Skip to main content

Remote Server Security

We take security seriously and so the connections between Files.com and a remote server always attempt to use the strongest encryption and security methods.

Connections made to remote servers are limited by the capabilities and security options of those remote servers. When multiple options are available, we always attempt, and recommend the use of, the most secure option available.

Network Security

All network communication between Files.com and a remote server is transmitted over an encrypted connection by default. However, there are differences in encryption methods and connection methods between different types of remote servers.

Cloud Storage

All network communication between Files.com and a cloud storage remote server is transmitted over an encrypted HTTPS connection to the cloud storage vendor's APIs. Transport Layer Security (TLS) version 1.2 is used to encrypt network communication. Files.com will always attempt to use the strongest encryption cipher suite available on the remote server. The default network port used for TLS is port 443 but some cloud storage vendors allow TLS to be configured to use a different port number.

Content Collaboration (CCP) / Enterprise File Sync & Share (EFSS)

All network communication between Files.com and a Content Collaboration (CCP) or an Enterprise File Sync & Share (EFSS) remote server is transmitted over an encrypted HTTPS connection to the vendor's APIs. Transport Layer Security (TLS) version 1.2 is used to encrypt network communication. Files.com will always attempt to use the strongest encryption cipher suite available on the remote server. The default network port used for TLS is port 443 but some CCP and EFSS vendors allow TLS to be configured to use a different port number.

Protocol-based File Transfer System

Managed File Transfer (MFT) systems, and other file transfer servers, provide various file transfer protocol services, such as SFTP, FTP, Implicit FTPS, Explicit FTPS, AS2, and WebDAV. Each of these uses different transport encryption methods and can be configured with various security options. Files.com always recommends using the most secure option but sometimes legacy systems do not have the capability to use the most modern and secure options.

Network communication between Files.com and a protocol-based file transfer remote server varies by protocol.

SFTP

All network communication between Files.com and a SFTP remote server is transmitted over an encrypted SSH based connection to the SFTP server. SSH is used to encrypt network communication. Files.com will always attempt to use the strongest SSH encryption cipher suite and key exchange algorithm available on the remote server. The default network port used for SFTP is port 22 but some SFTP servers also allow SFTP to be configured to use a different port number.

AS2

All network communication between Files.com and another AS2 server is transmitted over an encrypted HTTPS connection. Transport Layer Security (TLS) version 1.2 is used to encrypt network communication. Files.com will always attempt to use the strongest encryption cipher suite available on the remote AS2 server. The default network port used for AS2 is port 443 but some AS2 vendors allow AS2 to be configured to use a different port number.

FTPS (Explicit)

All network communication between Files.com and a FTPS (Explicit) remote server is transmitted over an encrypted HTTPS connection. Transport Layer Security (TLS) version 1.2 is used to encrypt network communication. Files.com will always attempt to use the strongest encryption cipher suite available on the remote FTPS server. The default network port used for FTPS (Explicit) is port 21 but some FTPS servers allow FTPS to be configured to use a different port number.

FTPS (Implicit)

Not all network communication between Files.com and a FTPS (Implicit) remote server is transmitted over an encrypted HTTPS connection. Implicit FTPS does not use encryption during the negotiation of the connection. Encryption is only applied after the connection has been negotiated with the FTPS server. Implicit FTPS is considered a deprecated version of FTPS but is still in use by legacy systems that are unable to use more modern methods. After connection negotiation, Transport Layer Security (TLS) version 1.2 is used to encrypt network communication. Files.com will always attempt to use the strongest encryption cipher suite available on the remote FTPS server. The default network port used for FTPS (Implicit) is port 990 but some FTPS servers allow FTPS to be configured to use a different port number.

FTP

FTP, also referred to as "plain FTP", does not provide any network security. Communication between Files.com and a FTP remote server is transmitted "in the clear" meaning that anyone can read the transmitted data. Plain FTP should never be used unless files are encrypted, such as by using GPG or PGP, prior to transmission. However, some legacy systems only support plain FTP and you should consider using a plain FTP connection only for non-sensitive data. The default network port used for plain FTP is port 21 but some FTP servers allow FTP to be configured to use a different port number.

WebDAV

WebDAV supports both secure and insecure connection methods. Secure WebDAV, sometimes referred to as WebDAVS, uses an encrypted HTTPS connection while plain WebDAV uses a non-secure HTTP connection.

Communication between Files.com and a plain WebDAV remote server is transmitted "in the clear" meaning that anyone can read the transmitted data. Plain WebDAV should never be used unless files are encrypted, such as by using GPG or PGP, prior to transmission. The default network port used for plain WebDAV is port 80.

All network communication between Files.com a secure WebDAV remote server is transmitted over an encrypted HTTPS connection. Transport Layer Security (TLS) version 1.2 is used to encrypt network communication. Files.com will always attempt to use the strongest encryption cipher suite available on the remote WebDAV server. The default network port used for secure WebDAV is port 443.

Self-Signed SSL Certificates

For protocols that use TLS, the remote server should be using a valid, trusted, and chained SSL Certificate in order to verify its authenticity to you. Files.com provides an option for you to connect to an FTPS site that is using a self-signed SSL Certificate instead. Self-signed certificates provide no confirmation of authenticity or identity and are inherently untrusted as they are not countersigned by a trusted Certificate Authority. You should only consider connecting to a site that uses a self-signed certificate if you completely trust the owner of the site. Otherwise, connections that use a self-signed SSL certificate should not be considered secure.

Authentication Security

Authentication information for remote servers, such as user names, passwords, keys, and tokens, are encrypted while stored within the Files.com platform.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.