1

i would like encrypt data on my Synology NAS and allow bidirectionnal sync with Google Drive. Which means the data on the NAS itself would be encrypted then sent to Google Drive encrypted, but still be readable on the cloud if you have the key, since it's bidirectionnal sync, when i would add unencrypted files on Google Drive or modify an encrypted file it would be reencrypted and sent back to the NAS. It's for 15 people to access the data on the cloud in a secure way. Did someone tried this ?

Best regards,

diabl0
  • 31
  • 1
  • 1
  • 5

2 Answers2

1

You're still struggling with a setup for working remotely and securely with files from the NAS? (see Synology Cloud Sync : How to read encrypted files in the cloud?)

Have you already looked at CloudStation SERVER instead of Cloud Station SYNC? I always felt that CloudStation SYNC is more like a light backup solution for backing up NAS data encrypted to a cloud provider.

CloudStation SERVER allows you to enable Shared Folders on the NAS for synchronization with laptops (Windows or MacOS) in the field via Synology CloudStation DRIVE. Synchronization is via a secure direct connection between the laptop and the NAS.

Synology NAS                     sync               
CloudStation SERVER     <---------+---------->  Laptop1 with CloudStation DRIVE
File Share "ProjectX"             |             local folder "Project X"
                                  |
                                  +---------->  Desktop2 with CloudStation DRIVE
                                                local folder "Project X"

A workstation with the Synology "CloudStation Drive" client application allows to connect a local folder on the workstation with a CloudStation SERVER enabled Shared Folder. Synchronization is near real time and secure.

With this solution, you'll have your data on both the NAS and each of the laptops, in sync. If Desktop2 makes a change to a file on the local folder "Project X", it will be synced to File Share "Project X" on the NAS and subsequently to the local folder "Project X" on Laptop1.

On the workstations, you'll have to configure a connection in CloudStation DRIVE to the CloudStation SERVER on the NAS. There are two ways: Synology QuickConnect (a form of DDNS) or use a company internet domain name.

The easiest way by far is QuickConnect. Enable QuickConnect in the Synology Control Panel and define a QuickConnect ID. Use this QuickConnect ID in configuring the connection in CloudStation DRIVE on your laptops. Next you configure which CloudStation SERVER enabled Shared Folder is connected to which local folder on the laptop.

enter image description here

At completion of the connection wizard, files are synchronized. As the screenshot indicates, the connection is secured via SSL. Additionally I would encrypt the laptop's drive with BitLocker or VeraCrypt.

I believe there was also the issue that it would be a LOT of data to be synchronized. CloudStation DRIVE allows for 'selective sync' where the user would choose what files to sync.

Once the QuickConnect is configured on the NAS, you can use a laptop browser to connect to Synology FileStation on the NAS: https://quickconnect.to/[QUICKCONNECT ID] and even work with files from the browser.

Community
  • 1
Victor Vogelpoel
  • 131
  • 1
0

You can setup a SSL connection for the "data in transit" but you wouldn't be able to do encryption on the data at rest. If you were to do a 1-way sync (backup your data to Google drive using Synology Hyper Backup or using Cloud Sync) then you could have your data encrypted on Google's servers.

So, to summarize: You can create a secure connection between Synology and Google, but you can't configure Synology to encrypt the actual data that gets sent to Google drive, if you also want to be able to access and edit those files in Google drive.

David W
  • 3,405
  • 5
  • 34
  • 61