When shopping around for external storage, direct-attached storage (DAS) and network-attached storage (NAS) are often recommended over simple external drives. There are differences between the two with NAS being tethered to the LAN for all connected clients to have access and DAS requiring a direct link to a specific system. Security is another factor worth considering and both have their advantages and disadvantages. But which of the two is most secure?

NAS can be more susceptible to malware

An entire network to infiltrate

A NAS is often more prone to outside attacks due to its continuous attachment to the network and constant online presence. Attackers have more opportunities to locate vulnerabilities with a NAS rather than your PC connected to a DAS. You've likely read about all the ransomware attacks that affect NAS owners and there's no hiding the fact this is more common than we'd like to believe. The best way to shield oneself against potential data loss through ransomware is a regular backup schedule. You can easily recover so long as you have multiple copies of your data.

There are also more services that can be run on a NAS device that a DAS simply cannot do. It's one of the reasons I recommend a NAS over a DAS unless you require direct connectivity. A web server, game server, home automation, and even home surveillance can all be run on the latest NAS servers. Opening up the NAS for external connections is great for keeping connected to your data while away, but it can also open up the NAS (and potentially the wider network) to attacks. There are ways to mitigate this through VPNs and strict firewall rules, but it's something DAS owners don't have to worry about.

DAS requires patched and secure hardware

Keep your PC up to date!

One may assume a DAS would be more secure than a NAS because it doesn't connect directly to the network (and the outside world) but that couldn't be further from the truth. Just because the device doesn't directly interact with the network, it doesn't mean a DAS is invulnerable. A primary concern for DAS ownership is keeping your devices up to date. A DAS is only as secure as the hardware it connects to. If your PC is suffering from viral infections, you frequently visit naughty websites, and there's a general lapse in security with outdated software, there's a chance the DAS could be affected.

Should malware make its way onto your system, the DAS may not have any safeguards to protect it from infection. Depending on the DAS, there could be a default user enabled with the same default credentials that someone may gain access to. Without sufficient access controls, you could be allowing almost anyone access to what's stored on the DAS. Without regular and consistent backups, any one of these routes could wreak havoc on your data storage.

NAS and DAS have security vulnerabilities

No technology is immune to attacks

Neither form of storage is immune to data loss and security vulnerabilities, but no technology is. All we can do is secure our networks, systems, and storage solutions as best we can and hope for the best. Thankfully, there are many ways to bolster the security of your NAS and wider home network to shield yourself against potential attacks. For NAS, you'll want to screen your network and ensure no obvious security holes are present. The router firewall is a good place to start, followed by the NAS with any external-facing services such as a game server.

DAS is slightly different in that it depends almost entirely on the host machine. The device will draw power from a connected PC and share its security vulnerabilities. The best way to protect data on your DAS solution is to frequently check for viruses and other malicious software on any device that will access the DAS. Always ensure you're using HTTPS in browser sessions, don't visit dodgy web pages, keep your OS updated, and consider setting up access control for the DAS. These are important steps one should take when using any device connected to the internet, even if you don't own a NAS or DAS.

I wouldn't worry too much about data security with your DAS or NAS, however. So long as you're smart about keeping everything locked tight, you shouldn't encounter any trouble. DAS would be the more secure solution for truly offline data storage, whereas a NAS can be configured to only interact with local traffic, but offers much more in terms of functionality. Regardless of which you choose, always back up your data.