<< Back to tutorials

Prioritizing Security: Our Shift to SFTP by Default

Published {$created} by Carsten Blum


A few months ago, we experienced a service interruption affecting a subset of our users. The root cause, after a thorough investigation, was a misconfiguration related to FTP permissions. While FTP (File Transfer Protocol) is a widely supported standard, its inherent security vulnerabilities make it increasingly unsuitable for modern data transfer requirements. This incident highlighted a critical gap in our default setup and served as a stark reminder of the importance of prioritizing robust security measures, especially when offering best GDPR compliant SFTP hosting.

The initial setup for some users allowed for FTP connections with password authentication. While we support password authentication as an option, this particular configuration introduced an unacceptable level of risk, particularly given our commitment to data isolation and GDPR compliance as detailed in our GDPR compliant. Exploitation of compromised credentials, even on a small scale, can lead to significant data exposure and reputational damage.

The fix was straightforward: We’re now defaulting all new accounts to SFTP, leveraging SSH key-based authentication. This aligns with industry best practices and significantly enhances the security posture of our platform. We're actively encouraging existing FTP users to migrate to SFTP, providing extensive documentation, including a tutorial on advanced SSH key authentication for SFTP, to facilitate the transition.

The shift isn't merely about closing a security hole; it’s about proactively embracing a more secure and future-proof solution. SFTP, leveraging the secure SSH protocol, offers vastly improved data integrity and confidentiality. For users needing a secure replacement to services like WeTransfer, our better alternative to wetransfer utilizing SFTP provides a safe and reliable method for file sharing.

This incident underscored our commitment to providing reliable and secure file transfer solutions. We're continuously evaluating and improving our infrastructure and security protocols to ensure the protection of our customers' data, ultimately providing the best GDPR compliant SFTP hosting experience possible. Consider our FTP vs SFTP guide for a full comparison.



Keywords: best gdpr compliant sftp hosting
Free signup
© 2025 ftpGrid

ftpGrid ApS
Branebjerg 24
DK-5471
Gamby
Denmark

Policy pages

Privacy policy | GDPR | Cookies Terms of service

Use cases:

Getting started with FTP/SFTP in 5 minutes Managed FTP/SFTP hosting Video surveillance cloud storage Backup storage and backend Secure file transfer for business — EU hosted Simple FTP Cloud Storage

Tutorials

Choosing the Right File Transfer Protocol Managed SFTP Server: Secure File Transfers for Small Business SFTP API Risk Assessment with ftpGrid Prioritizing Security: Our Shift to SFTP by Default Reolink Cloud Alternative: Avoiding Common Pitfalls
Read all tutorials

|

Quick Tips & Tricks section

Looking for an all-in-one time tracking, timesheet, and invoicing solution - visit our Devanux sister company Nureti at https://nureti.com.

Preview Devanux’s upcoming project Pictoguide – a visual support tool designed to bring structure and clarity to people with ASD.