...
MTD files are transmitted to MCS via HTTPS, with the exception of one legacy application, WinFSCM. WinFSCM uses FTP to transmit the MTD file. FTP is not secure and it is possible for a 3rd party to intercept the MTD file when transmitted using FTP. However, an MTD file is in and of itself, encrypted at higher levels than most secure file transfer protocols (for example, most HTTPS servers use AES-128 to encrypt the data, and an MTD file is already encrypted using AES-256, which is stronger). Both the HTTPS methods and the FTP methods are using servers that allow write-only operations. Read operations are not permitted for any users on these servers. The MTD file can be downloaded to MCS employee workstations using a secure FTP client (using explicit TLS encryption to protect both the data and the user/password credentials) from an internal FTPES the server (which holds the MTD files sent by customers via the public HTTPS / FTP servers). Once again, the MTD file is considered secured in and of itself. The transport-layer security here is an extra measure of security that is primarily intended to protect the login credentials.
...