Your ASUSTOR NAS, like any other device, is susceptible to security breaches. Practicing basic cyber security hygiene is the first step in securing your NAS. Here’s what you need to do in order to make your ASUSTOR NAS more secure.
Strengthen Your Login Credentials
When you first set up your ASUSTOR NAS, or if you perform a soft reset on it, your system admin password will be
admin. If you leave it as-is and someone manages to find the NAS on your network, you’re going to get hacked. Period.
Unfortunately, ASUSTOR doesn’t allow you to change the name of the default admin account. That means that if the would-be hacker knows anything about ASUSTOR NAS and wants to hack yours, they’ll already know the username of the admin account is “admin”.
You can add an extra layer of security by creating a new user with a unique name that has admin privileges, and then disabling the default admin account.
You can do this by going to “Access Control” > “Add” > “Add New User.” In the “Add New User” screen, input your unique username, and then give a strong password that contains a mix of alphanumeric and special characters. ASUSTOR let’s you know when you have a strong password.
On the next page, give admin rights to the new user account.
Once set up, log out and switch to the new admin account you just created. Head back to the Access Control panel, select the default admin account, click “Edit,” select “Disable this Account,” and then click “Ok.”
Use Two-factor Authentication
Two-factor authentication adds yet another layer of protection to the login process. If someone were to actually somehow get their hands on your login credentials, they’d still need to input the authentication code sent to the respective device. This makes two-factor authentication an extremely difficult security wall to break through.
Even better, ASUSTOR requires you to download and install an authenticator app, such as Google Authenticator, to your mobile device. This is more secure than using SMS, as SMS messages can be intercepted through phone networks, or threat actors can do what’s known as a SIM swap. And while you’re not 100% safe using an authenticator app, it’s better than the alternative.
The process for enabling two-factor authentication on your ASUSTOR NAS is pretty simple. To get started, head over to your personal settings and check the box next to “Enable 2-step Verification.”
The wizard will carry you through the rest of the process. Make sure you have your mobile device with a QR code scanner handy.
Block Unauthorized IPs
Writer and network/cyber security expert, Dave McKay, eloquently defines a firewall as a monitored and controlled boundary between your network and the rest of the internet, with its purpose being to keep cyber threats and malicious or unwanted network traffic out of your network. In other words, your firewall is your first line of defense.
ASUSTOR provides a software called ADM Defender, which comes with a firewall (and Network Defender), allowing you to block specific IP addresses from accessing the NAS or allow only certain IP addresses to access the NAS.
Navigate to the “ADM Defender” tab of your NAS settings to start configuring your firewall.
Enable Hypertext Transfer Protocol Secure (HTTPS)
HTTPS is HTTP with Secure Sockets Layer (SSL)/Transport Layer Security (TLS). You should always use HTTPS when possible–it encrypts the requests and responses that HTTP doesn’t. There’s a reason it’s so dangerous to use HTTP sites if you’re inputting credit card details or other personal information.
Related: What is Formjacking?
To enable HTTPS on your ASUSTOR NAS, navigate to “General” > “Management” from the NAS settings menu. Here, you can enable HTTPS and automatically change HTTP connections to HTTPS connections. Keep in mind you’ll need to import your SSL private key/certificate through their Certificate Manager.
Update Your Firmware
Always keep your NAS up to date. As time goes on and security vulnerabilities are brought to light, ASUSTOR will provide security patches for said vulnerabilities via firmware updates. You can manually update your machine or set automatic scheduled updates. Be sure to set the scheduled updates for a time when your NAS isn’t full throttle.
As expected, ASUSTOR also lists out their updates in their Release Notes. Give them a gander if you’re curious.
Frequently Create Snapshots of Your Data
For the data-savvy folks out there, this is a no-brainer. Taking snapshots is a surefire way to protect your data. Even if your system gets infected with ransomware, you can always roll back to a previous state without paying the ransom. Of course, there’s always a chance that you lose any new changes to your data from the last snapshot to the point of infection, but it’s better than paying a ransom to a threat actor–in most cases.
One of the more basic features of a NAS is the ability to perform snapshots. ASUSTOR is no exception. You can set up scheduled snapshots (or do it manually) in the Snapshot Center. Schedule them frequently so that if you do get hit with ransomware, the data loss will be minimal when you roll back.
And as always, back up your data to multiple locations.
As we mentioned in the beginning of this article, basic cyber security hygiene is a must. Proper cyber security begins with you. In another article, we explain the three legs of cyber security:
- IT governance
- Staff education
Replace “Staff education” with self-awareness if this is a NAS for personal use, but the point remains. Keep your tech up to date, don’t give people unnecessary access (even if not intentionally malicious, human error exists), and be aware of your own behavior. By following these rules, you can make your ASUSTOR NAS more secure.