Both malicious attacks and ransomware from the Internet can disrupt access to critical digital assets. In businesses where maintaining 24/7 service is paramount, DSM offers advanced security measures to safeguard your data.

Military Grade Shared Folder Encryption

To secure your business data from potential malicious users, DSM adopts the AES 256-bit military grade encryption technology to store your data in a format protected by an encryption key.

  • Ease of use

    Shared folders can be encrypted in a simple and convenient way, and can be mounted manually or automatically on system boot-up.
  • Flexible encryption

    You can encrypt pre-existing shared folders, including the homes folder, for enhanced security.
  • Secure key management

    Key Manager allows you to use a USB storage device as a physical key to mount encrypted shared folders automatically without having to memorize all the encryption keys.

Network Security

Connecting a NAS to the Internet greatly increases its convenience and possible uses, but caution must be exercised to protect it from outside attacks. With DSM, you can block unusual attempts to enter your NAS in a highly customizable manner.

Account Protection

Account Protection helps improve the security of your DSM by protecting the accounts from untrusted clients with too many failed login attempts. This helps reduce the risk of accounts being broken by brute-force attacks.


Customize which IP addresses may connect to specific services or network ports on your DiskStation - configurable even based on the IP address's geological origin.

More Efficient HTTP 2.0

Multiple connections supported through HTTP 2.0 technology. Provide faster transmission while also enforcing stronger network security.

IP Auto Block

DSM can automatically block the IP address of clients who fails to log in after a specified number of times. Administrators can also set up block or allow lists to better control which IP addresses can access system resources.

Service-interface binding

Determine which services can be accessed through which network interfaces, ensuring the security of sensitive applications as well as bandwidth for critical services.

Multiple SSL certificates

For IT admins hoping to manage multiple domain names from their Synology NAS, it is possible to handle multiple SSL certificates from a single unit, making management and maintenance more streamlined and centralized.

Let's Encrypt® Integration

SSL certificates are an essential part of any modern website and ensure a secure connection. However they can be hard to apply for, renew, and manage due to a lack of integration. In addition, certificates for multiple domains can quickly represent a noticeable expense. To address these concerns, Let's Encrypt® is aimed at simplifying SSL certificate management and providing them for free. DiskStation Manager is now integrated with Let’s Encrypt®, making it easier to apply for and manage SSL certificates. Watch the tutorial

Security Advisor

Manually double-checking system settings for potential security holes is tedious work, and often unfeasible or too complicated for ordinary users. Security Advisor conducts regular scans to rectify existing problems, as well as to cope with new security challenges when they emerge.

Remove malicious programs

Detect and remove programs known to cause adverse effects, cleansing your system of any malignant software.

Find weak passwords

Test the strength of users' passwords against a list of commonly used combinations, alerting them when the weaker ones are identified.

Audit system configuration

Examine whether essential security measures including Firewall, DoS prevention, and IP auto block have been properly implemented.

Detect suspicious logins

Security Advisor can learn from the previous login attempts to detect abnormal logins and display the location of the attacker.

Report of system health

Users can easily view daily or monthly security reports on system health.

Synology's Commitment to Product Security

Synology white papers provides an overview of how our commitment to building trust with our customers and keeping their data safe and secure.

Additional Security Measures

No matter where businesses store their sensitive files, malicious parties always attempt to exploit the system's weaknesses and acquire such data. To address this, Synology has developed a multitude of enhancements to ensure the most secure DSM environment.

  • AES encryption

    The advanced encryption algorithm keeps shared folders on your hard disks strictly confidential - preventing files from unauthorized access without your private key. Data transmission over the Internet can also be encrypted for enhanced security.

  • Trust level for packages

    The trust level in Package Center can safeguard your Synology NAS from installing unknown or tampered package files.

  • 2-step verification

    An extra layer of protection, in additional to your account credential, with a six-digit one-time password (OTP) generated on your mobile devices.

  • IEEE 802.1X compatibility

    A highly secured standard, IEEE 802.1X aims at regulating authentication within a local network for new machines. DSM 6 is compatible with 802.1X, enabling a Synology NAS to benefit from features such as centralized user identification, authentication, dynamic key management, accounting for security and deployment enhancement, and more.


  1. Let's Encrypt® is a registered trademark of the Internet Security Research Group, with all rights reserved.