My online software AHP-OS is mainly used in research. Projects handled with AHP-OS cover a wide range of applications like healthcare, climate, risk assessment, supplier selection, hiring, IT, marketing, environment, transport, project management, manufacturing or quality assurance. Some of these projects could contain sensitive data. Therefore I finally decided to secure the site with HTTPS to protect the site and users.
Recently I bought the network attached storage (NAS) DS1513+ from Synology and integrated it into my home network in order to have a central place to store and access my data. This NAS has several server functions, making it convenient to access data remotely, but also making it vulnerable to unauthorized intrusion. So the question arises, how to mitigate this risk without restricting the remote functionality of the NAS. There is a lot of information available in the web; yet for me it took some time to identify and understand the most important modifications and to implement them:
- VPN Virtual Private Network – to remotely access the local area home network
- SSH Secure Shell – for secure login as root user or admin to fully access the (embedded) operating system
- SSL/TLS – to secure traffic between website and browser (HTTPS)
- Enable 2-Step Verification for DSM web access
- Store all critical data (certificates and private keys) on an encrypted memory card