How does Synology protect your NAS

Businesses are challenged to offer secure access to a broader array of services and applications while guarding against increasingly sophisticated threats. Synology brings enhanced and comprehensive security solutions, allowing your NAS to adapt more quickly to evolving technology, business needs, and sophisticated threats.

Fast security incident response

Security has always been our first priority when developing our products. Upon receiving a vulnerability submission, we will make a preliminary assessment within 8 hours, and fix any vulnerability within a day. A patch will then be available within a short period of time after confirmation. We ensure the products you have are secure and reliable.

8hr

Investigating vulnerabilities

15hr

Vulnerabilities
fixed

24hr

Responsive event handling

Engage the the hacker community with bounty programs

Synology NAS is committed to high standards of safety. We hold bounty programs every year and invite the top hackers to enhance the security of Synology prodcuts. Keeping user information safe and building a more secure product are the mission of Synology. We welcome the contribution of external security researchers and look forward to awarding them for their invaluable contribution to the security of all Synology users.

2015

Hitcon Hack2Own

2016

Private Invitation

Evolving software security

In addition to the responsive security event handling process, Synology is also dedicated to strengthening software encryption and network connection security.

Military grade encryption - AES encryption

The advanced encryption algorithm keeps shared folders on your hard disks strictly confidential. Data transmission over the Internet can also be encrypted, so your data remains safe even while accessing services like File Station, FTP, SMB3, and WebDAV.

Self-scanning - Qualys

Synology protects your data with various DSM features, including the reliable, market-leading vulnerability scanner, QualysGuard. This feature allows Synology to conduct thorough system scans and implement remediation on every major DSM release. Get the security scan results of DSM. See security scan results

Login protection

DiskStation Manager fortifies your account at different levels, providing a secure and reliable environment.

2-step verification

With 2-step verification enabled, you will be required to enter an additional one-time verification code on your mobile device when logging into DSM. Therefore, hackers still cannot access your account without your mobile device.

Account protection

Your DSM is protected by a two-tiered mechanism. Your account is protected by a mechanism that blocks the IP addresses that fail to log in after a specified number of attempts. Similarly, clients that fail to log in after a specified number of attempts will be blocked. You can also set up a block or allow list to control which clients can access the system resources.

Secure data transmission

Secure data transfer and network connection

Multiple SSL certificates

For IT admins, it is possible to create and import multiple SSL certificates to Synology NAS, allowing them to manage multiple domain names in one machine. This makes management and maintenance much more streamlined and centralized.

Let's Encrypt integration

With just a few steps, you can get up to 100 free and secure SSL/TLS SAN certificates directly on DiskStation Manager. 

TLS profile

TLS profiles are used to secure transmission of data through websites. You can choose the security level of HTTPS encrypted connections and the suitable level for the network connection.

Back up all your data

Just in case of unexpected accidents, including hardware failure, natural disasters, or unintended deletion, make sure you remember to back up all your data on all devices. See more Synology backup solution