The problem is with the ftp protocol and not vsftp. As far as I know the vs in vsftp is from the server point of view. The ftp protocol itself doesn't transmit passwords or data securely.
Since you said that your clients have ssh access, do the programs they use support sftp?
If you want to support sftp & scp but not ssh, I believe there is a sftp-shell or something similar to use instead of
/bin/sh in /etc/passwd.
If you want to support sftp, scp and ssh, then google for "openssh chroot". For example, there is a sourceforge project for this.
There is also an entry in the LQ Wiki.
I'm not a web designer or web master. Don't some of the programs you mentioned only produce code that assumes they run on IIS servers? ( E.G. use activex, etc. )