Couchdrop Couchdrop Logo
Platform
Use Cases
Integrations
Resources
Pricing Security Support Company

Glossary of Terms

A reference guide to secure file transfer, protocol, security, and EDI terminology

Introduction

This glossary provides clear definitions for essential terminology used in managed file transfer, secure data exchange, and throughout the Couchdrop website, documentation, and platform.

 

Core Concepts

These terms explain the fundamentals and practices that define how files move securely between systems.

Secure file transfer

The transfer of files with a focus on security. Secure file transfer methods add additional security like end-to-end encryption to ensure files are protected and only accessible by the right parties.

SFTP Server

An SFTP Server is server software that enables connections between machines using the SFTP protocol. Typically used to process file transfer requests, authenticate users, and enforce access controls.

Managed File Transfer (MFT)

MFT solutions are centralized hubs for transferring files that enable secure file transfers between platforms and include administrative controls, a scheduling component, and tools for monitoring, compliance, and auditing.

Cloud-Native

Software designed and built for the cloud, as opposed to software built for on-prem environments that has been altered to work with cloud applications and workflows.

Secure by design

Software where advanced security features and protections have been designed and built into the product from the beginning.

 

Data movement

There are several terms in relation to data movement that describe how data is transferred and the different stages of the transfer and storage process.

Data at rest

Data stored in a static location such as a database, file system, or storage platform.

Data in transit

Data actively moving from one location to another across a network.

End-to-end encryption

Encryption of data throughout the entire transfer process from source to destination, ensuring that data cannot be read even if intercepted during transmission.

Intermediary storage

A temporary storage layer between the source and the destination owned by a third party. This is required by some file transfer architecture.

See also: Data in Transit, Data at Rest, End-to-End Encryption

Streaming transfer

Direct file transfer from source to destination without using intermediary storage.

 

File storage

These terms cover file storage, including both local and cloud types.

File Storage system

A method of storing files within directories. Each folder consists of files and folder metadata and can also contain subfolders with the same structure.

Local storage

File storage on a specific, physical device that the user has direct access to.

NAS Device (Network-Attached Storage Device)

File storage not directly on the local physical device, but on a device that is accessible through a local network.

Cloud storage

Files saved on servers owned by a cloud storage provider such as Google Drive, Dropbox, or SharePoint.

Hybrid storage

A storage environment combining on-premises infrastructure with cloud storage, typically with a strict separation of which files are stored on which storage type.

Block storage

Block storage splits data into distinct blocks of data stored across several different environments. Once a user initiates a retrieval process, the block is resassembled into a single unit.

Object storage

A storage architecture managing data as discrete objects rather than files in a hierarchy or blocks on a disk. Highly scalable and commonly used in cloud environments.

S3 (Simple Storage Service)

Amazon Web Services' object storage service, widely used for storing files and serving as a source or destination for file transfers, and the baseline technology of a number of storage platforms.

Storage connector

An integration component enabling a platform to connect with specific storage services like Amazon S3, Azure Blob, or local file servers.

See also: S3, Object Storage

File server agent

Software installed on an on-premise device that enables the secure transfer of files between the device and other storage platforms, including cloud storage platforms.

 

File Transfer Protocols

Transfer protocols are standardized collections of requirements and processes used to communicate and transfer files.

SFTP (SSH File Transfer Protocol)

A secure network protocol for file transfer that runs over SSH (Secure Shell), which requires encryption. Also known as Secure File Transfer Protocol.

SSH (Secure Shell)

A network protocol that provides secure communication channels for remote command execution and file transfer. SSH forms the foundation for SFTP and SCP.

FTP (File Transfer Protocol)

The original network protocol for transferring files between a client and server. FTP requires a data channel and a command channel and transmits data without encryption, and as a result, is considered insecure for sensitive transfers.

FTP typically runs in one of two methods:

  • Active FTP - FTP connection mode where the server initiates the data connection back to the client. Often blocked by firewalls protecting the client.
  • Passive FTP - FTP connection mode where the client initiates both control and data connections. More compatible with firewalls and NAT configurations than active FTP.

FTPS (FTP Secure)

The FTP protocol with the addition of a TLS/SSL encryption layer. FTPS provides better security than FTP while maintaining compatibility with FTP systems.

AS2 (Applicability Statement 2)

A protocol typically used for the transfer of EDI using HTTP/S with encryption and digital signatures, but can also be used for any type of secure file transfer.

SCP (Secure Copy Protocol)

A network protocol for secure file transfer using SSH for authentication and encryption. SCP is specifically designed for copying files between hosts on a network.

