What is SFTP? How does it work? Is using SFTP safe?
In our conversations across a variety of industries, these are common questions the team here at AccessPay get asked.
Today, we’re here to help break it down.
To start with, we can all agree on one thing – that it’s vital for organisations to secure the data they send in payment files.
It allows them to process and handle payments safely without the risk of fraud or human error, thereby keeping cash running smoothly across the business.
SFTP is a tool that’s become popular for exactly this purpose.
The Basics of SFTP
SFTP stands for ‘Secure File Transfer Protocol’. Not hard to see why they made an acronym.
Let’s flesh this out a bit, to get a basic understanding of what we’re talking about.
According to Technopedia, SFTP is a “secure version of file transfer protocol which facilitates data access and data transfer over a secure shell data stream”.
We’re not all versed in the latest file-related jargon, so let’s translate.
In simple terms, it’s a tool used to transfer files containing data between organisations.
Commonly used by large organisations for tasks like payroll and pension scheme enrolment, it’s suitable for uploading large files of payment data in standard generated formats such as CSV, XML of Fixed Width.
How Safe is SFTP?
In order to shed some light here on how safe SFTP is, we need to look at the mechanics of SFTP and how it all works. We’re gonna have to get a little more technical again, so bear with us.
SFTP is the next generation of the File Transfer Protocol (FTP).
This is the standard network protocol that’s used for the transfer of files between a client device and a server across a computer network. It’s constructed on a client-server model architecture, which uses separate control and data connections between said client device and server.
There’s one key feature that makes SFTP a step up from FTP when it comes to offering security for file transfers.
SFTP uses the ‘Secure Shell,’ which experts explain is “a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network”.
Also, the SFTP system applies encryption tech to commands and data.
So What are the Benefits For My Business?
SFTP is now a key tool for processing payments.
This is because it offers various benefits, including…
Enabling Remote Working
SFTP provides a measure of greater flexibility in the way you and your staff work.
Take AccessPay as an example. Hey. With us, your users can upload files remotely to our platform via SFTP.
This could put your organisation at a major advantage in the competitive jobs market going forward.
Flexible working used to be considered something of a nice-to-have, but that all changed in 2020.
In fact, as many as 47% of UK workers would consider leaving a role where flexible working wasn’t an option.
We can’t promise the youth are all about the SFTP craze, but the upcoming arrival of Generation Z is worth considering, too. Two-thirds are seeking permanent home-working.
Offering employees the chance to work from any location via SFTP could help you attract the best talent.
SFTP works on a wide range of platforms. This means that you can easily integrate this security tech with your legacy systems without facing significant upgrade costs.
As it turns out, integrating with back-office systems for the sake of banking automation is kind of our bread and butter here at AccessPay.
Making Secure Payments
These benefits – and many more – have made SFTP an invaluable tool for organisations that batch payments for processing and routing.
This is because it allows the sensitive information contained in said files (such as supplier sort codes and account numbers, for example) to be transferred securely between servers.
It’s especially popular for payroll. Due to the predictable nature of payroll, teams often use batch files to make sure staff get paid on time every month.
This task involves sending large files which contain a lot of sensitive info (e.g. employee National Insurance Numbers) that needs to be handled very securely.
SFTP makes sure this info stays out of the hands of cyber-criminals.
If your payroll files are breached, there could be financial and reputational consequences for your organisation.
Supermarket Morrison’s hit the headlines, for example, when it emerged they faced compensation claims running into the millions of pounds following a Payroll data breach in 2014.
There’s your obligations under the EU’s General Data Protection Regulation (GDPR) to contend with too.
GDPR requires your organisation to protect any personal data with care. If you don’t, you could face fines equalling either 4% of global revenue or €20 million – whichever is higher – so SFTP can be valuable from a compliance perspective.
If you’re looking to float on the stock exchange, then you won’t want to miss it in your SOX compliance audits.
We offer masking capability in the AccessPay user interface as well, meaning you can have the employee names in your payroll run hidden for added security.
AccessPay’s SFTP Solution
If you want to take advantage of the benefits of SFTP, you need to find partners who have the expertise needed to help you leverage it responsibly.
This is especially true given the recent guidelines issued by NCSC, who are, in light of recent political events, advocating enhanced cybersecurity standards.
This is where AccessPay can help.
We offer a solution that’s about so much more than simply making Bacs payments, allowing you to handle payment files via SFTP in a way which promotes maximum security.
Through our solution, you can either manually or automatically upload your files through SFTP from your back-office systems to a folder hosted and encrypted by us.
A file watcher service polls this folder continuously and when it finds something new, it’s pulled into UPP (our Unified Payments Platform) and your approver will receive an email notification telling them to log in and complete the submission.
Teamed with security tools like data masking and PGP encryption, this allows you to use SFTP to handle payments safely.
Fancy a closer look at how it all works in practice? We’d be happy to chat. Book a demo here today.