In the near future, my wife will open her own business (one woman show) in the medical field. She will be storing confidetial patient data. And she will need to have access to that data without any downtime.
She needs backup space for 2 Windows PCs (1 Desktop and 1 Laptop) + space for PDFs and text-documents.
We would be doing a proper 3-2-1 backup strategy with a cloud provider, aswell as
using a UPS in case of power loss. The NAS would need to be as quiet as possible.
She will need to have access to that data from from home (VPN).
Dubious chassis, in my opinion (others disagree violently), but the A2SDi is a solid choice. Since this is for work, “solid” beats any other considerations.
If you’ll be using ZFS encrypted send/recv to store the encrypted data on someone else’s computer, be sure to really take a deep dive in the documentation and over on Github, because encryption can still be a bit rough around the edges and needs to be handled with a lot of care, especially if send/recv is involved.
Thank you. Any recommendation for a small and quite NAS case ?
Speaking of encryption, if I “replicate” to a cloud provider, wouldnt that mean that my pool is unlocked, therefore transmitted in a unencrypted state ?
I am not that worried of a man in the middle attack. But theft of the NAS.
You probably do not need a mirrorred boot pool. Replacing a failing boot device is a quick operation if you have saved the configuration file; and mirroring the boot drive does not guarantee that the BIOS would behave as expected in case of failure.
As for the case, anything which could hold 3-4 drives…
A Fractal Design Node 304 can be reasonably quiet, depending on your definition of “acceptable”, but may require some blanks for airflow with less than the full six drives.
I’m unsure what @ericloewe finds “dubious” in the Jonsbo N1. A 140mm fan blowing sideways through a HDD stack looks like a reasonable cooling model—at least, better than the N2.
Strictly replicating to a cloud provider implies that the provider uses ZFS. If that is the case, the remote ZFS host receives encrypted data and can scrub by veryfing the checksums of the encrypted blocks—no decryption key is ever required.
You might need a case that supports redundant power supply - just in case, power supply goes bad - otherwise you will have downtime if power supply fails.
I would personally go for a case which allows an internal PSU as I think it less likely that the cable will be knocked out.
Aside from encryption of the disks, you need to think about physical security e.g. having a reasonably secure lockable cabinet with airflow that is physically bolted to the floor or wall. You probably already have a security alarm on the office, but this is also essential.
If you are using SMB, then data on the LAN will be encrypted. A VPN to home also sounds OK providing that you set it up correctly.
I would recommend that you requested fixed IP addresses for your home from your ISP so that you can VPN limit access through your firewall to that specific IP address. A fixed IP address for your office might also be helpful (otherwise you will need to set up dynamic DNS).
You will also need to encrypt the hard drives of your PCs in the office and at home - which may require new PCs with a TPM if they don’t already have one - because temporary copies of patient data will be held in temporary files and in memory (and so the swap/paging files).
Also for patient data you should think about enabling auditing so that you keep a record of which users access which data and at what date & time. And perhaps you should consider 2FA (perhaps physical authentication i.e. a dongle) as well as a password for PC access and VPN access and admin access to the NAS.
You might also want to consider putting some sort of centralised logging on your NAS (e.g. syslog) and sending logs from the firewall there, and then implementing some sort of monitoring of those logs and alerting for security events.
You are probably already considering the encryption characteristics of your cloud backups - but in particular you might want to consider how to hold the data in the cloud in an encrypted form without the encryption key being in the cloud. In other words, you should ship encrypted versions of files across the internet to the cloud provider and store these encrypted files rather than (or in addition to) having an encrypted disk subsystem there.
Finally you will need to store copies of the various encryption keys (in hard copy or on a USB flash drive) in case the electronic versions are lost (because of a fire or because the NAS is physically stolen) and you need to recreate them. And since these need physical security you will need a physical safe or similar to hold them.
P.S. Remember to design for failures in the process - this probably also means buying and administering spare dongles for administrator to use to do administration and to give to a user of they lose theirs. These will also need to be physically secured in a safe when not being used.
I did look into the Mini (R). However these would be overkill IMO, as the business will be small (one room), needed storage space minimal (txt and PDFs only) and speed above 1Gbit/s not needed.
Im concerned about data leaks / theft, non availability and ransomware.
Maybe more a Mini X, or a small QNAP NAS with QuTS Hero (ZFS) then.
The question is: Is there a legal issue about compliance and certification (=> vendor pre-built), or is it a personnal (and laudable) effort to build a NAS whose content will remain reasonably safe in case of theft?
It is the latter.
Since the adoption of the EU data protection law, it has become more strict. But where I live civil lawsuits that can ruin you are not a thing.
Personal rule of mine. Any PII for something I am professionally liable for is on a system I have from a reputable vendor and on a support contract. In this case, I think not having the support contract is probably fine but I would still not deploy a roll your own piece of kit if I was housing HIPPA data.
Well worth the cost IMO to offload some of the risk. Also local laws vary so before you make a decision you should understand what you are liable for in the event of a breach.
On the other hand there have been data leaks world wide from major companies and organisations, including the White House. And they probably all were running gear from reputable companies and had support contracts .
All emails in my case will be handled by a proprietary encripted email system for the medical field where every user is clearly identified and it is not open to the public.
Usually due to user error, and just because they leak data, does not mean you want to. Those larger companies can afford to take those hits, a small business like this could be ended over night if something leaked.
Segmentation, auditing, governance of everything that happens on that device needs to be in place as @Protopia noted above. May seem like overkill for a SMB, but if something does happen, better to show you made efforts to protect and govern the data.