Don't use remote FTP for storing important files
I would like to upload some of my most important business files (doc, jpg, pdf, etc.) using CuteFTP Pro to a directory on my hosted webspace. I would like NO ONE but myself to have access to those files. The idea is to have a backup of those files for safekeeping and easy access from anywhere. What's the safest way of doing this? I have tried creating a directory and CHMOD it to 700. Is this a safe solution? Would everything (subfolders or files) I put under this directory inherit the folder's permissions?
There is no 'safest' way of doing this. FTP is one of the easiest
protocols to circumvent. Simply put, your FTP username and password are
always transmitted (together with any data you are transmitting) in the
clear. They are not encrypted in any way. Therefore, an attacker is able to
monitor ('sniff') your FTP transactions and retrieve your username and
password. With this they can gain access to your data. I do not
recommend you use a remote FTP site for storing important files.
Alternatives I would recommend are:
There are a number of secure online backup services available - Google
for 'secure online backup'. I recommend you seek references and a
commercial contract from any such company you do business with.
Encrypt your files using a product like PGP and back them up to media,
such as CD/DVD. Store the CD/DVD somewhere safe, preferably offsite and
in a secure location.
Keep your important files on an encrypted USB key or SD card or other
portable storage media. These are easy to keep under lock and key and
easy to transport.
This was first published in December 2006