I'm working at a video production company with a large team consisting of both in-house members and contractors. Currently, we use Google Drive, but I've faced issues like upload throttling and the fact that contractors need to pay for their own accounts. We recently upgraded to a 2GB Fios connection, which makes direct uploads to our server using Synology Drive a viable option. However, I'm concerned about the security implications of exposing ports 80, 443, and possibly 6690 for syncing. I know a VPN is typically the safest approach, but I worry about the complexity for many team members, some of whom are not very tech-savvy. Additionally, I've only worked with Tailscale, and my boss prefers to avoid unnecessary subscriptions. What are your thoughts on striking a good balance between security and usability?
5 Answers
It can be pretty tricky managing a team that's partly remote, especially with sensitive media work. Exposing your NAS to the internet feels risky and could lead to data loss. I’d definitely recommend setting up a VPN. It adds a layer of security that you’ll appreciate in the long run.
Requiring contractors to pay for Google Drive accounts can be problematic. Instead, think about providing a company-wide solution to avoid potential legal issues down the line. You could set up shared drives funded by the company itself.
Have you thought about using something like Media Shuttle or File Catalyst? They're designed to handle large video files and might be a better fit for your team's uploads without needing to expose your NAS.
Instead of opening all those ports, why not utilize Synology's QuickConnect? It allows you to access your NAS remotely without the hassle of VPNs and works well with the Synology Drive client.
Using a reverse HTTPS proxy with multi-factor authentication might be another effective way to secure access without opening ports. This way, your setup remains safe, while users can still easily upload their files.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures