If you have a total of two disks, we recommend using RAID 1 to protect the information in case of failure of one of them. In the case of having 3 disks our recommendation is that you choose a RAID 5 to protect the data in case one of them fails, from 4 disks you can use RAID 6 or RAID 10 to protect the information against the failure of two disks.
Today’s operating systems for NAS allow us to configure RAID very easily and quickly, without the need for extensive knowledge, but you must configure it so as not to lose all your data in the event of one or more hard drives failing.
Ransomware on your PC that encrypts the NAS
One of the most important dangers that we must face is ransomware, a type of malware that encrypts all our computer files and asks us for a ransom to be able to open them again. This type of malware could also affect our NAS server if we have it connected to a network, which is the most common. A ransomware that infects our PC could also encrypt all the data on our NAS.
To mitigate this ransomware attack that comes from a PC, it is best to enable snapshots or also known as “Snapshots”. This functionality of file systems such as ZFS allows us to take a kind of “photo” of all the data contained on the disk, in case we are affected by ransomware, we will be able to go back and restore all the files and folders that we had in the previous «photo». It is very important that you have this feature activated to avoid data loss in case of accidental deletion or ransomware on the PC.
Ransomware on the NAS
Security vulnerabilities are the order of the day, cybercriminals always want to exploit one or more vulnerabilities to take control of our NAS, and then infect it with ransomware that encrypts all the data contained in it. In this scenario, the snapshots or snapshots are worthless, because if, due to a vulnerability, they have accessed with administrator permissions, they will also have deleted these snapshots, therefore, we are totally “sold”.
This is the most serious scenario that we will face, because we cannot recover the data unless we pay the ransomware ransom or recover an off-NAS backup that we have made. Many manufacturers over the months have been affected by this type of serious vulnerability, causing users to lose all their data and recovery is really complicated.
If you have to access your server from the Internet, always do it with a VPN, either the one configured on the router or the one configured on the NAS itself, but you should never expose the operating system administration website to the Internet, nor any other susceptible service. from being hacked by cybercriminals.
What to do so that the files are safe?
If you want your files to be more secure on your server, you should make recurring backups on different media. The ideal would be to make a 3-2-1 backup as we explained to you in RedesZone previously, this backup scheme consists of:
- Make 3 backups.
- Store the backup on two different media, for example, another NAS that only connects for these backups or in the cloud.
- Store a backup offline, for example, on a DAS that is only powered on for backup.
One option that we recommend you try is to store the backup in the cloud such as pCloud, right now you can try pCloud completely free and have 10GB of cloud storage. In the event that it works well for you, you can buy a subscription of 2TB of capacity in the Cloud for approximately €350, in addition, it is compatible with the WebDAV protocol so you can integrate it into your server easily and quickly. Of course, you could also use the typical Google Drive, Dropbox, OneDrive and other more advanced options such as Amazon S3 among others, in this way, your data will be in the private cloud but you will also have it replicated in the Cloud in case a disaster occurs.