Are NAS Drives Safe? Can You Trust Them With Your Data?

Can You Trust and Rely on a NAS Drive for Your Data in 2021?

These days one of the most important things that we all strive to keep safe and sound is our data. The world has shifted towards a heavily data-influenced society and whether you like it or not, your data is valuable, vital to you and therefore needs to be protected. Over the years we have seen two very clear methods of ensuring your data is safe, namely those of utilizing internet-based cloud services (such as Google Drive, Dropbox, OneDrive and more), or using privately owned storage methods such as USB drives, localized PC storage and of course network-attached storage (NAS). Almost all of the previously mentioned storage methods are familiar to most home and business users, however, network-attached storage (although some 20-years old commercially) still remains a little bit more of an intimidating purchase for many. Costing noticeably more than most other independent storage methods on day one, many users want to know that purchasing a NAS is a reliable and dependable data storage backup system and is going to be safe and secure in the long-term. Although the number of terabytes, the speed of the system and the features it includes are incredibly important, today I want to really, REALLY focus on how secure a NAS drive really is. Below I have broken down 5 of the biggest concerns that new/first-time NAS drive buyers have before purchasing a server drive for home or business.

Disclaimer – It is important to be transparent about my own data storage views. I have been working in data storage for over 15 years professionally, as well as privately and as a hobbyist since being a teenager. I genuinely think that most of the modern storage methods ranging from local USB and DAS to NAS and cloud have their own inherent advantages and disadvantages. Many people will assume that because this website is heavily focused on the world of NAS (the name NASCompares is a bit of a clue), that it will try to gloss over the worst bits or paint NAS systems in a better light than they are. I can assure you that I have remained as independent as possible when talking about NAS drives and security, highlighting several notable issues that have arisen in the world of NAS in the last two decades in efforts to keep things balanced. In short, although I believe a solid NAS system is incredibly useful and secure, I know that they are not for everybody, so do go into this article with an open mind on all kinds of storage, and rest assured that I have too!

How Safe is a NAS Drive from Hardware Failure?

Easily one of the most relatable concerns that most first-time NAS buyers have revolves around the reliability of the hardware that these systems use. You may know precious little about network technology or much about data storage backup strategies, but we all want our new toy to work for as long as possible and do the job you bought it for! In the case of network-attached storage, the brands tend to play a pretty straight forward game and are quite clear on just what each individual system can do. Scaled hardware options across different portfolios result in scaled pricing strategies too, with more affordable NAS hardware arriving for as little at $100-200, which can scale all the way up to $5-10,000 at the top end for business and enterprise. So it is important to bear in mind that although I believe NAS hardware is reliable and rarely prone to failure, that this all exists within the context of the system being used appropriately. 

Of course, nothing is perfect, If any piece of hardware available to commercial or consumer users was effectively perfect, no brand would need to offer a warranty period with their systems. Likewise, like the majority of hardware built in the last two decades, although the system is produced under a single brand, a number of the core internal hardware and components are produced by larger companies such as lntel, Samsung and more. This is unavoidable as these companies own the very manufacturing plants that produce these components worldwide. With these components being produced in such huge volumes and being utilised so widely across most computer-based systems, errors can still occur and although very quickly remedied, mean that for all you know the TV, laptop, phone or NAS in your home may have a small component that is just waiting to die. One very clear example that featured in the world of NAS was the Intel atom flaw that was highlighted 4 years ago. The C2538 that was featured in numerous low-end shuttle computers and NAS servers was highlighted to have an internal issue that, once triggered, could potentially cause critical failure and lost data. The brands that provided NAS solutions with this CPU provided additional warranty periods on the solutions and were quick to remove this processor from further model refreshes and future releases.

The hardware reliability of the components in most NAS are something that it is easy to complain about in hindsight, but like any tech product, you can only research so far. In almost all cases where a flaw in a particular component was highlighted, it was discovered YEARS after a product was launched and could not have been known by anyone, even the brands. Of course, another consideration to have is that you cannot expect a NAS system with more modest hardware inside (32bit ARM, 256MB memory for example) to perform comparatively herculean tasks that you know deep down should be done by something with a little more under the hood! Even if any more cost-effective NAS’ can perform a task, but take notice of longer, you cannot overlook the potential hardwired degradation that these more demanding tasks can cause in heat and pushing the CPU to 100% consistently – just because your car can reach 120MPH, does not mean that maintaining that speed consistently will not make a long term impact on the car! Again, it is all about having the right tool for the right job.

