Author Topic: What is a nas server / what is a hard drive you can access through internet?  (Read 2513 times)

Just looking at secure storage of important files for work use for someone moving around to work. I was wondering if there's a way of creating a private cloud storage just for yourself and permitted users? Not big but better than ppl carrying around external hard drives everywhere with the risk of damage or forgetting it.

What's the options and how safe for your data are they?

Question caused by a scare over months of data thought to be lost when a hard drive "went funny".

Google Drive? Dropbox? Loads of options out there. Secure is as secure as you want, and there are corporate options. Box is likely the best secure for corporate use https://www.box.com/en-gb/home

We've got them but tbh we want something in our control if possible. Plus a paranoid other half doesn't trust cloud storage of a commercial nature. We're talking irrational, like resisted setting up a Google account for an android phone because they get your data right!?

We've got them but tbh we want something in our control if possible. Plus a paranoid other half doesn't trust cloud storage of a commercial nature. We're talking irrational, like resisted setting up a Google account for an android phone because they get your data right!?

Not wrong there..... you have do a metric largetonne of stuff to opt out of stuff that tracks you, then you lose a lot of the GooglyGoodStuff

If you want your own "Cloud" .... it doesn't exist. Cloud only means someone else's tin, but there is always tin at the end of it. The only way around would be to have your own server in a rack somewhere, which is (a) expensive and (b) likely a LOT more vulnerable.

Srsly, look at Box.

You COULD have a NAS server at home (NAS = Network Attached Storage) and access this over the Internet.
Before anyone says so, I would advise against opening up the relevant SMB or NFS ports!

You could use an ssh connection and use an sshfs mount.
Or you could use a VPN  - I guess a lot of small office/home office routers support VPN these days.

I stress the COULD. Look at box as Ham says.

NAS - Network Attached Storage.  you send the data to / from the storage using a network connection. Not a direct cable to the disk enclosure.

SMB - Samba. the protocol normally used for storage by Windows PCS

NFS - Network File system - the protocol normally used by Uix/Linux PCs. But also available now on Windows

VPN - Virtual Private Network. An 'over;ay' encrypted link which means you can privately and securely create a link back to your office or home network from a public place.
If you are serious about not usign a cloud provider then yu might want to investigate VPNs

How about this:  https://www.asus.com/uk/Networking/DSLN55U_D1/

I have no idea how the link from the public network is configured. you need to check how secure that is.

The nearest thing to 'private cloud storage' would be using Amazon web services and creating a virtual server on there. It isn't like signing up to google accounts, you aren't giving them any permission to access the contents.

I don't do this, btw, but many of the worlds major corporations run their web services and stores on Amazon.

See here:
https://aws.amazon.com/products/storage/
You are probably going to find Amazon S3 suitable.
<i>Marmite slave</i>

Our work has a server (windows home server 2011 IIRC). My works laptop can access they if I take it home. I don't take it home as I'm often cycling.

Is it possible to do that with a nas drive?

I was thinking of VPN but don't know much about it.

I used to know a guy who cabled his house up and created a home network. That was before wifi though. He built his own PCs up and did it all himself as a hobby. Quite some time ago

Mr Larrington

  • A bit ov a lyv wyr by slof standirds
  • Custard Wallah
    • Mr Larrington's Automatic Diary
Most NASen these days offer some sort of remote access but as Mr Scum says upthread, the security implications are somewhat, er, insecure.  This may or may not be an issue, depending on what kind of data you want to access from elsewhere.  Personally I've never bothered even to try it.

Home networks are as complicated as Kim chooses to make them but on a very basic level all you need are a few cables and a network switch if your router doesn't have the necessary ports on the back.  The Grand Escalier of Larrington Towers is starting to resemble the interior of a U-Boat with cables running every which way.
External Transparent Wall Inspection Operative & Mayor of Mortagne-au-Perche
Satisfying the Bloodlust of the Masses in Peacetime

fuaran

  • rothair gasta
Most NAS devices have some options for access over the internet. Usually through some sort of web interface. You login via a central server, so you don't need to setup port forwarding etc.
Some of them also have apps, which work in a similar way to Dropbox etc.

eg a Synology NAS with Quickconnect. https://www.synology.com/en-uk/knowledgebase/DSM/help/DSM/Tutorial/cloud_set_up_quickconnect

Running remote access of any kind means that you have opened a wormhole to the world, no matter that you can "stealth" the opening so that is isn't advertising.

