Best Secure File Transfer Solutions
Why strong file encryption is a prerequisite for secure file transfer
For creative industries, data breaches of intellectual property (IP) are a constant threat. You don’t have to be a big-time studio executive to understand the risks of sensitive creative information being exposed—although given the scale of the infamous Sony Pictures hack, perhaps it helps. The Sony hack is a few years old now but there are recent examples, like that of Cyberpunk 2077 (ironically, a game where hacking is core to gameplay), that are foreboding case studies in data protection.
The very words “data breach” in 2021 send chills up the spine of any IT professional or company leader. IBM says the average cost of a data breach was nearly US$4M in 2020. The pandemic and advent of large-scale (and often badly secured) remote work didn’t help in this regard—according to Computer Weekly, more data was stolen in January of 2021 than in all of 2017. These are calculated attacks but more often than not, it’s due to a lack of understanding on how to securely send files.
For creatives tasked with transferring and storing large video or other files containing irreplaceable original content for clients or partners, such a breach isn’t just about monetary loss—it’s also about long-term damage to trust and credibility.
Why care about encryption when sending large files?
Here’s the thing: Just the simple act of sending files to your clients or colleagues can create opportunities for bad actors to steal your IP. It doesn’t matter if you’re sending massive 6K RAW files for post production, finished MP4 files, large high-resolution audio files, or even large datasets and code for video game and other software development. If you’re sending big, valuable files, you need to do it the right (and most secure) way—or risk the consequences.
Despite all this, many of us often default to relatively unsafe file-sharing methods such as email attachments or insecure cloud services, instead of using a secure file sharing service. What’s the big deal about that, anyway?
Sending files by email is convenient and easy—practically everyone knows how to send an email and add an attachment—but also pretty risky in most cases. “Email is not designed to be secure,” says IT security expert Susan Hinrichs. “Anyone with access to an intermediate mail server or with the ability to sniff network traffic between our mail servers would see [your attachment].”
While most modern email services now support TLS encryption, there are a few catches. For example, in the case of Gmail, it doesn’t work when sending an email to someone using an email service that doesn’t support TLS (these messages are typically sent via an insecure connection). You can tweak Gmail’s settings to ensure all messages are transmitted securely, but it’s complicated.
End-to-end encryption (E2EE), which ensures that only you (and not even your provider) can read your emails, isn’t available in most consumer-grade email platforms. Some email services, such as ProtonMail, include E2EE but also come with hard file size limits, limiting their usefulness for sending large files.
Amazon acquires E2EE communications platform, Wickr
Personal cloud storage
Personal cloud storage platforms such as Dropbox have suffered major data breaches in the past. It’s worth noting that most of these services offer security measures such as multi-factor authentication (MFA), and many (such as Dropbox) have improved their encryption over the past few years (more on this later). But most of these services still don’t have standard E2EE.
File transfer protocol (FTP) servers
Although FTP has been a go-to file transfer solution for years, it’s not a good choice for secure file sharing. It’s outdated, insecure, and vulnerable to even the most basic attack methods such as brute force attacks. It doesn’t encrypt your files or even your user credentials—but according to a 2019 survey, nearly 80 percent of enterprise respondents still used FTP for transferring files.
Insecure file sharing apps
File sharing apps can be convenient, but also dangerous. The Android SHAREit app, for example, has been touted as an easy way to send large files via mobile devices. The problem? It has “several security flaws” that can expose users to all sorts of nasty outcomes, including data leaks or remote code execution. According to CPO Magazine, security firm Trend Micro went public about the vulnerabilities earlier this year after SHAREit did not respond to their initial warnings.
What exactly is file encryption?
Encryption is vital for safe and secure file transfer. At its most basic, file encryption converts messages or files into unreadable code (encrypted data is known as ciphertext, while unencrypted data is called plaintext) through algorithms that scramble the data. These algorithms can be decrypted using a unique encryption key. Under E2EE, only the sender and receiver can access the cryptographic key, while other types of encryption often render these keys readable by your email, telecom, internet, and cloud storage providers (along with the bad actors who sometimes hack these providers).