How Reliable is a NAS Drive for Warranty & Support?

This is a big, big factor for a number of people who look at buying any piece of tech and hear horror stories about some brands support buyers. These systems don’t come cheap and even when they do, isn’t much use if the system bricks out on you early doors. In the case of network-attached storage (NAS), there are several key factors that you need to bear in mind. First off, we all know that sometimes it is very easy to grab a bargain or early release of a new system that has been launched in a different country sooner. You would think in 2021, when most companies promote worldwide releases, that regional differences in availability would not be the case. However, all too often we find some popular hardware is released in some countries significantly earlier than others and it can be very tempting (especially when thanks to tax exemptions and currency conversions) that you can save 20 to 30% really easily. I strongly recommend that you do not do this as aside from the potential mains power issues that can occur in more compact systems (less of an issue in those with larger traditional PSUs), there is also the issue of how the brand can support you in the event of any hardware or software problems. Buying your NAS internationally is fine on 99% of occasions, but if you CAN buy in your own region, you always should. Most of the larger brands in NAS, such as QNAP and Synology, have numerous regional offices scattered around the world which specialise in supporting their own local region. However, it is also often the case that you will need to work with both the Brand and the eShop that you purchased your NAS with, which can often be problematic when dealing with repairs and replacements. Sometimes a brand will choose to ignore the regional inconsistencies with an end-user in efforts to make sure they are back up and running ASAP, but this is by no means guaranteed and should not be relied upon.

Another big hurdle for many when buying any new piece of kit, not just a NAS, is in seeing how the manufacturer interacts with buyers and handle difficulties by the end-user. Whether it is via live chat support, email correspondence, contact form filling or the more convenient but arguably disposable social media back and forth, all of these brands have numerous methods in being contacted. however some of the smaller NAS brands in the market do not have worldwide coverage built primarily into their support structure and the result is that aside from small language barriers, the actual amount of hands-on support they can provide can be hamstrung from time to time. Of the two big brands in NAS, Synology and QNAP, support stories and anecdotes that are both positive and negative exist in numerous forms and it, therefore, becomes tricky to pin down any brands specific level of commitment and support for a first-time buyer. Of the numerous examples, it can appear online that the QNAP support structure online appears the fractionally worse of the two. However, this has to be viewed with a degree of objectivity. QNAP NAS features an arguably higher learning curve on their hardware than Synology and because of this, a certain percentage of enquiries can be classified as those related to understanding how the technology generally works. The QNAP NAS systems are typically able to do many more things than their rival Synology in terms of unique services, third-party support and customisation. This is still a hurdle for end-users and perhaps one that QNAP could mitigate by increased funding in making their systems more intuitive, somewhat like the Synology DSM platform. Nevertheless, QNAP has been remarkably proactive about reported exploits and there have been several noticeable examples of them informing their user base directly of exploits, with recommendations on how to close them (typically a firmware update). Synology NAS and DSM are arguably more user-friendly systems, however, this also then leads to users requiring support or submitting complaints when a system does not allow them to configure an option or completely forbids its use in a certain way, because of that very same user-friendly but more fixed architecture. A recent example of Synology inadvertently rolling out BTRFS on their J series and creating data access issues and being locked out was another example of how the brand addressed users reaching out with issues.

Interaction with the brands when communicating with your own local offices, based on numerous examples found online in reviews, Reddit, Trustpilot and Reevoo tend to show higher success rates, with local brand locations and their representatives garnering the most positive results. Whereas when you are required to work with remote brand offices or even dealing directly with brands HQs in the East, it can all too often lead to misunderstandings on either side, as well as the feeling of profit margins decreasing as conversations spin out (i.e. the feeling they are trying to get you off the phone). Leaving the end user to feel somewhat abandoned. It should be highlighted that these examples really are a small percentage and do not make up the bulk of user experiences with many of these larger nice brands. Use the links below to read positive and negative examples of feedback from users, on Synology, QNAP, Asustor and Terramaster. Again, you have to keep an element of objectivity, as when it comes to leaving reviews online (in pretty much ALL cases, not just NAS and technology) that when a person is compelled to leave a review, being angry. disappointed, etc a great deal more motivating than being satisfied and happy that something did what it said it would! Still, take a look:

In summary, I cannot recommend enough that you purchase a NAS system from your own region and if you have local brand support (ie they have an office located in your country or close by), it will certainly mate any potential support queries considerably easier down the line.

