Good evening,
I am an old Qnap user and I was victim of a Ramsonware ech0raix attack that encrypted all my nas data. Fortunately I had an external drive where I mirrored the data on a weekly basis. The climax was that the automatic backup I was doing on this disk was activated after the data encryption, so the backup station started copying the encrypted data to the external disk, eliminating the original ones. By a miracle the backup failed shortly after it started and I saved pretty much everything.
So I decided to invest what I saved in data redemption (those crap wanted € 1350) in buying a new Nas and I chose a Synology DS920 +, currently with only a 4tb WD red Pro drive.
I am writing here today to ask you what I can improve to avoid unpleasant problems in the future. I will list the solutions I have implemented at the moment and I kindly ask you to tell me what I can improve to make the data even more secure.
1) On the Synology I have activated firewall and automatic block for excessive login attempts.
2) The Nas Qnap I initialized it (formatted infected drive with various anti malware that identified and removed the malware). On the initialized nas I have installed practically nothing and I deactivated qnapcloud to access remotely, disabled admin account by creating new administrator user, deactivated upnp, activated automatic block for excessive access attempts, deactivated ftp, telnet and dlna.
Backup
Regarding the backups I have set this:
1) Single copy rsync backup from synology to Qnap via network. In practice, a mirror copy of the data carried out once a week.
2) Backup on external hard disk not single copy with smart recycle rotation always once a week. The backup cannot be consulted except through hyperbakcup explorer and if I understand correctly it keeps me different versions of the data over time.
3) Activated Snapshot on the most important folders with advanced retention policy.
I think I have told you everything I have done so far. What else do you recommend?
Thank you
I am an old Qnap user and I was victim of a Ramsonware ech0raix attack that encrypted all my nas data. Fortunately I had an external drive where I mirrored the data on a weekly basis. The climax was that the automatic backup I was doing on this disk was activated after the data encryption, so the backup station started copying the encrypted data to the external disk, eliminating the original ones. By a miracle the backup failed shortly after it started and I saved pretty much everything.
So I decided to invest what I saved in data redemption (those crap wanted € 1350) in buying a new Nas and I chose a Synology DS920 +, currently with only a 4tb WD red Pro drive.
I am writing here today to ask you what I can improve to avoid unpleasant problems in the future. I will list the solutions I have implemented at the moment and I kindly ask you to tell me what I can improve to make the data even more secure.
1) On the Synology I have activated firewall and automatic block for excessive login attempts.
2) The Nas Qnap I initialized it (formatted infected drive with various anti malware that identified and removed the malware). On the initialized nas I have installed practically nothing and I deactivated qnapcloud to access remotely, disabled admin account by creating new administrator user, deactivated upnp, activated automatic block for excessive access attempts, deactivated ftp, telnet and dlna.
Backup
Regarding the backups I have set this:
1) Single copy rsync backup from synology to Qnap via network. In practice, a mirror copy of the data carried out once a week.
2) Backup on external hard disk not single copy with smart recycle rotation always once a week. The backup cannot be consulted except through hyperbakcup explorer and if I understand correctly it keeps me different versions of the data over time.
3) Activated Snapshot on the most important folders with advanced retention policy.
I think I have told you everything I have done so far. What else do you recommend?
Thank you