FTP Today logo


FTP Today FAQs

  • What is GOVFTP using for encryption?
    • AES256 for data at rest, which is above and beyond the government standard of AES128. They are also using TLS 1.2 for the in-transit encryption.
  • Is the price by user?
    • No, the price is by storage capacity only. GOVFTP wants to make it easy on you to meet your compliance goals by removing the headache of user management, so every one of your users can have their own username and password.
  • Can we restrict folder access by users?
    • Yes, you can restrict folder access by users. You can give them specific restrictions for Upload ability, download ability, delete ability, and file listing ability.
  • How do we restrict IP Addresses?
    • You can restrict IP addresses for login at the user level, and you can also restrict IP addresses at the country level.
  • Is there a limit on bandwidth?
    • There’s no monthly bandwidth limitation.
  • Is SSO available? (Single Sign-On)
    • SSO was launched in December 2020. It has both OAuth and SAML 2.0 integration – which is typically required for government compliance and for CAC cards. If you have questions about specific integrations like active directory, we recommend setting up a demo.
  • Is there a file size limit?
    • There’s no limit on file size, but GOVFT does recommend using SFTP for large files due to its ability to pick up where it left off if a failure occurs on your end.
  • Does GOVFTP have Multifactor Authentication? (Also called M2A or MFA)
    • Yes, you get the choice of setting this sitewide or by specific user. You can use emails, text messages, or a TOTP application.
  • Does GOVFTP have Multifactor Authentication? (Also called M2A or MFA
  • Is my business automatically compliant by using GOVFTP?
    • GOVFTP is providing the controls and tools necessary to meet compliance when you are audited as a company. This would be specifically for the file sharing piece of your compliance. They can provide an addendum to their terms of service for cloud readiness regarding DFARS, ITAR, and EAR.
  • Is GOVFTP’s platform FedRAMP certified?
    • It is hosted in a FedRAMP DoD IL4 authorized datacenter and is authorized at the IaaS and PaaS levels with pieces of infrastructure for 15+ government entities. They are FedRAMP equivalent at the SaaS level, but are currently working on becoming FedRAMP authorized at the SaaS level. As a company that’s not a government agency, FedRAMP equivalent is typically the only FedRAMP requirement if you do need compliance at this level.
  • Can we white label the GOVFTP site?
    • Yes, you can make your site look like it is only yours, and even point your own address to it.
  • Can you tell me about DR (disaster recovery)?
    • Our production facility is in Virginia and our disaster recovery facility is outside of Boulder, CO, which meets the typical government compliance requirement of 500 miles between the two facilities. Their RTO and RPO are both 24 hours.
  • What protocols are available for us to use?
    • SFTP, FTPS, FTPeS, and HTTPS. The GOVFTP platform completely removes FTP as an option.
  • What ports are they using for protocols?
    • SFTP: port 22
    • HTTPS: port 443