How Safe is a NAS Drive from Hackers, Ransomware and Exploits?

A new kind of threat that went from a rather low-level occurrence to a near-constant threat in the last decade or so is the vulnerability of your data to hackers and those looking to blackmail users into paying for their own data! If mid-90s cinema told us anything, it was that there was a tremendous amount of money to be made in infiltrating people’s data storage. The methods may have changed, and the targets may have evolved, but the overall objective remains the same and the fact that we have moved into a near-complete digital age as a society has only made this kind of threat worse to endure. One of the biggest positives of moving your data away from public cloud providers has always been that it puts your data more within YOUR control and often physically within your reach. However, this does not make it completely safe and NAS manufacturers are are just as susceptible as the likes of Google Drive, Dropbox, OneDrive and more, in short, most software development can only ever remain one step ahead of hackers. An update for system firmware is produced, and then the hackers get to work trying to find any potential exploits, when one is found and a brand recognizes this, it is patched with a firmware update and around the merry-go-round, we go again…

This same level of cat and mouse, bug and fix mentality is not exclusive to NAS’. The same occurs with all 3rd cloud storage providers, it simply occurs in a different way. In the case of Google Drive and Dropbox, the security patches, updates and constantly reviewed protocols are done on the server-side and rarely on your client device (with changes to the web UI being the only visible clue to end-users). Hackers and network interlopers will continue to try to crack this security system with occasional success, leading to said cloud providers having to update their protocols. Most network providers and cloud storage platforms feature paid bounty systems in there are organizations that will happily pay hackers real-world money to reveal their exploits in order to allow them to patch them with minimal problems to the end-user base. The same is provided by NAS providers, although arguably at a slightly smaller level. Somewhere along the line, the feeling that the security of a NAS system is less than that of cloud providers persisted to a point where it is taken for fact, however, simple deduction implies that the main cause of this could simply be that people spending money on a NAS feel like a greater degree of outrage. Likewise, people feel that NAS brands like Synology and QNAP (which are valued in the hundreds of millions) are comparable to cloud platforms like Google and Microsoft, valued in the billions! Even a simple search online for hacks and exploits for different third-party cloud platforms will reveal an enormous body of research and editorial sites dedicated to this subject and reporting on past instances of cloud platform exploits, hacks and successful infiltration.

The simple takeaway of insuring your network or cloud storage remains in assessing your setup regularly and limiting vulnerability. However there are simply some things that are pretty much outside of your control in most cases and the very best working practices are those that include layered security strategies involving NAS enabled Encryption, 2-step verification, multisite backups and versioning all included together. Whether you are using Cloud or NAS, It all still applies.

How Safe is a NAS Drive Compared to Cloud Storage Providers?

Local Storage will often be criticized, regardless of individual brands but more the concept of shared storage as a whole, for being a target for hackers to infiltrate the security measures you put in place. This criticism is largely based on the assumption that people do not know how to safely secure their data and in making a poor job in doing so, will share it in a fantastically unsafe way! It’s an argument generally used to promote users to use DropBox, GoogleDrive, etc. But ultimately cloud is no less as insecure as NAS. Indeed, cloud services are such big targets and have such large user bases that all too often the repeated security patterns that millions of users adopt make the ‘payoff’ for a hacker much bigger! Cloud platforms are arguably less susceptible to attacks of ransomware on the cloud, but in shared client devices less so. Plus ongoing attempts by intrusions from authorized parties is an ever-present concern. These larger cloud providers have larger budgets to invest in research and development in order to protect their user’s data, which has to be respected. Unfortunately, they still need to keep a relatively open platform in order for users to be able to integrate third-party applications and services with cloud storage, and inevitably this is where most exploits and intrusions can be rife at the login level. Whereas a NAS system can create a far more unique and individual login set up per user, does not need to be as open-ended in its architecture and (in the very extreme cases) can simply have its network/internet connectivity disabled physically via the removal of an ethernet cable.

