I understand the my cloud security is almost non-existant. Anyone with a paperclip can have access to everything on the drive it seems. I’m wondering if there are any suggestions to improve security. For example,
I would like to keep this off of the internet and only use in my wifi network. Is there any way other than selecting off on the cloud service option to help guarantee that the drive will not be accessible from the internet? It seems easy to get set automatically back to on and I would like another level of assurance that it cannot be accessed.
Is there anyway to lock up folders so the paper clip reset does not expose eveything? Otherwise, are there any ways to create an encrypted partition?
First, if you have not already done so read through the My Cloud User Manual (http://www.wdc.com/wdproducts/library/?id=439&type=25) which explains how to configure the various options of the My Cloud, including the settings to prevent remote access to the My Cloud.
To prevent remote non local network access to the My Cloud one should access the Dashboard > Settings section and disable/turn off Remote Access and FTP. Next ensure there is no port forwarding to the My Cloud in one’s router/gateway. Once those steps are taken one would need either physical access to the My Cloud, physical access to the local network, or access through the local network’s WiFi.
There currently is no hardware encryption on the My Cloud. There apparently isn’t a way to encrypt a Share at this time, see link below for more information. One could however encrypt individual files if they wanted too.
Generally unless one can encrypt the entire hard drive, the contents will be accessible if one had physical access to the My Cloud unit. One can simply removed the hard drive from that enclosure and mounted it with a Linux OS to access the data.
If one wants to prevent physical access to the My Cloud one could hide the unit or encase it in some type of safe (with proper airflow and ports for power/networking). There are dedicated fire safes that have power and Ethernet capabilities.
1: For remote access, as explained before, check the manual.
2: I still use truecrypt, even though it has been retired already. Nevertheless, on windows you can use bitlocker. Since you want it on the NAS, you will have to use the VHD option.
There are plenty of guides on the internet, this is one:
For the physical access, nothing you can do, besides putting in a cage or a place with actual physical access controls.
If someone has physical access to paper clip reset your drive, then they’ll have access to everything on the drive. If you want to keep it network only, turn off remote/cloud services, change ports for the webui