Security and encryption questions on ex4100

Hi all - I’ve looked for this in the forum, but can’t quite find the answer to these two security questions when using an ex4100.

  1. If I setup the device without encryption, but all shares are private, what can someone do if they get their hands on the device (stolen from my office for example). Can the data on the drives be accessed on another network (assuming they don’t know the user names, password) easily, or would they have a hard time.

  2. If i turn on encryption and the ex4100 controller/motherboard malfunctions can I still decrypt the data on some other device, or is it a hardware based encryption that would make it impossible to decrypt the drive?

Thanks!

Hi, to answer your questions:

If they have physical access to the drive, they could reset the drive and remove the admin password, this way they could gain access to the U/I and change the settings to set the shares as public and not need the user name and password to log in.

You would be able to remove the encryption on another EX4100.

Hi Lluna -
Thanks for the response, very appreciated. Could I ask you for a followup question on the encryption. What would happen if you encrypt the drives but reset the device, I’m assuming someone could decrypt the drives in that case, or does it work differently? I’m assuming the admin password is no part of the encryption or is it? I’ve looked for the specs on the device to understand that, but it isn’t clear.
Thanks!!

HI, as you mentioned, is different, even resetting the drive does not remove the encryption placed in the drives by the enclosure, the only way to decrypt them is using the encryption password.