The Best Secure File Transfer Software

You probably realize that moving corporate data across the internet in plain text is a vulnerability. Thanks to data protection legislation and industry standards, you also need to be careful about transferring Personally Identifiable Information (PII) about your customers, employees, and associates.

Insider threats and Advanced Persistent Threats (APTs) mean that you can’t even be lax about security for file transfers on your own private network. PII needs to be shielded from unintentional disclosure and keeping internal file transfers secure ensures that technicians can’t view data in transit.

Overall, you need to keep data security tight all over your IT system and file transfer mechanisms are part of that environment.

Here is our list of the best file transfer software packages:

1. JSCAPE MFT EDITOR’S CHOICE This on-premises package implements SFTP, FTPS, SCP, and HTTPS for secure transfers with HIPAA, PCI DSS, SOX, and GDPR compliance. The software is available for Windows, Linux, Unix, z/OS, and macOS. Request a demo.
2. SolarWinds Serv-U Managed File Transfer Server (FREE TRIAL) This file transfer software is a server and has a free companion FTP client available, offering a full file transfer suite. It runs on Windows Server and Linux. Get a 14-day free trial.
3. Files.com (FREE TRIAL) A cloud-based file management platform that facilitates file sharing, transfers, and storage.
4. ExaVault (FREE TRIAL) Use FTPS and SFTP for file movements with this server or use the cloud service to mail out access links to files without moving them.
5. Citrix ShareFile This cloud platform manages secure file transfers and can be used for process automation.
6. Sharetru A file server system that supports secure file management actions, including file transfers. This is a cloud service.
7. ActiveBatch This is a process automation system that includes secure file transfer utilities. Installs on Windows, a VM, or a private cloud.
8. Accellion Kiteworks This is a suite of modules for content protection that offers a secure file transfer system. It is implemented as a cloud platform.

What qualifies as secure file transfer software?

A secure file transfer software package needs to incorporate host authentication and transmission encryption. Typically, File transfer systems offer FTPS (File Transfer Protocol/Secure), which is protected by Transport Layer Security (TLS), and SFTP (Secure File Transfer Protocol), which is protected by the Secure Shell (SSH).

Security isn’t just about encryption; it is also about accountability. File transfer software needs to include action logging in order to be fully compliant with HIPAA, PCI DSS, GDPR, and other data protection standards. The audit value of file transfer logging is only achieved by making each action attributable. That requirement can’t be implemented within your file transfer software without user identification.

The log records of your secure file transfer software should identify each file transfer event with the user account of the transferrer, the source and destination address, termination status, and a timestamp. Many log analyzers and SIEM tools rely on feeds from file transfer software logs for security scanning.

The Best Secure File Transfer Software

The issue of security isn’t specifically an indication of the best secure file transfer software, it is a candidate requirement to just be any file transfer software package that can be regarded as secure. To narrow down the field to a list of the best secure file transfer software packages we applied more scrutiny.

Although secure file transfer software is an essential buy, it won’t be your main software purchase, so getting a good deal on your file transfer software is important. However, you can’t afford to use a cheap package that won’t provide sufficient security.

1. JSCAPE MFT (FREE DEMO)

JSCAPE MFT is a corporate file transfer system that includes both a server and a client. The package can manage automated file transfer mechanisms, such as synching and script-driven transfers. The service will log all file movements and can be set up to only allow certain employees to move specific files.

Key Features:

• Versatile Hosting: Operates as a self-hosted solution, offering greater control over data security.
• Web Access: Features a web-based client for accessing and managing files from anywhere.
• Comprehensive Protocols: Supports a wide range of file transfer protocols, including SFTP, SCP, and FTPS.
• Integrated Viewing: Includes a document viewer within the client for immediate file review.
• EDI Support: Facilitates EDI transactions with AS2 and OFTP2 protocols for streamlined business processes.

Why do we recommend it?

JSCAPE MFT provides a choice of secure file transfer systems and also has Web-based transfer capabilities with HTTP, HTTPS, and WebDav. The package can be set up as a file server in a Web page and can also receive uploaded files into a DMZ folder. The system enables file transfers to be embedded in automation scripts.

