28th April, 2017
File transfer protocol (FTP) has become one of the most popular and convenient ways of sharing data within a network. Considering its extensive usage, FTP security has become an important concern for the IT professionals. A poorly configured server can act as a critical flaw in the cyber security of an organization.
Given below are some tips that you should follow to secure your FTP server:
Define user accounts and permissions
Each user on the FTP server should have a separate account and login directory. This will help to ensure that the files are accessed only by the authorized users. In case you want to create directories that can be shared by multiple users, you can explicitly state the permissions for each of them. Also, access should be allowed according to the specific duties to be performed by the employees. For instance, if one needs to simply read a file, permissions to share, modify or delete it should be disabled.
Enable logs
When you enable logs in your FTP server, you can have a complete record of the IP addresses and users who accessed the server. Maintaining a log will help you to identify the traffic patterns, unauthorized login attempts and any potential security threat.
Limit the number of incorrect logins
Make sure you restrict the number of invalid logins that a user can make. After the set limit has exceeded, the account gets locked and needs to be activated again. This reduces the likelihood of a brute force attack, in which the hackers gain access to a network by guessing multiple password combinations. Ideally, you should set the permissible login attempts between 3 to 5.
Enforce password compliance
Weak passwords are often the biggest loopholes that allow the hackers to access the FTP server. You should enforce strong password policies and make sure that all the users comply with it. The password should consist of 8 to 10 characters comprising of uppercase and owe case letters as well as alphanumeric characters. You can also implement a policy that requires users to change their passwords after a set period of time.
We, at Centex Technologies, provide information security solutions to business firms in Central Texas. For more information, you can call us at (855) 375 – 9654.