Two main types of encryption exist: symmetric (which uses a single key for encryption and decryption) and asymmetric (which uses a public key to encrypt data and a private key for decryption). Among these, various encryption algorithms or ciphers exist including Data Encryption Standard (DES), Triple DES, RSA, Transport Layer Security (TLS), Advanced Encryption Standard (AES), Serpent, Camellia, Kuznyechik, and Twofish.
Modern websites often use TLS encryption (its existence on a website is identifiable by the little padlock in the URL bar of your browser), which is an improved version of legacy “secure socket layer” (SSL) encryption. This is also often called “SSL/TLS encryption”.
Either way, at this point, it almost goes without saying that you can’t expect guaranteed secure file transfer without a strong encryption element.
Some level of encryption is now standard among pretty much every popular file sharing or cloud storage platform in 2021—but what are the specifics? We’ll outline a few of the most common solutions and their encryption levels below.
Dropbox and Google Drive
Dropbox allows for MFA and uses perfect forward secrecy, which means old decryption keys can’t be used to steal your data. It also encrypts data both at rest (via 256-bit AES encryption) and in-flight (via 128-bit AES SSL/TLS encryption). Google Drive’s encryption measures are similar to that of Dropbox: 256-bit SSL/TLS encryption for files in-flight and 128-bit AES encryption for files at rest.
*Note: We’ll mention the term “bits” quite a lot in the post. They’re a measurement of the size of the key required to decrypt your files—that means 128-bit keys are 128 characters long, 256-bit keys are 256 characters long, and so on. The longer the key, the harder it is to crack.
Unfortunately, it’s by now well documented that these and other popular cloud services such as Box and OneDrive are susceptible to Man in the Cloud (MiTC) attacks, which allow hackers to steal user synchronization tokens to log into private accounts.
Aspera uses Microsoft’s proprietary FASP security model, which includes both in-flight and at-rest AES encryption up to 256 bits. Keys are sent to server endpoints using secure shell (SSH) authentication and a new key is generated for each transfer session.
How to securely send files
No matter while file transfer or cloud service you use, there are often extra steps you can take to better secure and encrypt your files, including bolting on standalone encryption software, password protecting your transfer, or chopping up your file into several parts.
Boxcryptor is one example of encryption software. it uses a combination of 265-bit AES and RSA encryption, and integrates with popular cloud services such as Dropbox, Google Drive, or OneDrive (you’ll need to pay extra to use it with more than one cloud service at a time, however). Boxcryptor users can share files and folders through Whisply, Boxcryptor’s large file transfer service, although it has a hard limit of five files per transfer link.
Although it sits more on the storage side of things, VeraCrypt is another powerful encryption tool that’s open source and compatible with pretty much any cloud storage or physical storage device. VeraCrypt supports a range of ciphers including AES, Serpent, and Twofish.
Password protected transfers
Some file transfer solutions, such as WeTransfer, Dropbox, and MASV, allow users to password protect individual files or transfers. Recipients must enter the correct password to be able to view the transferred file. Interestingly, some major cloud platforms such as Google Drive don’t offer password protection for individual files (there are third-party extensions offering password protection for Google Docs, but require a judgement call as to their trustworthiness).
Sending separate files
You can also break up your file into several different parts or sections, rendering each section relatively useless to a hacker or data thief. You can even transfer or store each individual section using a different cloud or file transfer platform. But let’s be honest: Breaking up a large video file into several different parts, and then transferring each part separately, requires a lot of needless effort—and stress, assuming you’re on a deadline—and is still not guaranteed to keep your files safe.
Protecting media files with MASV
MASV’s reliable and secure file transfer service uses a potent combination of TLS encryption for files of any size both in-flight and at-rest, along with optional password protection on all transfers and the peace of mind provided by Amazon Web Services’ ultra-secure infrastructure.
It also allows virtually unlimited transfer sizes (individual files must be 5TB or smaller), and rides on a super resilient, dedicated global accelerated network of more than 150 servers across the world. A perfect option for the aforementioned studios in need a of safe and reliable transfer solution for moving heavy amounts of sensitive information. MASV literally makes sending a large video file as simple as sending an email—but without transfer limits, software installations, firewall problems, and with far better built-in security.
Want to try it out? Send up to 100GB of files right now with MASV’s free trial (encryption included at no cost).
Need to Securely Transfer Large Files?
Create a free MASV account to get started