See also: SSH, TLS/SSL, Public Key Authentication

TLS/SSL (Transport Layer Security and Secure Sockets Layer)

Security protocols providing encryption for data in transit. Used by HTTPS, FTPS, and other secure protocols.

HTTP (HyperText Transfer Protocol)

A protocol suite for transmitting data between web clients and servers via HTTP Requests and HTTP Responses. HTTP is the foundation for the World Wide Web, where hypertext (links) connect resources together.

HTTPS (HTTP Secure)

An extension of HTTP with encryption via TLS/SSL.

Protocol bridge

Technology enabling communication and file transfer between systems using different protocols, allowing file transfers between systems with support for different protcols.

SFTP/FTP/AS2 client

Software application that connects to an FTP/SFTP server to upload, download, or manage files. Examples include FileZilla, WinSCP, and Cyberduck.

 

Integration

Integration is the connection of various software and applications, enabling data transfer between disparate systems.

API (Application Programming Interface)

The specific set of protocols and tools used in a software application to communicate and exchange data.

iPaaS (Integration Platform as a Service)

A cloud-based platform providing tools for connecting applications, data sources, and systems without custom coding.

See also: API, Connector

Webhook

An HTTP callback that sends an automated message from one application to another when a specific event occurs.

Data pipeline

A series of connected processes through which data or files flow, with each stage performing specific transformations or operations.

ETL (Extract, Transform, Load)

A data integration pattern where data is extracted from source systems, transformed into the required format, and then loaded into the destination. The transformation occurs before loading, allowing data cleansing and validation before being loaded into the next application.

ELT (Extract, Load, Transform)

A modern variant of ETL where data is extracted from sources, loaded directly into the destination system, and transformed afterwards. ELT requires more processing power than ETL and leverages the processing power of modern data warehouses.

See also: Data Transformation, Data Pipeline

 

EDI & B2B integration

Electronic Data Interchange (EDI) is a standardized method of machine-to-machine data exchange, commonly used for business-to-business transactions.

B2B (Business-to-Business)

Data exchange between two or more businesses, as opposed to transactions between a business and individual consumers or transfers within the same business.

Trading partner

An external organization with which a business regularly exchanges data, such as suppliers, customers, or vendors.

Digital signature

A cryptographic mechanism that verifies the authenticity and integrity of digital messages or documents. A digital signature proves who has sent a document and that the contents have not been altered.

EDI (Electronic Data Interchange)

The standardized computer-to-computer exchange of documents between organizations.

X12

An EDI format used primarily in North America, which defines document structures for common business transactions.

EDIFACT

Electronic Data Interchange for Administration, Commerce and Transport—an international EDI standard developed by the United Nations, widely used outside North America.

EDI transaction set

A specific type of EDI document identified by a three-digit code, such as 850 for Purchase Orders or 810 for Invoices.

See also: X12, EDIFACT

MDN (Message Disposition Notification)

An acknowledgment message in AS2 communications that is automatically sent back to the sending party that confirms the receipt of a message.

Non-repudiation

The assurance that a party cannot deny the authenticity of their signature or that they haven’t sent or received a particular transmission. MDN receipts in AS2 provide non-repudiation.

VAN (Value-Added Network)

A third-party network service that provides routing, translation, and compliance services between trading partners.

See also: AS2, MDN, Non-Repudiation

 

Automation

File-based automation relates to automatic processes for transferring and processing files.

Workflow

A defined sequence of automated actions that process files through a system, such as receiving a file, transforming the file metadata, and routing it to the appropriate destination.

File processing

Processes that alter file metadata, but not the file contents itself. This includes aspects such as the file name, modtime, compression, and encrypted access.

Visual builder

A graphical interface for creating workflows through drag-and-drop components instead of coding.

Trigger

An event that initiates an automated workflow or action, such as a file arriving in a folder, a scheduled time, or an API call.

Action

A specific task or operation performed within an automated workflow, such as moving a file, decrypting a file using PGP decryption, or sending a webhook.

Scheduled workflow

An automation that runs on a fixed schedule, such as daily at 6 AM.

Event-Driven transfer

File transfer automatically triggered by a specific event, such as a file upload, system notification, or API call, rather than running on a fixed schedule.

Data transformation

Modifying the content or structure of the file itself, such as converting a CSV to JSON or rewriting CSV rows and columns.

Conditional logic

Rules determining which actions to execute based on specified conditions, such as only proceeding in the workflow if a specific file-naming pattern is present.

 

Administration & user management

Administration and user management concepts define how administrators control access and monitor system usage in secure file transfer platforms.

Admin console

A web-based interface for managing system settings, users, connections, and operations. Accessible only by organizational admins and not by standard users.

User provisioning

The process of creating, managing, and deactivating user accounts and their associated permissions.

