Are you one of those we have convinced to choose a NAS for your home automation? So much better! As we have seen recently, a network storage server has many advantages, particularly that of operating locally.
Nevertheless, we are tempted to expose it a little on the Internet to access it from everywhere. Unfortunately, this is not without risks, as we saw last summer with a massive brute force attack at Synology or, even worse, with the Trojan resetting some Western Digital NAS. Today we invite you to follow these 10 tips to secure your Synology NAS.
Although our guide is not exhaustive, these 10 steps to secure a Synology NAS will be enough to use your NAS remotely confidently. Whether you use Domoticz, Jeedom, or Home Assistant, these good practices will allow you to keep your connected home private.
The first thing to do on a Synology NAS is to disable the default “admin” account. We advise you to create a second one with full administrative rights but a different name. Forget “admin,” “administrators,” “sysadmin,” “nodules,” “first name,” and “name123,” and choose strong identifiers!
It’s basic, but many still need to improve their credentials. It is customary to recommend a password with a minimum of 8 characters, including uppercase, lowercase, numbers, and special characters. Still, you can go further with 12 to 15 characters and choose complex usernames. This is valid for all accounts, and we will also make it mandatory. If you have trouble remembering your passwords, use a password manager like Dashlane, LastPass, or WordPress.
Double authentication (2FA) has become essential, and Synology offers a dedicated application called Secure SignIn. To use without moderation!
Still on the same screen, just below, DSM offers you to detect connection failures that are too frequent to be normal. A checkable option to protect your Synology accounts, and therefore your NAS, from attacks by unwanted clients.
As on your computer, a firewall is essential to protect your Synology NAS properly. This firewall allows you to define more or less strict access rules, authorize or not the connection to certain services, block unwanted IP addresses, or limit access to some of your choice.
It is the counterpart of the firewall, another essential option that automatically blocks addresses making too many connection attempts. Below DSM 7, we invite you to activate the DoS protection, which protects you from denial of service (DDoS) attacks.
When HTTPS is enabled, connections are encrypted using SSL/TLS, which secures access to your Synology NAS. You can also customize the default ports and targets of choice to reduce the number of malicious login attempts.
Although we use it regularly in our DIY home automation tutorials, in particular with Home Assistant and Jeedom, we strongly advise you to disable SSH when you are not using it. The default ports are prime targets. Feel free to change them when you re-enable them. Similarly, you can disable Telnet or the AFP file service.
Now that we have blocked everything, we must keep a way to connect to our NAS from the Internet. To do this, Synology offers a service called QuickConnect. It is the simplest solution to access your NAS and its applications remotely without having to embark on a more specific configuration requiring intervention on your router or box. How does it work? Your NAS will connect to “Synology Relay Server,” a free cloud service intermediating your client and server. There are better performances, it’s true, but it’s a simple and effective solution.
Although we mention it last, it is perhaps the first thing to do! Keeping your system up to date is the first security. Indeed, in addition to new features, updates frequently bring security patches.
ALSO READ: Why Choose ZTNA For Enterprise Security?
In the meantime, you can:
It's special to have a small:r1tfetqsli4= dog snuggle up on your lap and look up…
Youtube is that one word that doesn’t need any definition. It is considered as every…
In the empire of social media influence and personal branding, the quest for a substantial…
For tablets and Android phones, get the free download of TechNukti Com. Get the Top…
ZYN pouches are the most widely used tobacco leaf-free nicotine pouches in the United States;…
The website Kheloindian.online game how to play Offers young people in India with a preference…