For a protocol with nearly fifty years on the clock, FTP can sometimes be a lot more complicated than most would assume. In particular, there is often a strong misunderstanding of the differences between active and passive FTP sessions, which can lead to confusion around port numbers in use and how the protocol really works.
FTP has been around for as long as I can remember; and according to Rapid7 is still in widespread use today with over 21 million FTP servers on present on the internet today.
Storing sensitive files and personal data in the cloud can be a touchy topic for some, keeping even the most seasoned information security leader or data protection officer awake at night. Although, despite what the humble salmon teaches us about swimming against the tide, it is hard to fight against the unstoppable trend towards cloud adoption.
It may be obvious to some that FTP (File Transfer Protocol) is an insecure protocol; and that its continued use for transferring sensitive or personal is inappropriate. Yet, its use for that very purpose still continues according to Rapid7, creating an unnecessary risk.