How to make your Synology Disk station (NAS) more secure?

Introduction

Recently I bought the network attached storage (NAS) DS1513+ from Synology and integrated it into my home network in order to have a central place to store and access my data. This NAS has several server functions, making it convenient to access data remotely, but also making it vulnerable to unauthorized intrusion. So the question arises, how to mitigate this risk without restricting the remote functionality of the NAS. There is a lot of information available in the web; yet for me it took some time to identify and understand the most important modifications and to implement them:

  1. VPN Virtual Private Network – to remotely access the local area home network
  2. SSH Secure Shell – for secure login as root user or admin to fully access the (embedded) operating system
  3. SSL/TLS – to secure traffic between website and browser (HTTPS)
  4. Enable 2-Step Verification for DSM web access
  5. Store all critical data (certificates and private keys) on an encrypted memory card

Continue reading How to make your Synology Disk station (NAS) more secure?

Incoming search terms:

  • openvpn synology make secure
  • how to setup radius server on synology
  • synology no key usage
  • how to put security on the file in synology
  • disable user home directories on synology
  • synologynas memory test ssh

Welcome to BPMSG – September 2014

Concepts, Methods and Tools to manage Business Performance

Dear Friends, dear Visitors,

After more than three months it is time for a short update on bpmsg.com. Things getting more quiet: less questions, less feedback, though the number of visitors remains constant with approximately 2000 per month, and the number of downloads of my AHP excel template is slowly approaching 12 Thousand. My AHP online software seems to be quite stable now. The  latest correction was a small bug, using criteria names with more than 35 characters. Kindly let me know in case you experience any other problems, and be sure that I appreciate all feedback.

The last couple of weeks I was quite busy, integrating a network attached storage (NAS), the DS1513+ from Synology, into my network. It is always a challenge to protect your devices against external web attacks, so I had to learn a few new things about Linux, openSSL and VPN. But now it seems to be working, and I am able to run ‘my own cloud’ services, and access the station remotely, even through restrictive firewalls. In one of my next posts I will share my modifications and measures.

There are also a few new AHP applications I am working on. In my latest project I use AHP to determine criteria weights of a product market matrix for a portfolio analysis. The two axes of the matrix are market attractiveness and competitive position. An attractive market has high market entry barriers, high profitability, a large volume, a significant growth rate and established competitors, not fighting price wars. Your competitive position is characterized by your market share versus the strongest competitor’s market share, your market presence, the price flexibility, program quality and potential for innovation. Once the weights of these criteria are defined, you can map your product portfolio in the matrix, and use it to develop strategies to strengthen your future position in the markets.

For now, please enjoy your visit on the site and feel free to give me feedback – it is always appreciated.

Klaus D. Goepel,

Singapore, September 2014

BPMSG stands for Business Performance Management Singapore. As of now, it is a non-commercial website, and information is shared for educational purposes. Please see licensing conditions and terms of use. Please give credit or a link to my site, if you use parts in your website or blog.

About the author