The Business Protection group in a US health insurer recently completed an audit of the FTP servers running on their network. Their audit uncovered a number of rogue FTP servers that were set up without IT approval. It also identified many FTP servers that allowed anonymous access which was against company policy.

Rogue FTP Servers Shut Down

They used the information that the FTP/WatchDog-D audit provided to shut down the unauthorized FTP servers.

Anonymous FTP Turned Off

They also used the information that the FTP/WatchDog-D audit provided to have the authorized FTP servers which supported anonymous logon reconfigured to turn this option off.

Ongoing, Regular FTP Audits

The Business Protection team uses FTP/WatchDog-D's FTP Auditor tool to perform monthly network audits to ensure that no new rogue FTP servers have been set up and also to ensure that authorized FTP servers are not reconfigured to allow anonymous logon. Every month, they discover newly set up FTP servers, some even on employee's desktops.

The company has a set of approved FTP servers; all others are considered rogue and are either shut down or configured to minimize their exposure. Regular auditing enables them to ensure that their FTP exposure is properly managed.