An investigation by CSO, a company focused on providing news, analysis and research on security and risk management, reveals that some NAS devices and external hard disks connected to routers with FTP enabled have been indexed by Google. That means that the personal files on these devices have been open to the internet, which can be found via a simple Google search. CSO goes on to explain an example, in which they found what they considered to be a backup of a family’s computer stretching all the way back to 2009 via Google. CSO points out that users with Seagate Personal Cloud, Seagate Business NAS, Western Digital My Cloud and LaCie CloudBox hardware have in particular been affected since these devices come from the factory with some of these features already enabled. If you are worried that you might be in a similar situation, and are concerned about exposing data that you did not want to expose, CSO has a very thorough guide explaining how you can go about checking whether any of your files have been indexed via Google.
Besides locking down your NAS and other cloud connected devices, you want to be careful how you store the data on your devices. For instance, instead of just simply copying their data to a NAS device, if the family in the example above had diligently back up to their NAS device using a piece of software such as NovaBACKUP to backup to the NAS, in at the very least an archive type format or even better an encrypted archive format their data would not have been nearly as easily retrieved. Just think, if that NAS device that was open to the internet contained business critical documents, or worse medical patient records that were exposed, the ramifications could be significant. Take this as a wake up call to at the very least check to see what your NAS device and other storage devices can do, what is enabled, and how you are storing data to your NAS device.
