Sometimes security is just a policy document which reads well and makes management / goverment feel secure but it’s the implementation and corporate governance that is lacking in so many companies and especially suffers when rightsizing during reorganisations. even external auditors cannot be fully relied upon these days because of vested interests, Post Office Horizon?
Yep… though the culture of using lazy security labels/classifications without much thought in gov / public sector is now changing… real risk assessments are now required.
Very true
1 Like
Forgive my ignorance of these things but wouldn’t disabling cloud access prevent ‘outside’ access while still allowing me to serve media to my local network via the router, simply connecting it to one of my PCs doesn’t work for me.
Saw this the other day.
I have a few WD NAS devices which are older but I’ve always been a bit suspect of their performance and security.
Yep the authentication code was just commented out, maybe for internal testing purposes but what an absolute fail on release software.
TBH I don’t know, WD advise to Copy over files to pc/iMac etc via direct link.
Thin end of the wedge…
The issue is the prevention of malware. Yes by not having your NAS operate and connect remotely will reduce the chance of infection, it could however by inflected by something else on your local network.
So the safest way is there are items of significant value on the NAS is to stop the NAS being able to route to the internet (or talk to anything outside your home subnet) … so even if infected one can limit the damage.
Commercial organisations tend to use various methods to control this without being so necessarily restrictive, but they are expensive, such as using so called next generation firewalls that check the actual data flows from specific devices are what are expected and recognised and only allow the recognised and validated flows through… everything else is dropped and alarmed.
So at home these controls may out weigh the benefit, especially if there are no items of value on the NAS, but underlines the importance of always keeping a backup.
Vulnerabilities came in many shapes and sizes, just in the last few days Microsoft announced a critical vulnerability called ‘PrintNightmare’ which has had many commercial and gov users disable print spooler functionality until patched under emergency changes.
Is the easy was to accomplish this to simply remove the default gateway on the IP setup? If it will allow you to that is.
Yep if you can do that it should be effective.
If you can ensure services like NTP on your NAS point to a local NTP relay which might be your router.
Many Cisco 2960 can be set up to this as well, but you will need to configure them.
or simply change the default gateway to an unused local address. This is a trick we used to use in the office donkeys years ago.
Which amounts to the same thing…
Latest from wd
Hello My Book™ Live/My Book Live Duo Customer,
If you are a My Book Live or My Book Live Duo customer, we are offering the following limited time offer:
Trade-In Offer:
Western Digital is offering current registered My Book Live or My Book Live Duo customers a trade-in discount of 40% off a select new My Cloud™ Home personal cloud storage or My Cloud EX2 Ultra 2-bay network attached storage device. For more information regarding the trade-in offer for eligible devices, please visit [My Book Live and My Book Live Duo: Trade-In Offer.
Additionally, if you are a My Book Live or My Book Live Duo customer that has lost data as result of the [recent security incident], we are here to help you by offering the following service.
Data Recovery Service (“DRS”) Offer:
Western Digital will help to recover your data using the data recovery services provided by a Western Digital-selected vendor. Western Digital will cover all the costs of shipment of the qualifying product to the DRS vendor and for the DRS. Recovered data, if any, will then be sent to you on one or more My Passport™ portable hard drives. For a list of qualifying products and eligibility requirements, please visit [My Book Live and My Book Live Duo: Data Recovery Offer.]
At Western Digital, we strive to continually improve our products and customer experiences. To take advantage of either of these services, or if you have any questions, please contact our [Western Digital Support Team].
Sincerely,
Western Digital
1 Like
I have backup of my QNAP NAS scheduled weekly and so the backup USB drive is always connected to the NAS.
If the NAS gets infected or wiped will the back up also have the same problem if it then attempts a backup operation?
Topic closed at OP’s request.