I am looking for solution to my problem, already visit all of the topics in this forum and yet cant find any idea.
We are a college and we bought MyCloud so we can access our files from anywhere.
I can map WDMyCloud drive when i am on the same network with MyCloud but i want to map drive and use it outside the network.
Security is not issue here we have nothing to hide.
I already opened ports and configure MyCloud but i dont know what should i write in the map drive path.
How did you setup the My Cloud?
Did you activate/turn on “Cloud Access” within the dashboard?
Have you created am “MyCloud .com” account?
Do you allow the “Users” to have access?
Have you read the maunual/PDF ?
Security is always an issue; it’s not simply about having things to hide, it’s about having data you want to preserve. Attackers can either delete or corrupt your data, or encrypt it and hold you to ransom.
Do you keep student details on your computer system? Exam grades? Teacher details and salaries, etc? This is all personal information. I don’t know where you are, but most of the world has data protection legislation that my means you need to consider computer security carefully.
There are means to use devices as attack vectors for your wider computer network.
In answer to your drive mapping question: no, you cannot map drives remotely; WD removed this facility some time last year. You can only access using the MyCloud apps, or MyCloud.com web portal.
Unofficially, there is a package you can install, written by user Nazar78.
You can also have a look at the NFS over Static Ports mini-guide I put up a few weeks back.
NFS is a mapped drive technology for linux and unix like environments (which includes OSX). With static ports enabled, appropriate rules at the firewall can be implemented, and users can attach to and mount the NFS shares from anywhere on the internet (assuming the exports rules are configured that way. I STRONGLY advise against that, and STRONGLY advise only allowing internet access to trusted peers with static IPs-- but hey, what do I know, I am just a former SAN guy…)
Similar story with enabling all the needed ports for SMB protocol, if you need windows shares-- but that is just ASKING for trouble. (Many infamous botnets look for open ports used by MS Networking, including netbios over TCP/IP, which is how they tunnel and spread across the internet. Leaving those ports open is just asking for a dedicated attack to start. If you put devices like these on the internet, they NEED to be inside a DMZ!
The truly sensible way to do this is to set up a VPN, and then map the drive as if it were local over the VPN tunnel, and control access to the VPN using a strong 2 factor authentication system, with the file hosts being mirrored instances of the actual production data stores, living inside a special DMZ on your host network, with regular auditing logs, backup schedules, and redundant storage.
Security is NOT a “Nice thing to have”, it is “AN ESSENTIAL THING TO HAVE”
There is no such thing as a truly secure connection. Only connections that have minimized their attack surface. The more open ports you expose over your firewall, the greater your attack surface. larger attack surfaces almost guarantee eventual compromise, as we are not dealing with bored children today. We are dealing with massive swarms of millions of compromised devices doing distributed penetration attacks against any and every device they can scan in a fully automated, efficient manner. VPNs minimize the attack surface down to a single point of possible entry, which if you are using 2 factor auth, requires the attacker to have a physical item to gain access through. If they get through that, if you have set up the DMZ properly, they will end up inside the DMZ, and not have full access to the private network. They will have to continue their penetration efforts to get deeper, which if you have proper monitoring suites set up, will be flagged almost instantly, allowing you to cut the VPN connection, and begin santizing/auditing the penetration.
Unless you want your cloud storage array being used to distribute child pornography, or used for any number of other highly illegal and very undesirable actions by 3rd parties that honestly do not care a single bit about what is legal or moral, you NEED to take security of the device very seriously.
If you had search through this subforum (using the magnifying glass icon upper right) you would have seen this issue of remote mapping a My Cloud has been beaten to death. Bottom line, as explained many times, remote mapping feature was removed over a year ago when WD released the OS 3 firmware. There have been requests to bring it back but WD has stated its not planned.
Officially remote mapping is not supported on the single bay single drive My Cloud units.
As explained above, unofficially there are a number of ways to try and enable mapping the My Cloud remotely. Most if not all involve using SSH to modify the My Cloud firmware.
Officially, the only way to access the My Cloud is using; the MyCloud.com web portal, FTP (which is insecure), or the WD software/apps. One can also setup a VPN connection to their local network and remote map the My Cloud through the VPN tunnel.
Security is ALWAYS an issue. While you feel you may have nothing to hide, what do you think would happen if you left the My Cloud wide open to the internet and someone uploaded illegal material to the drive, and police subsequently discovered it?