password breaches
Windows applications in the field on less modern server versions and applications still in service often pass credentials via clear text. Also, Windows cannot initiate a command line to send a file from point A to point B that is encrypted (the tunnel). They do have a shell mind you. Cygwin on such a server can do the job though. Also, virtual Linux/Unix hosts can, as well as OSX (Darwin fork - nevar forgat).