To SFTP or not to SFTP

Oil Can Dan

Well-Known Member
Lifetime Member
SoSH Member
Jul 31, 2003
8,015
0-3 to 4-3
My small business needs to work with a particular vendor that requires us to be able to receive data via SFTP. We don't really have any infrastructure and for other vendors we've used Dropbox for business, google sheets or simply mailing files around. These things will not work for this particular vendor. Does anyone have any experience with SFTP providers? I have found some offerings that are in the $250/$500 per month range and I have no idea if those are fair prices and/or if these entities are legit?

Also may be a good time to ask about any recommendations on a vCTO provider. I believe I read something about that here after one of the latest huge data breaches. We really have no IT expertise in-house, and that's not likely to change in the near-term future.

Thanks in advance!
 

SumnerH

Malt Liquor Picker
Dope
SoSH Member
Jul 18, 2005
31,893
Alexandria, VA
How much data are you handling? Do you have any special HIPAA/PCI/etc requirements? Is it "OMG the world will end" if it goes down, or is ordinary website kinds of uptime acceptable?

That strikes me as a lot more money than I'd expect—every Mac/Linux machine has SFTP built in and Windows will soon, so if you're just sending around a few documents then it's largely a matter of having any server connected to the Internet—but if you are dealing with a lot of data or have special requirements then maybe it's reasonable.
 

kneemoe

Member
SoSH Member
Dec 19, 2006
2,436
Glens Falls, NY
Is the vendor actually looking for you to host the service? Or are they saying they have an sftp server and you'll need to access it?
 

SumnerH

Malt Liquor Picker
Dope
SoSH Member
Jul 18, 2005
31,893
Alexandria, VA
"Receive data" says to that he needs to run the server, not the client. If that's wrong, then the cited dollar figures are patently absurd rather than merely questionable.
 

InstaFace

The Ultimate One
SoSH Member
Sep 27, 2016
21,763
Pittsburgh, PA
"...vendor that requires us to be able to receive data via SFTP"

This suggests to me that he is the client, not the server. If so, you need to go download FileZilla or something, get the right credentials from them, learn how to use it, and use it. If this is the case, I'll even offer to walk you through it.

Kneemoe is asking the right question though, OCD. Where is the permanent, canonical "home" for this data, as opposed to just being one of several people who can download from it - are they running it, or do they want you to run it?

If they want you to run it, it does depend on the questions Sumner is asking. But for low-to-medium volume, low-downtime-sensitivity situations, you can just go get a hosting account on Namecheap or Dreamhost or something, upload a bunch of files, create a login for them, and let them hit that server with that login to get the files. Costs ~$10/month. Certainly doesn't require an outsourced CTO, just some mild levels of tech confidence or i-can-figure-it-out attitude.

Another solution would be a service like YouSendIt (now Hightail), which was basically dropbox before dropbox, and can easily be set up to let you transfer big files. It's designed to do just this, rather than be an all-purpose web server, which means the software is designed for non-techies and is largely dummy proof.
 

Gdiguy

Member
SoSH Member
Jul 15, 2005
6,231
San Diego, CA
Another solution would be a service like YouSendIt (now Hightail), which was basically dropbox before dropbox, and can easily be set up to let you transfer big files. It's designed to do just this, rather than be an all-purpose web server, which means the software is designed for non-techies and is largely dummy proof.
My startup actually needs a service like this (right now we're just using password-locked Dropbox folders), but looking at Hightail, they seem to be kind of crazily priced for what you're describing - the basic plan is $125 / month for 3 'team members', and it seems like that includes the receivers of files (looks like they're trying to be more an enterprise Dropbox competitor than simple file sharing)

There's probably a way to do this relatively cheaply with Amazon AWS / etc
 

jercra

No longer respects DeChambeau
SoSH Member
Jul 31, 2006
3,147
Arvada, Co
My startup actually needs a service like this (right now we're just using password-locked Dropbox folders), but looking at Hightail, they seem to be kind of crazily priced for what you're describing - the basic plan is $125 / month for 3 'team members', and it seems like that includes the receivers of files (looks like they're trying to be more an enterprise Dropbox competitor than simple file sharing)

There's probably a way to do this relatively cheaply with Amazon AWS / etc
You can do it for free for a year on AWS and then it's close to free. It's not drag and drop with a fancy UI but if you just need sftp/scp and you know how to use it, this is an easy solution. If you want to go that route, PM me and I'll help get it set up for you.
 

kneemoe

Member
SoSH Member
Dec 19, 2006
2,436
Glens Falls, NY
"Receive data" says to that he needs to run the server, not the client. If that's wrong, then the cited dollar figures are patently absurd rather than merely questionable.
I'd agree, but its worth confirming. Most vendors I've worked with understand that it's a big ask for some places to run their own server, keep it updated, etc, whereas downloading a client is trivial.
 

Oil Can Dan

Well-Known Member
Lifetime Member
SoSH Member
Jul 31, 2003
8,015
0-3 to 4-3
Thanks to all for the insight. It seems my vendor is indeed able to post the data to their SFTP site which we can then securely access.

So, no SFTP for me.