There are malicious bots that crawl networks looking for vulnerabilities to commonly used applications. If whatever you are using to grant access is compromised in that way, the chances of you finding out about is small. Your question and responses suggest that you might struggle maintaining currency of the <software of your choice> against such attacks. While VPN is an inherently secure method of communication, the VPN server would be a weak point. Also, if your remote device (laptop, whatever) became compromised, that would compromise your home environment too.

Up to you, ultimately which you consider the greater risk: Loading data with a commercial organisation that spends a lot on the latest tech to keep your data safe from malicious attack, or rolling your own.


Added to which, a NAS server at home is inherently insecure in that it may be stolen, suffer disc failure, be vulnerable to power surges, fires, pets peeing on it (yes this has happened to people), etc.
<i>Marmite slave</i>

frankly frankie

  • I kid you not
    • Fuchsiaphile
I'd go with a Synology NAS if you don't want Google Drive et al.  Synology is incredibly easy to set up and has loads of server options.
But ultimately ...

Not big but better than ppl carrying around external hard drives everywhere with the risk of damage or forgetting it.

A USB drive chained to your neck would seem to be the most secure option after all.
when you're dead you're done, so let the good times roll

Afasoas

You could try owncloud or nextcloud on a VPS (virtual private server)

With OVH I believe you can take multiple VPS and run a private virtual network between them. So I'd set one up as a VPN end point and another up as an owncloud/nextcloud instance with private virtual network between them. I'd then take a third VPS in a geographically separate data centre as a backup target for data stored within the owncloud/nextcloud instance. That can possibly receive the backups over virtual private network too.

The advantages of this are that there's no major up front cost and your data would be secure in a data centre, rather than in a shed/garage/attic etc.

For any solution to be 'secure', you'd need a conscientious IT guy to set this up for you and periodically run updates.

Morat

  • I tried to HTFU but something went ping :(
How big/rich is work?
https://www.vmware.com/uk/products/horizon.html

Perhaps more realistically, I'd go with a NAS (Synology work for me under light loads) and a VPN connection. It would be foolish to skimp on a decent firewall, Fortigate are very good and they have a completely painless VPN client/app for W10 that has given good results with me/my users. It's the only thing I've ever installed from the Windows Store :)

NAS - Firewall- VPN - Remote Users

I wouldn't rely on the NAS to repel boarders on its own, it's not what they're for.
Everyone's favourite windbreak

tonycollinet

  • No Longer a western province of NĂºmenor
If you want to run this functionality yourself then I would also suggest synology.
https://www.synology.com/en-uk/dsm/feature/file_sharing

Yes, you need to provide access to your server, but synology are looking after the security - they have a reputation to uphold and as such the system will be at least as secure as anything you could setup yourself.

You haven't really defined what you mean by "how safe for your data are they". In your first post you mention the near loss of months of data from a broken hard drive, in your second you worry about it being stolen by a big corporation.

It sounds like you need a decent backup solution, and you need it yesterday. Technology goes wrong, and people fuck up, if losing data is going to be more than a mild irritation then you can't just put it on a drive and hope that it's still there tomorrow. There are a lot of good pointers above, but you must understand that if you just put your data on a NAS that does not make it safe from getting lost. It's just a hard drive, it can go wrong just like any other. If someone accidentally deletes all the data from spreadsheet and saves that to the NAS - bang, it's gone, you're not getting it back. No matter how "in control" you think you are by running your own storage solution.

You have two solutions:
1. You can hire someone who knows what they're doing to install and run a storage solution on-site, with hourly backups, nightly off-site backups, multiple redundancy, etc. Set up a VPN and train your staff to only work on files over the VPN.
2. You can purchase the equivalent services from a big company as suggested above. And no, it's not the same as when you tick the box to tell Google "please follow me everywhere so you can suggest a coffee shop and sell advertisers my taste in donkey porn". They are selling these storage services by their security, as MrCharley says, to some of the biggest companies world-wide.

Think about it. How much will data loss cost? When you get the monthly payroll, do you give a stack of fivers to the tea-boy and tell him to stand in a windy field and count it out? Well that's the equivalent of what you're doing with a month's worth of work on a hard drive or a self-installed NAS. Or do you let the bank do it? Despite all the evil bankers and 2008 and scare stories about bank fraud, realistically it's the safer thing to do.

Quote from: tiermat
that's not science, it's semantics.