Ask the Expert

Don't use remote FTP for storing important files

I would like to upload some of my most important business files (doc, jpg, pdf, etc.) using CuteFTP Pro to a directory on my hosted webspace. I would like NO ONE but myself to have access to those files. The idea is to have a backup of those files for safekeeping and easy access from anywhere. What's the safest way of doing this? I have tried creating a directory and CHMOD it to 700. Is this a safe solution? Would everything (subfolders or files) I put under this directory inherit the folder's permissions?

Requires Free Membership to View

There is no 'safest' way of doing this. FTP is one of the easiest protocols to circumvent. Simply put, your FTP username and password are always transmitted (together with any data you are transmitting) in the clear. They are not encrypted in any way. Therefore, an attacker is able to monitor ('sniff') your FTP transactions and retrieve your username and password. With this they can gain access to your data. I do not recommend you use a remote FTP site for storing important files.

Alternatives I would recommend are:

  • There are a number of secure online backup services available - Google for 'secure online backup'. I recommend you seek references and a commercial contract from any such company you do business with.
  • Encrypt your files using a product like PGP and back them up to media, such as CD/DVD. Store the CD/DVD somewhere safe, preferably offsite and in a secure location.
  • Keep your important files on an encrypted USB key or SD card or other portable storage media. These are easy to keep under lock and key and easy to transport.
  • This was first published in December 2006

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: