SFTP
Definition
Secure File Transfer Protocol - encrypted version of FTP for secure file transfers. Like FTP but with all packages sent in locked boxes.
Use Cases
- Amazon Web Services (AWS): Provide SFTP access for partners to exchange files while storing data in object storage — AWS Transfer Family exposes an SFTP endpoint and maps users/roles to Amazon S3 buckets (or EFS). Authentication can be handled with service-managed users, SSH keys, or an external identity provider. Data is encrypted in transit via SSH and can be encrypted at rest in S3 with SSE-KMS. (Reduces operational overhead compared to running and patching SFTP servers on VMs, while improving auditability and access control through IAM and centralized logging.)
- Microsoft: Enable secure file transfers into cloud storage for integrations and legacy workflows — Azure Blob Storage can be configured with SFTP support so external systems can upload/download files using standard SFTP clients. Access is controlled using local users and permissions scoped to containers/directories, with encryption in transit and at rest. (Simplifies partner and application integrations by allowing SFTP-based workflows without maintaining separate SFTP VM infrastructure, while keeping data directly in Blob Storage for downstream processing.)
Provider Equivalents
- AWS: AWS Transfer Family (SFTP)
- Azure: SFTP support for Azure Blob Storage (via Azure Storage SFTP)
- OCI: OCI Cloud Guard? (not applicable) / OCI does not provide a first-party managed SFTP service; typically implemented on OCI Compute or via partners
Frequently Asked Questions
- What's the difference between SFTP and FTPS?
- SFTP runs over SSH (typically port 22) and is a different protocol than FTP. FTPS is FTP with TLS added. Both encrypt data in transit, but SFTP usually works better through firewalls because it uses a single connection, while FTPS often requires multiple ports and can be harder to configure in some networks.
- When should I use SFTP?
- Use SFTP when you need secure, encrypted file transfers and you must support tools or partners that already use SFTP (common in B2B data exchange, finance, healthcare, and batch integrations). It’s also useful when you need simple user-based access with SSH keys and you’re transferring files rather than calling APIs.
- How much does SFTP cost?
- SFTP itself is a protocol and is free to use, but running it has costs. If you self-host, costs include VM/instance time, storage, backups, monitoring, and admin effort. If you use a managed service (for example, AWS Transfer Family or Azure Blob Storage SFTP), pricing typically depends on endpoint/server hours (or feature enablement), data transfer (ingress/egress), and the underlying storage used (S3/Blob) plus any logging, key management, or identity integration charges.
Category: security
Difficulty: intermediate
Related Terms
See Also