As well as operating all of the major secure file transfer systems, JSCAPE offers a few non-secure protocols, which are recommended for use only on a secure private network. One of these is the TFTP system, which is frequently used to move network device configuration images to and from storage. Another option is the Accelerated File Transfer Protocol. This isn’t secure but it can be used to move large files very quickly with the organization.

One scenario that the JSCAPE could be useful for is the movement of large files within the business to a server from where they can be sent out to a remote recipient over a secure connection. The service can also manage file attachments on Outlook emails.

While there are many secure file transfer protocol software packages available for Windows, macOS, and Linux, users of other operating systems will struggle to find a suitable service. JSCAPE MFT is available for Solaris and AIX. The owners of IBM z Series mainframes will be pleased to learn that the JSCAPE package can be installed on z/OS.

JSCAPE MFT provides two protocols for EDI transfers. These are AS2 and OFTP2. It is possible to create a special folder for EDI transmissions and then set up a trigger so that any file placed in that location gets automatically transferred to a pre-set destination. Files can then be moved to archive because it is possible to construct task automation scripts around a file transfer with JSCAPE.

Who is it recommended for?

JSCAPE MFT is suitable for use by large organizations. The facilities offered by the package need a team of technicians to fully exploit. For example, it takes time and expertise to create task automation scripts or identify synching strategies. The package is suitable for businesses that need to follow HIPAA, PCI DSS, SOX, and GDPR requirements.

JSCAPE offers a demo of the MFT system. You can get a 7-day free trial following the demo.

2. SolarWinds Serv-U Managed File Transfer Server (FREE TRIAL)

Serv-U Managed File Transfer Service is one of two secure FTP server options offered by this file server creator. The other is Serv-U File Transfer Server. Of these two services, the Managed Transfer Server package is a more comprehensive security system and offers multiple secure file transfer protocols, whereas the FTP server system offers only one.

Key Features:

• Cross-Platform Compatibility: Runs on both Windows Server and Linux, offering flexibility in deployment.
• Secure Protocols: Features support for SFTP, FTPS, and HTTPS to ensure data is securely transferred.
• Detailed Logging: Keeps an extensive log of all file transfer activities for audit and compliance purposes.
• Automation Ready: Includes capabilities for workflow automation, enhancing operational efficiency.
• Customizable Security: Allows for specific encryption cipher selection per transfer, tailoring security to needs.

Why do we recommend it?

SolarWinds Serv-U Managed File Transfer Server is a package that implements secure file transfers and can be integrated into scripts for process automation. You can automatically trigger batch processing that transfers data, transfers, it, and then performs other automated tasks on the remote device. Run this software on Windows Server.

The Serv-U Managed File Transfer Server system is a software package for installation on your servers. There is also a free secure FTP client available that works well with this server, this is called FTP Voyager and is highly recommended by many Web hosting services.

The Serv-U system offers FTPS and SFTP as secure file transfer protocols and it is also possible to use HTTPS for transfer protection. The package includes administrator and user interface templates. The administrator can set up individual user accounts for file access. This is important because Serv-U logs every action that occurs on files and records the user involved. Both the administrator console and the user dashboard are browser-based and both are also available through a mobile app.

The file transfer security and activity logging are important features of the Serv-U system because they make the file transfer software suitable for use by businesses that need to comply with data protection standards, such as GDPR, PCI DSS, SOX, and HIPAA.

The file transfer features of Serv-U include the ability to work with either IPv4 or IPv6 addresses or both. It can track file transfers from and to external systems and is suitable for managing the transfers of large files. File transfers can be integrated into automated processes.

Who is it recommended for?

This package is an interesting option for businesses that need to combine secure file transfers with some form of data processing. Tasks like three include data verification before a transfer and file deletion and replacement on the remote device.

This file transfer software installs on Windows Server and Linux. It is offered on a 14-day free trial.

