Executive Summary
Pega will deprecate the Unsecure File Transfer Protocol (FTP) with effect from Pega Infinity 25.1.2 release.
The current configuration allows users to select between:
- Unsecure File Transfer Protocol (FTP)
- Secure File Transfer Protocol (SSH FTP)
- File Transfer Protocol Secure (FTPS)
However, due to significant security and compliance concerns—including lack of encryption and vulnerability to credential theft and data interception—FTP is now considered outdated and is being deprecated across the industry, as reflected in standards such as General Data Protection regulation (GDPR), Health Insurance Portability and Accountability Act HIPAA, and Payment Card Industry Data Security Standard (PCI DSS).
Client Action
As a best practice, organizations use the following protocols for file transfer:
- SSH FTP: Secure File Transfer Protocol
- FTPS: File Transfer Protocol Secure
FTP server configuration is specified in ‘FTP Server’ rule. Perform the following steps to migrate to SFTP/FTPS:
- Setup a SFTP/FTPS server.
- Update the existing FTP Server rule with the new server details.
If you have any questions or concerns, please raise a ticket with Global Client Support (GCS) in My Support Portal.