When it comes to home-data storage and NAS backup, one of the most common mistakes is thinking that having a NAS with disks in RAID means being “safe”.
In reality:
- RAID = protects against hardware that might fail
- BACKUP = protects against real disasters
…disasters that may include accidental deletions, ransomware, corrupted files, software errors and (much more often than you might think) simple distractions!
This article is not meant to be a detailed guide about a specific NAS brand or firmware version; it is a mental strategy to build a solid home backup system (without overcomplicating your life).
1. First fundamental question: what kind of data do you have?
Not all data has the same value. Mentally separating it helps protect it better. We are commonly talking about:
- Personal / work documents
- Personal photos and videos
- Creative projects
- Websites (or self-hosted content)
- Recreatable media (movies, re-burnable music)
Most of the time, only part of this data is truly irreplaceable; everything else can be recreated/recovered…
2. Reasoning about building the system structure
In IT, the classic and never-aging “3-2-1 backup rule” still applies. If we were to quickly search the internet or ask any AI, it would probably be described like this:
“The 3-2-1 backup rule is a fundamental data protection strategy that requires: keeping 3 total copies of your data (the original + 2 backups), using 2 different storage media (e.g., NAS and external drive), and maintaining 1 copy off-site (outside your premises or in the cloud). This methodology eliminates single points of failure, ensuring recovery in case of ransomware attacks, hardware failures, or physical disasters.”
Which can therefore be summarized as:
One primary copy → One secondary copy → One copy outside the main device. The structure you might want to design should therefore consist of multiple separate and distinct layers:
- Primary destination → Main NAS → daily working data
- Secondary destination → scheduled automatic copy (snapshot)
- Third destination → external copy / cloud for the most important data
This scheme should (except in extreme cases of corruption or severe attacks) cover the majority of domestic incidents or cyber attacks. Assuming that the backup of important data already exists on the NAS (or that the NAS itself acts as the main data store at home), the second part of the system should rely on:
3. Snapshots (what they are and how they help you)tano)
All major modern NAS systems (QNAP, Synology, etc.) provide the ability to create snapshots (instant photographs) of partitions, datasets and individual shares, in an automated and well-structured way. But be careful: these features are mainly meant to:
- Recover deleted files
- Roll back to a previous state before an error
- Limit malware damage
They certainly cannot replace solid and structured backup systems, even though they obviously strengthen and complement them.
Snapshot Managers usually allow you to define execution schedules and decide a retention policy (how long and how many copies to keep). An analysis of the data you want to protect would suggest differentiating snapshot rules, which I like to think about this way:
| Type of Data | Frequency | Retention |
|---|---|---|
| Documents | Hourly | 24h-3d-2w-1m |
| Photos | Daily | 14d-2w-1m |
| Projects | Hourly | 24h-3d-2w-1m |
| Media | Weekly | 4w-2m |
Retention can be explained like this: the number indicates how many copies to keep for each time layer. So if I set an hourly retention and the structure is 24h-3d-2w-1m, it means the system will keep 24 hourly snapshots (h), then these will be deleted once converted into daily snapshots (d), of which 3 are kept; then 2 weekly snapshots (w); and finally 1 monthly snapshot (m).
4. The so-called mythic external copy
The classic mistakes people make — and should stay away from — are usually caused by overconfidence and the belief that a single solution/structure is enough to protect you from data loss. Always remember:
- RAID ≠ backup
- Do not use a single USB drive — and especially NEVER keep it permanently connected
- From time to time you should test restoring at least one folder
- Do not overcomplicate the system
For this reason, the third part of the “perfect” (nothing is ever perfect) backup system is an external copy of the main NAS… usually on another NAS connected to the same network. Practical suggestions along this path (just to mention a few):
- The second NAS should request data from the first NAS, so that the first NAS has RTRR (real-time remote replication) services enabled, but it is the second NAS that connects to retrieve data; in this way, even if the first NAS were compromised, it does not know the username/password of the second one and cannot propagate the attack to the external copy;
- If possible, directly connect the two NAS devices with a second network cable (both devices obviously need two LAN ports); this allows you to create a transfer rule over that second network (for example 192.168.10.x), avoiding intermediate switches that reduce transfer speed to 1Gb (around 10MB per second…) so large transfers (GBs and GBs) can complete quickly instead of taking hours.
📌 The End: quick checklist
That said, here is a short, quick and intuitive logical checklist to evaluate whether everything is set up properly:
☐ I have at least two copies of important data stored on the NAS
☐ One of the copies is on a device different from the main NAS
☐ Backups are automatic
☐ File versions / snapshots are also performed (automatically)
☐ A restore test (even partial) has been successfully completed
The Error404-End
Discover more from errore404
Subscribe to get the latest posts sent to your email.