SolarWinds Serv-U Start 14-day FREE Trial

3. Files.com (FREE TRIAL)

Files.com offers a range of services that derive from a combination of a secure file transfer utility and cloud storage space. The system works as an FTP server – offering a choice of secure protocols, including SFTP, FTPS, and FTPeS. The system can work with a long list of FTP clients, including FileZilla, FTP Voyager, WinSCP, and Cyberduck.

Key Features:

• Cloud Storage Platform: Combines secure file transfer and storage capabilities in a cloud environment.
• Versatile Protocols: Supports a range of secure transfer protocols, including SFTP, FTPS, and FTPeS.
• Link-Based Sharing: Enables file sharing through URL invitations, simplifying distribution.

Why do we recommend it?

Files.com is a cloud platform for file storage. The system cuts down the effort involved in transferring files. This is helpful when sending large files or sending many copies of the same file. Instead of transferring the file all the way, the user uploads it to Files.com and emails a link.

This service enables you to store files securely on the 1,000 GB of storage space that is included with each account. That file storage space is secured with encryption and can only be accessed through user account credentials. Files.com allows the administrator to add 2FA requirements onto access controls.

All of the system is resident in the cloud. That includes the console system, which is accessed by the administrator and users through a Web browser or mobile device. The file transfer software is also hosted in the cloud.

Service configurations possible with Files.com include team collaboration, enabling file sharing. It can interface with a range of cloud platforms, including Amazon S3 and Azure to centralize file storage. This can be used as a store and forward service to reduce the number of transfers that need to be conducted from a site. Users upload one copy of a file to Files.com and then send copies to many recipients.

The service can also be used to secure email attachments. Files.com will intercept emails with attachments, upload the attachment over a secure connection to its server, insert a link for secure access to the file into the email and then send the email on.

Files.com logs all file activities and it is suitable for data protection standards compliance. Files.com will issue a signed Business Associate Agreement (BAA) for customers that are implementing HIPAA or PCI DSS.

Who is it recommended for?

This is a corporate solution that can be used for team collaboration and file sharing. The service is secure, so it is good for compliance with data protection standards. Any company would benefit from this system but multi-site businesses and companies with remorse workers would be particularly drawn to it.

The Files.com system can be integrated with cloud storage services, productivity suites, and collaboration systems.  It is available for a 7-day free trial.

Files.com Start 7-day FREE Trial

4. ExaVault (FREE TRIAL)

ExaVault is a cloud platform that offers a range of solutions to secure file sharing and distribution. The package includes a file server, which you can use to deliver files on demand through SFTP or FTPS and also receive files.

Key Features:

• Cloud-Based File Storage: Provides a secure, cloud-based drive for file storage and sharing.
• Comprehensive Access Controls: Allows detailed management of who can view and edit files.
• Secure Transfer Protocols: Supports SFTP and FTPS for secure file uploads and downloads.

Why do we recommend it?

ExaVault is a similar system to Files.com. It offers cloud drive accounts to a company’s users. That storage space can be used for files to be distributed so that an access link gets mailed to recipients instead of the file itself. Controls over who sees that file can be enforced.

Incoming files can be sent as part of automated workflows and the service allows the creation of user accounts, so individuals can securely upload files to their own cloud storage space on the ExaVault system.

The plans available with ExaVault offer enough space that you can use this service as your primary file system. That allows employees, no matter where they are located to save their files there. They can allow access to others, setting a permission level and even specifying an end date for the access. Link sharing can also be used to allow outsiders access to files, which reduces the need to transfer files and that increases security.

Who is it recommended for?

This is a good option for any business and it has the same target audience as Files.com and Citrix ShareFile. Any company that s looking for a secure file sharing system should certainly examine and compare these three systems before making a purchase.

ExaVault is available in four plan levels that offer storage space from 1 TB to 10 TB. The service provides access to a user group that can range in size from 10 users to a plan that has no limit on the number of accounts that can be created. You can get to know ExaVault by accessing a 30-day free trial.

ExaVault.com Start 30-day FREE Trial

5. Citrix ShareFile

Citrix ShareFile is a cloud-based platform that hosts secure file transfer software that providers a Managed File Transfer Service (MFT). All plans include unlimited storage space on the Citrix cloud server, which enables you to give your user community common file folders, secure, store, and forward for file distribution, and collaboration features.

