>Is there any suggestion that could increase the security of file that are currently retrived via FTP?
>I have been told that there is suppose to be secure FTP (SFTP?) in Windows, but can not find anything about it.
>Does the security implementations have to come from the company hosting the FTP site or can you do it from the client?
>
One definite improvement would be to establish the FTP site so that you must establish a secure VPN connection in order to access the FTP site. IOW, the only way that the site is visible is in the context of your intranet; in order for an outside system to access the site, the outside system must establish a VPN connection, which can be strongly secured and provide end-to-end encryption not just of the data, but of the request itself as well. The FTP site could be limited to connections within a specific submask, and you could establish further file-level restrictions based on WIndows authentication of the user identity as you see fit.