While most companies have a good understanding of where Managed File Transfer products are deployed, only few companies have any idea which of their servers have FTP enabled, where they are located and what data they make available to users inside and outside of the company. The first step in getting control over FTP usage is to locate and evaluate the servers in your network that are running FTP.
It has become common practice among end users to enable FTP on their desktops and department servers to share data with their coworkers. Freeware or shareware FTP servers can easily be downloaded from the internet if FTP is not already installed on the system. Most users have no idea of the security exposure they create when FTP is enabled without the knowledge, consent or implmentation assistance from corporate IT.
Best practices for configuring and securing FTP are hardly ever followed, creating gaping holes in corporate security that will not be addressed unless IT staff happens to stumble across such a system. This is an ongoing problem, as many enterprises find new FTP-enabled servers appearing in their network every week.
The very purpose of enabling FTP on a server is to serve all data it can access on a silver platter to anyone that connects to it. Many FTP variants by default allow full access to anyone (a feature called Anonymous FTP) regardless of who the user is or where the user is accessing the server from.
Sentry Discovery™ detects security risks caused by servers you didn’t know were running FTP by scanning your corporate network and identifying every server that has FTP active.
As this is a recurring problem, Sentry Discovery™ can be set up to run at regular intervals and email the scan results to you. New servers running FTP will be brought to your attention with no effort on your part. This allows you to evaluate them in seconds and decide whether to disable or secure FTP appropriately, depending upon the needs of the business.