Root directory

The top-level folder accessible to a user when connecting via file transfer protocol, from which all their accessible paths descend.

Granular permissions

Fine-grained access controls specifying exact actions users can perform, such as read-only access to specific folders. They can also specify a root directory for the user.

Virtual folder

A visual representation of a folder in a location that points to another location. For instance, a “Google Drive” folder that directly accesses files within a specific Google Drive directory.

Activity logging

The recording events and activities within the platform, which can include file transfers, user actions, and system events. Often important for monitoring, troubleshooting, and compliance purposes.

White labeling

The option to override the default branding with the company's own branding for presenting a branded and customized experience.

MFA (Multi-Factor Authentication)

A security mechanism requiring multiple verification methods to authorize with a system. For example, logging in with a username and password and receiving a code to a verified email that must be entered to complete authorization.

SSO (Single Sign-On)

Using one credential set, such as a Google login, to enable users to access multiple applications.

SCIM (System for Cross-domain Identity Management)

Automated the exchange of user identity information between systems to simplify user provisioning processes.

Public key authentication

A cryptographic authentication method using a mathematically related SSH key pair (public and private) instead of passwords. The public key is placed on the server; the private key remains with the client. This method is more secure than user/password authentication alone.

 

Security & compliance

Security measures and compliance frameworks used in file transfer processes.

Encryption

The process of converting data into a coded format readable only by authorized parties with the correct decryption key.

PGP (Pretty Good Privacy)

An encryption algorithm that provides cryptographic privacy and authentication for data communication, commonly used for encrypting files before transfer.

AES (Advanced Encryption Standard)

Encryption standard developed by the National Institute of Standards and Technology that makes files unreadable without the proper key.

See also: End-to-End Encryption

Zero trust security

A security framework that assumes no implicit trust and always requires authorization for all users and devices.

Access control

Security measures that determine access to specific resources based on a user's settings or group enrolment. Prevents unauthorized access to sensitive files and systems.

DLP (Data Loss Prevention)

Technologies and processes designed to prevent unauthorized access, use, or transmission of sensitive data.

Malware

Malicious software used to compromise systems, such as giving access to unauthorized parties.

See also: Zero Trust Security, Access Control

Compliance standards

A specific set of laws, regulations, and industry standards governing data handling, privacy, and security. Compliance requirements vary by industry and geography.

Some compliance standards include:

  • HIPAA (Health Insurance Portability and Accountability Act) - Legislation in the United States designed to safeguard protected health information (PHI), including how this information can be transmitted.
  • GDPR (General Data Protection Regulation) - European Union regulation governing data protection and privacy for the personal data of EU residents.
  • SOC 2 Type 2 (Service Organization Control 2) - A security framework for service providers that specifies how customer data should be protected based on the five trust services criteria of security, availability, processing integrity, confidentiality, and privacy.

Data sovereignty

The legal concept that data is subject to the laws of the country where it is physically stored.

Firewall

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

IP whitelisting

A security practice that permits access only from specified IP addresses or ranges, adding an additional layer of access control beyond authentication.

 

Performance & operations

System performance and operations directly impact how quickly and reliably files move between locations.

VM (Virtual Machine)

Software emulation of a physical computer running its own operating system, commonly used to host MFT servers in the traditional model.

Scalability

The ability of a system to handle increasing workloads by adding or provisioning resources.

Load balancing

The distribution of network traffic or workloads across multiple servers to improve reliability and performance.

Bandwidth

The maximum rate of data transfer across a network connection. This is typically measured in megabits or gigabits per second, and used as a gauge for performance in the best possible scenario.

Concurrent transfers

The ability for multiple file transfers to occur simultaneously.

Rate limiting

A control mechanism limiting the amount of traffic or number of operations in a given time period, used to prevent system overload or abuse.

See also: Bandwidth

Error handling

Mechanisms and processes for how a system detects and responds to errors and failures.

Retry logic

An automated mechanism that attempts to retransmit failed transfers based on specific parameters.

 

Couchdrop-specific

These terms are part of the Couchdrop platform and may be used exclusively in Couchdrop.

Upload Link

A web-based interface allowing external users to securely upload files without an SFTP client. Simplifies file collection from partners or customers.

Shared Link

A method to create a secure link to a location in an integrated storage directory for external users to download files with granular access permissions.

Mailbox

Dedicated email addresses that automatically ingest email attachments and save them to your SFTP server or connected storage directory.

Transfer Automations

Schedule automations that move files between servers, folders, and cloud storage platforms.

File Actions

Automations that allow certain actions to occur when a file is uploaded or downloaded to Couchdrop.

B2B Connect

A simple and secure method to securely transfer files between businesses.