Most network admins know that telnet is insecure because it sends the username and password in clear text. For this reason you do not find telnet being used anymore, SSH is used instead.
What most people do not realize is that FTP has the same exact issues. If a malicious person wanted to break into a server all they have to do is sniff for a FTP transaction and you will get the username and password when a user logs in.
There are several solutions available for securing FTP, the two most common are FTPS and SFTP.
FTPS is very similar to HTTPS in your browser, it adds a security certificate to the FTP daemon and allows a user to connect to the server securely using those credentials. The issue is you need to purchase a SSL cert to use for FTP. You will also need to set your FTP server to use this cert. The complexity of this will vary depending on the server software.
SFTP uses the SSH protocol to do file transfers. SSH is extremly secure, as long as you are running version 2. Any Linux/BSD box that is setup properly already has SSH access setup and it just needs a few tweaks to settings.
Which one of these I use will depend on the server, weither its a Windows or Linux box. If it is running Linux then SFTP will be the best option as it is the easiest to get running. On the other hand, for a Windows server it is a pain to get SSH installed and therefore FTPS is going to be the option of choice.
You can run both SFTP and FTPS on Linux and Windows, but the above recommendations are the easiest solutions for each OS.
