SFTP with antivirus and malware protection

Published in
3 min readJan 25


hosted sftp as a service

FTP and Secure FTP (SFTP) are key components to many organizations’ workflows and file sharing workloads. However, in an era where cyber crime is increasing, there is a new demand for having a cloud hosted SaaS SFTP (SFTPaaS) server backed with antivirus. One of the main drivers behind having SFTPaaS is the desire to remove the management infrastructure (availability, patches, security, etc.) and opening up local networks or cloud infrastructure to the public.

From a security point of view, trusting a SFTPaaS provider who is secure, has compliance certifications, and is fully removed from your infrastructure is one step. The next step would be to look at file security itself. While systems that are automatically exchanging files may not be an issue due to limited ability, having end users interacting with files can open a whole can of worms, especially since humans are one of the most common threat vectors when it comes to cyber security.

There are a couple ways one can protect files that come through as part of an SFTP transfer.

Block files that don’t meet expected names or extensions

If you’re expecting .csv files from a partner, then you shouldn’t see a .exe or .bat file. So how can you protect using this knowledge? You can simply block files or only allow files with certain extensions. With a solution like Couchdrop, you can configure an automation based on files uploaded to a certain directory or user and apply this logic to your files..

It could be as simple as if the file matches .exe or .bat (or does not match .csv) then move the file and quarantine it. Or better yet, you can create a copy in a sandbox environment and then delete the original file. This ensures the file is never received in your operational directory and the file is immediately isolated from business operations.

Enable Antivirus and malware scanning

Many SFTPaaS solutions offer Antivirus and malware scanning automatically. This often means that files that are uploaded are first quarantined in an isolated sandbox, scanned using an industry recognized antivirus solution such as ClamAV (Cisco), and then if safe, they’re moved to the desired location. If it suspects a virus or malware, the file is terminated and you’re sent an alert. .

While Couchdrop offers inbuilt antivirus for SFTP, file automations (MFT) and its inboxes functionality, it also allows you to bring your own storage, such as Dropbox, SharePoint, Google Workspace, Box and Egnyte (and more) who natively offer their own underlying antivirus capability. These companies are investing heavily in antivirus such as with Dropbox’s advancements in anti-ransomware technologies.

The best way to protect against malware and viruses is to utilize all of the functionality available to you as an organization. This could include using filtering based on an uploaded file to delete unwanted file types, or the SFTPaaS’s native AV solution. You can also combine the SFTPasS’s offering and back the solution even more with a storage provider who offers anti-ransomware for maximum protection.

If you have any feedback or ideas around product improvement please let the team know by emailing support@couchdrop.io.

For more information or to get started jump across to couchdrop.io or for more guides see community.couchdrop.io