In the Wake of WannaCry, how to be secure?

If you have a small office or home office, then security and data backup must be right at the forefront of your concerns in today’s connected world, especially in the wake of WannaCry.

In most cases you’re probably using some sort of cloud based backup, and while for the most part cloud storage is great, it’s still not as safe as you’d imagine. For one you have no idea who’s looking at your data, it maybe some nosey git in a data centre, or it could be security services from a number of different countries. Most people think they have nothing to hide and therefore nothing to fear, me personally I err on the side of paranoia. I also think no one has a right to inspect or collate your data for you but you.

So if you’re dependent on cloud systems to store your data, you’re probably also paying a hefty fee to keep it there, but what if I told you you could host your own cloud system at home or in the office for far less than an annual fee, and what’s more, only you and the people you allow can access it?

My system of choice here is NextCloud, it’s a free open-source and fully functional cloud based data storage. I have mine running on a Raspberry Pi 3, and it handles everything just fine. I also have a SSL connection, complex passwords and 2 PC’s, this makes 3 on-site backups for me, one on my desktop, one on my laptop and one on the Raspberry Pi. I also use it to save my photos from my iPad and iPhone through the iOS app. Android is also available too.

If you allow more users, and this is easy to do, then you’d have more backups, but you can also create users with their own accounts and own storage completely separate from one another. What’s more it only takes around 30 minutes to setup and secure.

You’ll need 3 tutorials, all listed here, all will help create a small cloud based server and help keep it secure.

Setup a hard drive or SSD on a Raspberry Pi: https://the-bionic-cyclist.co.uk/2017/03/22/run-a-raspberry-pi-on-a-ssd/

How to install NextCloud: https://the-bionic-cyclist.co.uk/2017/03/22/install-nextcloud-cloud-server-on-a-raspberry-pi/

How to setup SSL in 2 minutes: https://the-bionic-cyclist.co.uk/2017/03/22/setup-ssl-on-a-raspberry-pi-in-2-minutes/

I also use http://freeddns.noip.com/ to make my Pi accessible from anywhere in the world.

If you want to, you could even setup Pi-Hole and stop internet adverts too 🙂 and it’s brilliant.

 

The entry fee for this small project is around £55 for a Raspberry Pi 3, MicroSD card and power supply. The hard drive depends entirely on your space requirements.

You can buy a 4TB desktop hard drive for around £90-£100 but then you’ll need a caddy to store it and connect it to your Raspberry Pi via USB. Something like this: https://www.cclonline.com/product/227503/MR35TU3/External-HDD-Enclosure/CiT-USB-3-0-SATA-Hard-Drive-Enclosure-for-3-5-inch-Drives/HDD2869/

You know how important your data is, and if you do something like this, I’d recommend you test it for a week or two first to make sure it’s suitable and stable. If you have a lot of users (more than 5) I would only recommend doing this with something bigger like a desktop PC. The Raspberry Pi is an awesome little PC, but it will struggle with multiple simultaneous users. So spend a bit more money and get a dedicated PC