GHL's FTP is "FTP Passive Mode" and not "SFTP" -- and that's bad.

Here are some highlights from AI:

> FTP Passive Mode makes FTP easier to set up with firewalls, but it still sends everything unencrypted. SFTP, on the other hand, encrypts everything, making it safe for confidential data.

> FTP Passive Mode only changes how FTP establishes data connections (making it more firewall-friendly), but it does not add any encryption or secure authentication. All credentials and files are still transmitted in plain text, making them vulnerable to interception and attacks such as packet sniffing or man-in-the-middle attacks.

> Compliance: Many regulations (GDPR, HIPAA, PCI) do not consider standard FTP secure or compliant, while SFTP is generally approved for compliance needs.