Skip to main content

Cornell University

File Transfer Guidelines

Transferring data (files) to and from servers in the Server Farm opens the possibility of a security issue for both the data and the systems. The Systems Administration group supports the use of encrypted protocols during file transfer. Using an encrypted protocol reduces the chance of a security issue.

This article applies to: Managed Servers

Several protocols are recommended. See the chart on the Choose a File Transfer Protocol page for information about which protocols are recommended for specific client/server combinations.

Keep the following points in mind when choosing from the recommended file transfer protocols.

  • In some cases the protocol you choose is dictated by the requirements of an external client, for example, a government agency. Be sure you know the requirements of the client and server for your transfer.
  • FTP over SSL for file transfer to/from Unix servers should ONLY be used because it is required by an external client. Most file transfers can be completed using SFTP/SCP.
  • Unattended server to server file transfers require SCP.
  • Microsoft File Sharing (SMB/CIFS) is “deprecated” because the data is not encrypted over the network. For servers that store confidential data, Microsoft File Sharing (SMB/CIFS) is not allowed. See Policy 5.10, Information Security for details about which data is considered confidential. If you are unsure which protocol to use, send e-mail to The Systems Support group will work with you to find a secure solution.

Note: If you are performing a file transfer using a system not listed above, send e-mail to The Systems Support group will work with you to find a secure solution.


To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.