Posted inSecurity

What to look out when entrusting your data to a storage vendor?

While data security measures is about prevention, data protection is about ensuring data remains intact and recoverable in the event of system failure, cyberattacks or even natural disasters

By Synology  
By Synology  
SPONSORED POST

With the increasing prevalence of cyber threats, the importance of keeping data secure has
never been more emphasised. Consequently, choosing a capable storage vendor has
become more challenging.

The goal of storage security, according to the Storage Networking Industry Association
(SNIA), is to ensure that data is kept confidential, available, and integral. Storage security
involves various measures based on two key concepts: data security, which focuses on
keeping data safe from security breaches through access control and encryption, and data
protection, which involves ensuring data integrity by implementing backup and recovery
measures to preserve data completeness in the event of a disaster.

As a storage vendor our clients entrust their valuable data with, Synology makes security
our top priority. From keeping the data away from unauthorised access to recovering the
data in an event of crisis, Synology is dedicated in keeping data safe for our users. In fact,
Synology’s range of converged NAS/SAN storage systems has been deployed at tens of
thousands of companies worldwide, including nearly half of Fortune 500 companies, to store
business-critical data and backups.

In this article, we will explore the key factors that make Synology one of the most reliable
storage vendors to entrust your data with.

Data Security: Safeguarding data against security breaches

Data security primarily involves reducing the risk of attack on your system and keeping
private information away from unauthorised access. Synology, as a trusted storage vendor,
employs various security approaches including access control, encryption, Write Once Read
Many (WORM) technology, and a dedicated security team to ensure the utmost safety of
your data.

  1. Access control: Prevent brute-force attacks from unauthorised access
    Effective access control is the fundamental step in preventing brute-force attacks. Synology
    DSM offers a range of security settings designed to safeguard both the system and user
    accounts. From creating firewall rules, automatically blocking IP addresses with too many
    failed login attempts, and enabling Secure SignIn—a secure two-factor authentication
    method and convenient passwordless logins—to ensure the safety and accessibility of
    applications. By implementing these preventive measures, organisations can greatly
    minimise the risk of successful brute-force attacks and fortify the security of their systems
    and data.
  2. Encryption: Industry-standard encrypting to keep critical files secure
    Once the foundational access privileges are fortified, certain files necessitate a heightened
    level of protection that restricts access solely to authorised personnel. Encryption, being one
    of the most popular and effective methods, ensures that only authorised individuals can gain
    access to certain files. Synology DSM has been thoroughly tested and certified with FIPS
    140 for cryptographic modules, and support military grade AES-256 encryption to keep the
    files secure. Furthermore, the upcoming DSM 7.2 release introduces the encryption of entire
    storage volumes, simplifying the protection of systems and drives against leaks from
    physical theft.
  3. WORM: Immutable protection against malicious data tampering
    When it comes to compliance, stricter regulation is required to assure that data cannot be
    tampered with in any way once it is written to the device. The new Synology DSM 7.2
    release also enables businesses to reinforce the security of critical data through write-onceread-many (WORM) technology. Once the data is recorded, the data can only be read or
    accessed by authorised users and cannot be modified in any way. Sensitive files, including
    financial and healthcare records, as well as legal documents, can greatly benefit from such
    tamper-proof protection. The technology prevents any accidental or malicious alterations or
    deletions until a specified time period has elapsed and has been widely acknowledged as a
    crucial defense strategy against ransomware attacks.
  4. Incident Response: Stay alert and ready to respond
    Incident response is another crucial factor for identifying a secure storage vendor. Synology
    recognises the significance of incident response and maintains a dedicated team capable of
    prompt and effective action against security threats. Established in 2016, Synology’s
    Product Security Incident Response Team (PSIRT) is responsible for managing security
    incidents relating to Synology products, from receiving reports to investigating and reporting
    vulnerabilities publicly.

In the event of a zero-day attack, Synology’s PSIRT commits to resolving critical
vulnerabilities within an impressive 24-hour timeframe, surpassing the industry average of
60 days. Synology’s commitment to security is evident from the fact that there have been no
exploits on Synology products to date, according to the KEV Catalog by Cybersecurity &
Infrastructure Security Agency (CISA) since introduced in 2021.

Data Protection: Ensuring data integrity in all circumstances

While data security measures is about prevention, data protection is about ensuring data
remains intact and recoverable in the event of system failure, cyberattacks or even natural
disasters. Synology offers versatile data protection solutions that keep our users data safe
wherever the data resides.

1. Endpoint: Flexible backup options for all physical workloads
Every IT infrastructure differs from one company to another. A commonly employed
deployment involves endpoints such as PCs and servers. Active Backup for Business (ABB
in short), is a centralised backup application to backup variety of platforms to the NAS.
For PC and physical server, ABB provides flexible backup options from either bare-metal
backup or only a specific volume. For file server, SMB and rsync protocol are supported to
perform a file-level backup.

2. Virtual environment: Seamless protection for virtual machines
To have a full protection for company’s virtual environments, Synology also provides an
agentless backup for mainstream hypervisor, VMware vSphere and Microsoft Hyper-V. With
the all-in-one backup software Active Backup for Business, the virtual machines will be
safeguarded and quickly recovered under unforeseen interruptions.

3. SaaS Service: Support account-level protection for SaaS
SaaS is growing in popularity among business clients due to its ability to provide
uninterrupted data availability. However, most SaaS services are not responsible for users
deleting data or for data encryption by ransomware, making the data protection completely
your own responsibility. Therefore, implementing proper software to backup the SaaS data
is as important as the on-prem data. With Active Backup for Microsoft 365 and Google
Workspace, or ABM and ABG in short, data including drives, emails, and also Microsoft
Teams can be fully protected.

4. Backup 3-2-1: Ensuring business continuity with extra layer of protection
A robust backup strategy should always incorporate a secondary backup plan. The 3-2-1
backup rule recommends creating three copies of data on two different media, with one
copy stored off-site for disaster recovery. Synology simplifies the implementation of such a
strategy with its comprehensive backup solutions. Once the initial phase of backing up data
from PCs, servers, virtual machines (VMs), and SaaS platforms to a centralised NAS is
complete, additional layers of protection can be added. This includes creating off-site
backup copies that can be stored in various locations, such as local shared folders, external
devices, other Synology NAS devices, rsync servers, or public cloud services like Synology
C2.

C2 Storage is designed for Synology NAS to keep data protected and available at all times.
It offering client-side AES-256 encryption which safeguards your data against unauthorised
access even before it leaves the NAS. To access the backups, a password-protected private
key is utilised, ensuring that only you can decrypt, access, and modify the data.
This comprehensive backup solution offers schedulable and near real-time protection,
ensuring that your data remains safe and readily accessible in the event of a disaster.

Synology: Your one-stop destination for a comprehensive data safety solution

Synology offers range of applications that comes bundle with the hardware, eliminating the
need for any additional software costs. At Synology, we understand the importance of your
data, therefore we are dedicated to offer an affordable one-stop enterprise solution for
businesses of all sizes. Whether you are an existing Synology user or exploring our
offerings for the first time, we invite you to explore our mentioned solutions. By partnering
with a trusted vendor like Synology, you can significantly mitigate the risk of security
breaches and uphold the integrity and safety of your invaluable data.

Learn more by joining Synology Solution Day Dubai 2023