How to make your Synology Disk station (NAS) more secure?

Introduction

Recently I bought the network attached storage (NAS) DS1513+ from Synology and integrated it into my home network in order to have a central place to store and access my data. This NAS has several server functions, making it convenient to access data remotely, but also making it vulnerable to unauthorized intrusion. So the question arises, how to mitigate this risk without restricting the remote functionality of the NAS. There is a lot of information available in the web; yet for me it took some time to identify and understand the most important modifications and to implement them:

  1. VPN Virtual Private Network – to remotely access the local area home network
  2. SSH Secure Shell – for secure login as root user or admin to fully access the (embedded) operating system
  3. SSL/TLS – to secure traffic between website and browser (HTTPS)
  4. Enable 2-Step Verification for DSM web access
  5. Store all critical data (certificates and private keys) on an encrypted memory card

Continue reading How to make your Synology Disk station (NAS) more secure?

;