QNAP

QTS 5.0.x

Securing the NAS

All networked devices face constant security threats. To reduce the risk of your data being attacked, we strongly recommend following the best practices to secure your NAS. In essence, you should prevent unauthorized access, update your device software regularly, and install security utilities to protect your device.

  1. Prevent unauthorized access to your device.
    1. Create a new administrator account and disable the admin account.

      The admin account is the default administrator account. Nevertheless, to enhance the security of your device, we strongly recommend creating another administrator account and then disabling the admin account.

      For details, see Default Administrator Account.

    2. Enhance user password strength.

      We recommend enhancing your password strength and changing your passwords regularly to prevent brute-force attacks.

      For details, see Modifying User Account Information.

    3. Set up 2-step verification.

      2-step verification further enhances the security of user accounts by requiring users to specify a security code in addition to their account credentials during the login process.

      For details, see 2-step Verification.

    4. Remove unknown or suspicious accounts.

      We recommend verifying user accounts regularly and deleting any unknown or suspicious accounts.

      For details, see Deleting Users.

    5. Remove unnecessary permissions from general users.

      We recommend restricting the permissions of non-administrator users to limit their access to system operations and sensitive data. This helps mitigate the impact of a compromised user account.

      For details, see Modifying User Account Information.

    6. Remove unknown or suspicious applications.

      We recommend only installing applications and utilities that have digital signatures, which validate software developed by QNAP and other QNAP-trusted developers.

      You should regularly check your installed applications and remove any unknown or suspicious applications from the App Center.

      For details, see Digital Signatures and Uninstalling an App.

    7. Configure access settings in myQNAPcloud.

      To ensure your data security, UPnP is disabled by default. We recommend manually configuring port forwarding settings on your router.

      We also recommend configuring access control and only publishing necessary services in myQNAPcloud.

      For details, see:

  2. Update your firmware and applications to the latest versions.
    1. Update the firmware to the latest version.

      We strongly recommend regularly updating the firmware of your device to the latest version to benefit from the latest features, enhancements, and security fixes. You can also choose to automatically check for and install available updates.

      For details, see Firmware Update.

    2. Update applications to the latest versions.

      You should regularly update your installed applications to their latest versions for better performance, functionality, and security. App Center allows you to check for all available updates and then install updates for multiple applications at the same time.

      For details, see:

  3. Install and run security utilities on the NAS.
    1. Run Malware Remover.

      Malware Remover is a built-in utility designed to protect QNAP devices against malicious software. You can run instant or scheduled scans to remove malicious software from your device.

      For details, see Malware Remover.

    2. Install and run Security Counselor.

      Security Counselor is the security portal that allows you to centrally configure security settings and manage security components on your QNAP device. You can choose security policies, scan the device, and check for potential security weaknesses on the device. Security Counselor identifies potential risks and provides suggestions to help you enhance device security. You can also subscribe to QNAP security advisories to stay informed of the latest security fixes and solutions.