.e., unencrypted). Potential attackers can thus intercept the login information and gain unauthorized access to the FTP client and server - with obvious consequences.
To avoid these potential attacks, SFTP was developed as an alternative with significantly improved security.