💼 [Transfer.2] Transfer Family servers should not use FTP protocol for endpoint connection

• ID: /frameworks/aws-fsbp-v1.0.0/transfer-family/02

Description

FTP (File Transfer Protocol) establishes the endpoint connection through unencrypted channels, leaving data sent over these channels vulnerable to interception. Using SFTP (SSH File Transfer Protocol), FTPS (File Transfer Protocol Secure), or AS2 (Applicability Statement 2) offers an extra layer of security by encrypting your data in transit and can be used to help prevent potential attackers from using person-in-the-middle or similar attacks to eavesdrop on or manipulate network traffic.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/transfer-controls.html#transfer-2
• Internal
  • ID: dec-c-4ab68f65

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 CM-7 Least Functionality	9		23		no data
💼 NIST SP 800-53 Revision 5 → 💼 IA-5 Authenticator Management	18		16		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-8 Transmission Confidentiality and Integrity	5	8	16		no data
💼 PCI DSS v4.0.1 → 💼 4.2.1 Strong cryptography and security protocols are implemented to safeguard PAN during transmission over open, public networks.	2		22		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance