A NAS server is a perfect environment for storing data. The system is secure by default, but you can do more to prevent data loss and other incidents. With several features, tools and steps, you can significantly progress in ensuring data security. This article will cover what you can do on a Synology system.
Many businesses use Synology systems to store documents, videos and backups. Depending on the capacity of the NAS, this can amount to terabytes of data. Some of it may contain very sensitive information, while some of it may be quite simple data. Therefore, some data will deserve just a little extra protection.
The rule to achieve that security is to follow the 3-2-1 strategy. This is a standard for ensuring that data is recoverable in case of problems. A problem could be a ransomware attack, damaged equipment or accidentally deleted files. The 3-2-1 rule makes at least three copies of data. Of these, two are kept on different storage media. One copy of the data ideally resides outside the corporate network.
Protect PCs, servers and virtual machines
Synology offers Active Backup for Business to achieve this secure workflow. This component of the DiskStation Manager OS provides the ability to arrange backups for PCs, servers and virtual machines. From Active Backup for Business, it is possible to deploy agents to corporate PCs. The endpoint doesn’t sacrifice much on performance with this lightweight application, but it makes it possible to arrange backup tasks for the device. When configuring and setting the tasks, for example, it can be specified that they should only take place when the PC is locked or the user logs out. In this way, the user is not inconvenienced by backups. In addition, for organizations with a decent amount of PCs on the corporate network, Active Backup for Business offers functions to control tasks a little further centrally. For example, they can use templates to apply a general backup frequency or deploy an agent in bulk to workstations.
In addition to the features of Active Backup for Business, the tool has capabilities for protecting servers. Synology has built support for Nutanix Files, NetApp ONTAP and the SMB protocol. For those environments, administrators can set appropriate times for making the backups.
The Active Backup for Business console again provides separate capabilities for physical servers. The Instant Restore feature can be used if data and services need to be restored for these servers. Administrators can restore the servers (Windows or Linux) to a virtual environment based on VMware vSphere, Microsoft Hyper-V or the Synology Virtual Machine Manager.
Finally, there is an option for endpoint protection, with extended protection for virtual machines (VMs). Synology addresses this with agentless backup for vSphere and Hyper-V. The Active Backup for Business environment can restore data in Microsoft Exchange, Active Directory, SQL Server and Sharepoint when running on vSphere or Hyper-V. Active Backup for Business integrates with VMware and Microsoft’s logging features to make the backup processes run smoothly. That way, only changed data is backed up during the processes.
Microsoft 365 and Google Workspace data need protection
While arranging a data protection strategy for PCs, servers, and VMs is now standard for many businesses, getting SaaS data protection right sometimes still leaves much to be desired. Synology has recently been looking at what else it can do in this area and has further developed its solutions for Microsoft 365 and Google Workspace. Both productivity suites have separate Synology solutions.
With Active Backup for Microsoft 365, companies can manage data on OneDrive for Business, SharePoint Online, Exchange Online, and Teams. For these solutions, the data generated is not secured by default. Not every company is aware of this, which leads to information from productivity solutions being lost unknowingly regularly. Synology, therefore, makes Active Backup for Microsoft 365 available for free to users of the NAS servers, removing the barrier to data protection. From the centralized environment, backups can be arranged for all Microsoft 365 accounts in an organization.
Also read: How secure is a Synology NAS?
Companies not using Microsoft 365 for productivity often rely on Google Workspace. With Active Backup for Google Workspace, Synology addresses arranging backups for this software suite. Again, organizations must protect the data generated. Synology’s Google solution thus secures emails from Gmail, contacts, calendar appointments, My Drive and shared drives.
Complementing the protection of SaaS data, Synology offers the paid service C2 Backup. This gives businesses additional options to protect NAS data by housing it in the Synology Cloud. It provides a new location where a business can implement the 3-2-1 strategy. This environment houses data from Microsoft 365. Organizations can also use C2 Backup to manage data stored on PCs and servers.
Cold data and hot data
Taking care of the above issues will go a long way in helping companies follow the 3-2-1 rule. However, the strategy also means all data types are in different storage locations. That’s why Synology has targeted solutions for cold and hot data. In this case, cold data is the type of data on the NAS server that is not accessed often. This can be system settings and software packages of the NAS. For this type of data, Synology offers Hyper Backup, which allows the NAS administrator to clone an entire system. For example, a backup target can be an external HDD and a cloud service from Google or Microsoft. When companies have this backup properly arranged, they can recover a damaged Synology system relatively easily.
Hot data has a different approach than cold data because that’s exactly what users need to access regularly. An example of hot data is a shared folder on a Synology where multiple users access and store files daily. To provide additional protection for this type of data, Synology has built Snapshot Replication. Administrators who deploy Snapshot Replication use the solution to create copies of shared folders and LUNs. The snapshot allows them to restore to quickly a specific point in time, and users can get back to work.
The role of the cloud
Ultimately, Synology also sees businesses setting up their infrastructure in various ways. A backup policy should adapt to that as much as possible. In the hybrid story, Synology thus involves much of its C2 Cloud. Especially C2 Storage and C2 Object Storage are two solutions that can do a lot for hybrid scenarios. C2 Storage can extend Hyper Backup, allowing cold data to reside in another location. An important feature of using this C2 Storage location is that the cloud uses AES-256 encryption, which protects the data from unauthorized access.
C2 Object Storage exists alongside the C2 Storage solution. This part of the Synology Cloud is a place to house your company’s unstructured data. Businesses generally have more and more unstructured data as more audio and video are generated, for example. In the C2 Object Storage location, the data has additional protection mechanisms through object versioning (multiple variants of an object) and immutability (a location with so many permissions that data modification is impossible).
All in all, Synology provides the tools for the 3-2-1 strategy. There is enough available for businesses to manage and protect their data flexibly to suit the diverse needs of the business environment. Thus, the data on a Synology NAS is secure.
1 day ago
