Best Reviews logo
Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.
How to Protect Your NAS Drive

How to Protect Your NAS Drive

By Zoltán G.Zoltán G. Verified by Adam B.Adam B. Last updated: July 17, 2024 (0)

Let’s face it: no matter how many times security experts say it, many internet users will still refuse to believe in the protective power that passwords bring to the table. Granted, people are slowly realizing that online logins are a necessary evil to keep wrongdoers at bay and their personal data safe and many of them even go to great lengths to ensure that their online identities remain protected all the time.

But this consideration doesn’t go as deep as it should: when it comes to password-protecting routers, servers, or NAS drives, the vast majority of users don’t even bother changing the devices’ default passwords, leaving them at the mercy of hackers. And as the security flaws discovered in several NAS drives has proven, this recklessness could have dire consequences.

The price of convenience

Despite not being as widespread as external hard drives, the NAS – or network-attached storage – is a better solution for storing all sorts of data since it’s basically a miniature, physical embodiment of the cloud. Unlike HDDs, the NAS is connected to a network, meaning that any devices hooked up to the same network can store and share files with each other without being directly connected to the drive. And to make things even more convenient, NAS drives can also be configured in such a way that users can access its files remotely as well.

As it turns out, however, remote access is actually one of the biggest weaknesses of these drives. The best case scenario is when NAS drives are ‘only’ used for committing petty crimes like mining cryptocurrencies without the user’s permission, but sadly the potential issues are usually much more dire than that.

In 2017 security researcher James Bercegay discovered a flagrant security flaw in a dozen Western Digital My Cloud NAS drive models. According to his report these devices came with a hidden firmware backdoor, which allowed complete strangers to access the drives’ contents remotely by providing the factory username and password.

Making NAS drives hacker-proof

Not only are all these issues a serious threat against data security, but they also revealed two major concerns of NAS drives. Firstly, they are just as vulnerable to remote hacker attacks as any other device connecting to the internet. And secondly, leaving the factory settings unchanged – especially where passwords are concerned – is like politely inviting a burglar into our homes.

But since connecting a NAS drive to a network is inevitable, it should to be reinforced in such a way that hackers could never compromise the data stored on it. Thankfully, however, only two things are needed to achieve the necessary level of protection: changing some of the default settings of the NAS drive and creating a strong password.

Changing the drive’s factory settings

To ensure that a NAS drive is ready to withhold hacking attempts, not only should the data be backed up frequently but you will also have to make sure that its firmware is kept up-to-date at all times to eliminate any possible vulnerabilities. After this, it’s highly recommended to deal with the issue of unknown IP addresses by determining the number of failed authentication attempts that are allowed before the drive blocks any unauthorized device from accessing its content ever again. In addition to that, if the drive provides the option to add an extra layer of security via two-step authentication – like in the case of Synology NAS devices – then it’s best to turn that on as well.

 

Updating the password

While modifying the device’s default settings is already enough to keep trespassers out, to make sure that it is completely hacker-proof you should also replace the default password with an uncrackable one generated by a random password generator. However, updating the login is just the first step towards securing the NAS drive; the password should also be safely stored inside a password manager. This way not only can users completely forget about the new, complex password altogether – as the program is able to recall the login whenever the NAS storage is accessed – but it also means that the password is encrypted and cannot be stolen by unauthorized people, even when it’s entered into the login screen of the network-connected storage.

User Feedback

 Leave a reply

Your email address will not be published. Required fields are marked *


Latest Articles

How To Master English Fluency: 10 Effective Tips and Tricks
When it comes to language learning, we often come across the word ‘fluency’. But what does it mean exactly? Simply put, fluency is the ability to articulate a message ...
Read article
4 Reasons To Choose CRM Software With AI
With the competition increasing, maintaining lasting customer relationships is more crucial than ever. Customer relationship management (CRM) systems have long been the backbone of most businesses’ effective interaction management, helping them streamline processes, improve satisfaction, and boost sales
Read article
Empower Your Wedding With The Perfect Hashtag
Do you remember the time when # was a simple sign used only in phone menus? The mundane past of the hashtag is now gone, because Twitter came, saw, and turned this barely known sign into a global Internet craze. 
Read article

Best Reviews

Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.

©2012-2024 Best Reviews, a clovio brand – All rights reserved
Privacy policy · Cookie policy · Terms of use · Partnerships · Contact us