So the threat of hackers, viruses and ransomware is less about protection and avoidance, and more about having rigorous backups, duplicates and time-managed restoration options (mentioned earlier). Arguably cloud providers, with numerous server farms running as backups for one another, will retain your data in multiple forms. So in the event of your data being lost, there is a decent chance that it can be recovered automatically or with vigorous communication with the said cloud provider, in the case of NAS, although there are numerous options for Data Recovery and Restoration (with options like RAID, snapshots, cloud sync, Rsync and other backup methods), these will end up requiring you to spend a little bit more money on additional drives in your RAID system, additional tears to your backup strategy and (if you are on a tight budget) may push you to breaking point. Therefore concerns over data security on a NAS come down to spending a little bit more on your setup internally and/or externally. Not ideal, but when done right can often exceed the security of low-cost, low-skill cloud alternatives.

Finally, it is worth remembering that a lot of NAS buyers specifically choose NAS devices over the cloud because once the device is set up for the first time, it can be completely severed from the internet with full functionality, effectively indefinitely! It can remain connected to devices in the local physical network via a switch, but you have full control to ensure that no one outside of the immediate network of devices can get in. This significantly minimizes the risk of intrusion dramatically and is an option completely unavailable to third-party cloud users.

How Safe is a NAS Drive when Powered On 24×7 and Does it Use Lots of Electricity?

Given that we live in a largely data-centric society, it should come as no surprise that the ABC (Always Be Charging) philosophy can also (sort of) be applied to buying a NAS solution too. Network-attached storage devices are designed to be on 24×7, whether they are connected to the internet or not. Technically, this is no different than cloud storage servers in enormous server farms located in multiple sites across the globe that are constantly on and synchronized with one another. Of course, the difference is that with a NAS it is YOU that is paying the electricity bill every month. Therefore, an early concern for novices to the subject of NAS is that that it will noticeably impact the amount of power being consumed in your home or business environment, further adding to the cost long-term. It is a valid concern, as the more capable NAS systems arrive with more aggressive internal power suppliers that draw more power as you use more services/drives. Indeed, if you live in an area of intermittent power or a home with limited power concerns (eg a mobile home, boat, renewable battery site), then the length of running time and cost of use need to be taken into consideration.

Choose The Right UPS For Your NAS – An Idiot’s Guide To UPS

It is important to remain relative when considering this subject. For a start, the power draw of a NAS is surprisingly small and unless you are running larger enterprise solutions in rack mount or high-end desktop form, the amount of power a NAS consumes is incredibly small and bears little impact on your day-to-day energy consumption. A lot of this is thanks to an intelligent idle vs active architecture found in most modern NAS systems that, when the system is not directly accessed for a period of time (ranging from minutes to hours depending on whether you use default or customized configurations), it will switch into idle and super power-saver modes (brand dependant). This brings the overall power draw to a similar level found in TV’s on standby and your own ISP router in the case of smaller NAS systems (1-2 Bay NAS Drives) and is still pretty low even when compared with larger 4 or 6 bay NAS devices. Additionally, a lot of that power goes into the system controlling internal cool temperatures and efficiency, which can then be mitigated significantly by deploying a NAS in cooler or well-ventilated environments. Finally, the majority of NAS systems support services such as scheduled power-on/power-off settings in their respective control panels, as well as wake on LAN (WOL) that allow systems to be poked into life remotely when needed. 

Of all the reasons to query purchasing a network-attached storage device and in whether to justify purchasing your first NAS, power consumption is likely one of the lowest concerns overall that you need to worry about. The same goes for those that are concerned about the security and safety of a device that will be on, virtually indefinitely, in your home and business environment. Most NAS’ have sophisticated internal temperature and power consumption monitoring tools built-in and much like any other device in your home that is left predominantly on standby (cookers, fridges, TVs, Consoles, routers, etc) will have numerous methods of insuring it will power down the event of an anomaly being identified immediately. 

 


Articles Get Updated Regularly - Get an alert every time something gets added to this page!


 

Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

 

SEARCH IN THE BOX BELOW FOR NAS DEALS

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry.

    I am sending this data and accepting this Privacy Policy.

    Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

    Leave a Reply