Prevent Cyberattacks with Secure Storage Solutions
Ransomware is an increasingly common cyberattack that locks user data until a hefty ransom is paid. QNAP’s products, like those of other storage companies, has attracted the attention of organized cyberattacks. QNAP works tirelessly to increase the security of our products, and provides you with the means to harden your NAS against cyberattacks and prevent data loss.
How ransomware attacks your NAS
Two of the most common ways ransomware can attack your NAS are brute force attacks and software vulnerabilities. Once infected, hackers will encrypt your files and demand payment.
-
Brute Force Attacks
When hackers use trial and error to crack passwords or encryption keys.
-
Software Vulnerability
When hackers exploit unpatched weaknesses or known issues in software.
Enhance your data security in 3 steps
By practicing the following steps you can ensure you’re not an easy target for hackers. Exercising these fundamental setup preferences along with QNAP’s security apps creates a secure NAS and the ability to recover data in case of a cyberattack. Apply them to secure your NAS, safeguard your data, and for extra peace of mind.
1/Basic setup
-
Always use strong passwords and 2-Step Authentication for all user accounts
-
Configure a password policy to enforce strong passwords and require periodic password changes.
-
Avoid using default port numbers 433 and 8080
-
Enable Network Access Protection to protect accounts from brute force attacks.*
-
Disable SSH, Telnet, and other services if not in use.*
-
Unless you are proficient in network security, it is not recommended to enable manual port forwarding, auto port forwarding (UPnP, Universal Plug and Play) and demilitarized zone (DMZ) for QNAP NAS in your router or modem configuration.
You can configure these options in Control Panel > Security
2/QNAP’s security apps
QNAP provides multiple security applications to keep your data safe. Manage the internal security of your NAS with a dashboard to stay ahead of threats. Also, safely access your NAS from external networks with myQNAPcloud or an advanced method using a virtual private network (VPN) connection.
QNAP’s Security Counselor app monitors:
-
Security Checkup (including OS/firmware updates)
-
Antivirus
Security Counselor
- Your security portal
Security Counselor checks for weaknesses and offers recommendations to secure your data against multiple attack methods. Security Counselor also integrates anti-virus and anti-malware software to ensure the complete protection of your QNAP NAS.
myQNAPcloud
- Securely access your NAS
Directly connecting to your NAS via IP address may leave it open to a potential attack. myQNAPcloud allows you to securely access remote files by using an encrypted connection through QNAP servers to prevent hackers from reaching your NAS.
Learn More : myQNAPcloud
QVPN Service
- Connect through VPN with the highest security level
The QVPN Service enables secure VPN connections between QNAP NAS and user devices, providing data protection over the Internet.
Learn More : QVPN
3/A complete backup plan
Keeping just one backup is no longer enough - to increase your chances of recovering lost/corrupted data, follow the 3-2-1 rule.
What QNAP is doing to improve
With ransomware increasing, it has never been more important to take proactive steps to protect your data. No method is perfect, but creating a backup plan with a combination of best practices and the 3-2-1 Backup Strategy is the most effective way in keeping your data safe.