Thanks to everyone for attending our 5th Peeling the Onion Tutorial! Visit our Secure FTP for z/OS Webinar page to watch the full recording or view the webinar shorts within this post!
Does your organization need a Secure FTP (SFTP) solution for the mainframe after becoming aware of the serious security shortcomings in the typical FTP setup? Our complete, secure mainframe FTP solution is a collaboration between SDS and SSH Communications Security: together, VitalSigns for FTP™ and Tectia® SSH provide unprecedented Secure FTP for the z/OS mainframe and beyond.
FTP (File Transfer Protocol) between a client and server, regardless of which solution is used for the file transfers, is potentially dangerous to your organization and should never be used without additional security measures and precautions. Sure, you can go overboard for your particular organization’s amount of file transfers and other security requirements, but that’s much better than underestimating the threat and not doing enough.
The VFTP-SSH Collaboration has become a leading option for organizations requiring absolutely secure FTP, especially across multiple platforms. VFTP-SSH may classify as going overboard and deemed excessive for many average small businesses; however, for an entity that has regulatory requirements within their industry or would face substantial costs if their FTP is compromised, the file transfer process is never too secure. Don’t believe it? Just find anyone who’s ever worked for a business that’s been breached, even if only in a minor way with no negligible impact, and ask them about the aftermath…
In truth, any number of costs, liabilities, penalties, and other unforeseeable, additional hardships could result from a compromised FTP setup, leaving, plenty of times, a different and financially-crippled, or even bankrupted, organization in its wake.
OK, let’s take stock of where we are: you’ve been sufficiently informed (translation of “informed”: warned and scared) about the horrible, yet predictable, FTP-related disaster awaiting and the resulting outcomes. Basically, this situation is rightfully scaring you and we’ve caught your attention, let’s get on with this and give you a few options to relieve all your newly acquired, FTP-related anxiety by securing your file transfers…
Due to security concerns, many of our customers have been told by the security and compliance decision makers in their organization to stop using their current FTP setup NOW! Now meant now – no more normal FTP transfers are allowed, starting right now! They’re told to use SFTP instead. And that’s about all the direction they’ve been given.
Often, that direction is imprecise. What their users want is security and encryption. But they don’t necessarily mean the particular security tool, common to Linux and Unix systems, that is named SFTP. For z/OS, there are other ways to secure file transfers, several others—maybe too many others.
An SDS customer recently explained that, the more he looked into securing FTP, the more it resembled an onion!
It had layer after layer, and the more he peeled them back, the smellier it became.
This is how he capped off the comparison between their securing FTP quandary with a stinky onion: It’s enough to make a grown z/OS admin cry!
That resonated with us and eventually lead to The Onion FTP Webinar and this Article…
My Goal for this Article: Help you Secure your z/OS FTP
My intent with this article is to briefly explain some ways to make FTP a secure resource in your environment, to give you a brief taste of the options.
In other words, let’s peel the secure FTP onion