We’ve just released CompleteFTP 11.0.

There’s quite a few fixes and minor features added (see the revision history), but there’s two important new enterprise features described below.

Encryption at rest

If CompleteFTP’s new encryption at rest feature is enabled for a particular user, all files transferred to the server as that user will be automatically encrypted as they are written onto the server file system. Users directly logged onto the server machine will not be able to decrypt the files.

Once a file is encrypted, the only way to decrypt it is by transferring it (i.e. downloading it) from the server as a valid user, or via the decrypt administrator command run from the SSH command-line.

Obviously, this keeps your files secure on the server – even if someone gets access to the machine, they won’t be able to decrypt the files. Note that this does have implications for any events that might copy or post-process uploaded files! If EAR is enabled, uploaded files will not be able to be decrypted by other programs or by process triggers. So only enable this feature if you are sure you want all files that you upload to the server encrypted! Switching the feature on doesn’t encrypt the existing files.

Single sign-on (SSO)

Single Sign-On (SSO) is the ability for a user to gain access to multiple systems with a single login.  CompleteFTP now supports web browser SSO using an open standard called SAML. This means it can be set up as a SAML service provider, meaning it can delegate user authentication to an external SAML identity provider.  This can be particularly useful in large government settings where SAML is often used. More details can be found here.

Upgrading

These two new 11.0 features are included in the Enterprise Edition only. It is easy to upgrade an existing Standard or Professional Edition to the Enterprise edition – and it costs only the price difference between the editions. Contact us for more details.