Key Features:

• Customized FTPS Implementation: Offers a tailored approach to secure file transfers with large file support.
• Large File Handling: Capable of transferring files up to 100GB, catering to businesses with extensive file distribution needs.
• Security Features: Includes file copy watermarking for added security and tracking.

Why do we recommend it?

Citrix ShareFile is a cloud-based file drive system that can be used in the same way as ExaVault and Files.com to store files and email invite links to recipients. This service is able to manage the upload and sharing of files of up to 100 GB in size.

ShareFile’s FTP server uses its own version of FTPS. It can manage the transfer of files of up to 100 GB in size. This is a subscription service that is offered in four plans; high plans include more features, such as integration with Office 365, Outlook, and Gmail. Both the administrator console and the user interface are browser-based. Security features in the Office 365 integration include automatic versioning with changes stored for rollback. The system can also be used for syncing, making local copies available on many devices.

When used in conjunction with an email system, the ShareFile service uploads, and stores any attachments, inserting a link for secure access and sending the email to its recipient. This is the same mechanism used for file distribution. Senders can choose whether to allow read-only access or the ability to download the file. The higher plans include a watermarking system and each copy can be given a serial number for disclosure tracking.

Who is it recommended for?

The unique selling point for this tool is that is can handle large files. The upload process doesn’t require a special interface because it is implemented on a Web page in any standard Web browser. The system is designed to be easy to use and fuss free.

Process automation features include feedback and approvals workflows as well as process scheduling. The system also includes an eSignature facility. Citrix ShareFile is available for a 30-day free trial.

6. Sharetru

Sharetru is a hosted secure file transfer software system that is suitable for businesses operating to HIPAA, PCI DSS, or GDPR guidelines. The service combines transmission encryption and activity logging to implement strong security. This system can be white-labeled, which makes it attractive for use by Managed Service Providers (MSPs).

Key Features:

• Private Cloud Environment: Hosts files in a dedicated virtual space with top-notch security.
• Robust Encryption: Utilizes 2048-bit RSA and 128-bit AES encryption for secure file transfers and storage.
• Comprehensive Protocols: Supports multiple secure file transfer protocols including SFTP, FTPS, FTPeS, and SCP.

Why do we recommend it?

Sharetru is a mediated file transfer system that offers heightened security measures that include an intrusion detection system. You upload files securely to a protected file space in the cloud and then send out copies via secure file transfer protocols from there. The tool provides activity logging for compliance reporting and insider threat analysis.

The file transfers performed by Sharetru are protected by 2048-bit RSA encryption and can be implemented with SFTP, FTPS, FTPeS, and SCP. The file space on the Sharetru server is protected by 128-bit AES encryption. All activities are recorded and attributed to individual user accounts. The Sharetru data centers are SSAE18 SOC2 audited and all processes are ISO 27001 certified.

The FTP Today service offers each customer a virtual private cloud. Although each client gets completely independent space on the Sharetru server, there are system-wide processes operating security software for the entire Sharetru server. These include firewalls, separated operating systems, and an Intrusion Detection System (IDS) that protects data from disclosure or theft.

Security measures available in the administrator dashboard allow businesses to tighten security further. These include automatic blocks on access to files if an authorized user goes out of the country. This is called geofencing and it restricts access to files to a user’s located in a specified place. It is also possible to restrict access to specific devices. That permission can be easily revoked and it is also possible to block access from specified domains or IP addresses.

Sharetru will provide a signed BAA to customers operating HIPAA or PCI DSS standards that subscribe to the Premium edition. User account validation processes available in the Premium plan include 2FA and the ability to tie Sharetru accounts into the corporate Single Sign-On environment.

Who is it recommended for?

This package is very strong on compliance. Businesses that need to follow HIPAA and PCI DSS can get a BAA as well as benefiting from activity logging and transfer encryption. The tool is also good for GDPR and it will check the accessor’s location before allowing access to a file.

You can get a demo of the Sharetru system and there is also a 14-day free trial available.

