|
Information Security Tips Series |
||
|
0 Photo |
||
We discussed in the last issue the security of the most common external hard disks, i.e. portable USB hard disks. In this issue, we discuss the security of other increasingly popular external storages, i.e. Network-attached Storages (NAS). NAS, which may contain one or more hard disks, allow multiple users to share files and access the data remotely through the home network or the Internet. This convenience makes the data security a challenge. In addition to the security tips mentioned in the last issue, the tips below can apply to NAS. Protection against Hard Disk Failure
Users can set up mirroring or Redundant Array of Independent Disks (RAID) protection using multiple hard disks to protect the data from loss due to hard disk failure. Different levels of RAID have different levels of data redundancy and usable storage sizes. Users should choose the most appropriate one for their usages. For example, in the mirroring or RAID-1 configuration, same data will be written into two hard disks at the same time. On one hand, since the data is saved in duplicate, the total usable size of storage space is reduced by half. On the other hand, if any one of the hard disks fails, the data can still be available from another hard disk without any loss. User and File Access Rights
Individual user account and password should be set up for users to access files in NAS. Stringent password controls, like minimum eight-character password length with special characters and limited number of the failed login attempts, should be set, if possible, to minimise the risk of password being compromised. Besides, users should be assigned with appropriate privileges to access the folders or files if you do not want some users to see others’ data. Some NAS products may provide encryption for the chosen files or folders to prevent any unauthorised access. Moreover, default user accounts should be disabled if not used. Network Security
Some NAS can be connected to Internet and configured as servers to provide services like websites, email or file servers. Users should turn off all unnecessary Internet services to avoid any accidental data leakage. If it is necessary to connect to Internet, firewalls, either configured in NAS or broadband routers, should be in place to protect the NAS from any Internet attack. Besides, secure connection like HTTPS and Secure Sockets Layer (SSL) can be applied wherever appropriate to encrypt the connection to protect data against eavesdropping. Software Update
and Patching
Reputable NAS manufacturers will update the operating system of their NAS regularly. The updates strengthen the functions of NAS. At the same time, they will fix the security loopholes or vulnerability of the operating system. Therefore, users should regularly update the operating system or apply the security fixes of their NAS. Monitoring
Logging and notification should be enabled, if possible, to allow users to review regularly the activities in NAS or to troubleshoot any problems. In case of any incident like hard disk failure, the logs and notification message would alert users promptly about the problems. No matter the place where data are stored, users should pay attention to the security of their data. We hope the two issues on External Hard Disks and Storage Arrays would provide users some security tips about the external hard disks and NAS. |
||
| <<Back to Features>> <<Back to Top>> |