File Transfer Guidelines
Transferring data (files) to and from servers in the Server Farm opens the possibility of a security issue for both the data and the systems. The Systems Administration group supports the use of encrypted protocols during file transfer. Using an encrypted protocol reduces the chance of a security issue.
This article applies to: Managed Servers
Several protocols are recommended. See the chart on the Choose a File Transfer Protocol page for information about which protocols are recommended for specific client/server combinations.
Keep the following points in mind when choosing from the recommended file transfer protocols.
- In some cases the protocol you choose is dictated by the requirements of an external client, for example, a government agency. Be sure you know the requirements of the client and server for your transfer.
- FTP over SSL for file transfer to/from Unix servers should ONLY be used because it is required by an external client. Most file transfers can be completed using SFTP/SCP.
- Unattended server to server file transfers require SCP.
- Microsoft File Sharing (SMB/CIFS) is "deprecated" because the data is not encrypted over the network. For servers that store confidential data, Microsoft File Sharing (SMB/CIFS) is not allowed. See Policy 5.10, Information Security for details about which data is considered confidential. If you are unsure which protocol to use, send e-mail to systems-support@cornell.edu. The Systems Support group will work with you to find a secure solution.
Note: If you are performing a file transfer using a system not listed above, send e-mail to systems-support@cornell.edu. The Systems Support group will work with you to find a secure solution.
Comments?