7. ActiveBatch

ActiveBatch is a job scheduling and workflow automation system that includes a secure file transfer system. The secure file transfer software in the ActiveBatch package is available for installation on Windows, as a virtual appliance, or for a private cloud installation. Access to the system is through any standard browser. File transfers can be integrated into workflows to create extensive task automation.

Key Features:

• Workflow Automation: Facilitates complex task automation including secure file transfers within workflows.
• Secure Protocols: Incorporates SFTP and FTPS for protected file movements.
• Resilience Features: Offers capabilities for pausing, resuming, and recovering transfers, ensuring reliability.

Why do we recommend it?

ActiveBatch provides workflow automation and those process flows can include secure file transfer stages. This is more complicated than the Serv-U system, although its methodologies are the same. This tool lets you create a batch job through a visual editor and include instructions on what data is passed between stages.

The process automation feature in ActiveBatch creates reusable modules. So, you can set up a secure file transfer process and schedule it for periodic execution, performing admin tasks, such as transferring files to an archive. Once you have created a module, you can call it from other workflows.

The secure protocols offered by ActiveBatch are SFTP and FTPS. The tool tracks all file transfer activities, which makes this a suitable file manager for companies that implement SOX, HIPAA, PCI DSS, or GDPR.

The ActiveBatch system can be used for a range of purposes, such as file sharing, file distribution, backup, and syncing. The user interface for the service includes an easy-to-use workflow assembly screen that includes drag-and-drop actions to assemble actions and functions into a batch. The system also includes a scheduler with a range of possible triggers, including the system clock, to launch workflows unattended. Modules that can be included in a workflow include integrations that give access to the services of ERPs, databases, and email systems.

The file transfer system can interface with other cloud platforms, such as Azure and AWS. File transfer facilities include recovering a transfer from a dropped connection, pause, and resume, parallel transfers, and simultaneous copying to distribute a file to many destinations.

Who is it recommended for?

This package is concerned with data processing rather than secure file transfers, although file movements across devices are often required in workflows, so the file transfers are available as a tool to be plugged into a batch job. You would use this tool to create your own ERP from incompatible software packages.

You can access a demo system to assess ActiveBatch.

8. Accellion Kiteworks

Accellion Kiteworks is a “content firewall.” This cloud platform offers a range of data protection services, which includes a secure file transfer system. As a hosted system, this file transfer software is offered as a subscription service and includes the processing power and storage space needed to support the package.

Key Features:

• Cloud-Based Storage: Offers secure cloud storage for files with robust data protection measures in place.
• Secure File Sharing: Facilitates safe distribution of files with comprehensive sharing controls.
• Managed File Transfer: Includes a sophisticated managed file transfer (MFT) system that supports automated and scheduled transfers.

Why do we recommend it?

Accellion Kiteworks provides a secure managed file transfer (MFT) system. This can be integrated into scripts and run transfers on a schedule or on a trigger. The platform is notable for its ability to manage a large volume of file transfers and it implements end-to-end encryption for security.

All files are protected by 256-bit AES encryption, both during transmission and on the Accellion server in the account storage space. File storage is an optional feature – customers can choose to base the file protection service on a different cloud platform’s storage space.

Kiteworks can be integrated with Office 365 and Outlook to manage email attachments and provide a secure collaboration suite. The owner of a file gets notified if others make changes to it. Each version of a file that gets distributed is stamped with a serial number. That makes disclosure investigation a lot easier to perform. Actions on files also get logged and are listed in the Kiteworks administrator dashboard.

As well as being offered as a cloud service, Kiteworks can be taken as a software package for installation onsite or on a private cloud. The system is suitable for businesses that are following HIPAA or PCI DSS. Accellion Kiteworks has ISO 27001 certification and is validated to FIPS 140-2 Level 1.

Who is it recommended for?

The type of company that would particularly benefit from the important features of the Accellion MFT system is one that needs to transfer a large number of files regularly, while not necessarily needing the ability to move large files. Examples of such businesses could be payroll services or payment platforms.

Kiteworks is charged for by subscription service at a rate per user per month. You can get a demo to assess the system.