NAS & backup plan upgrade

Business IT/MSP Talk
1

I’m wanting to upgrade a small business client ± 12users. Current NAS is a WD , single drive , sealed MYCloud piece of crap.

I want to move them to a 4 bay, 2 disk Synology due to it’s ease of use for the average person / office manager. Might drop 2x 1TB SSD’s just for daily data. Data is archived offsite on multiple HDD’s for now.

Along with this I want to have the Synology upload to BackBLaze business, aswell as have each staff members data backup to OneDrive, which they will then use when on the road, but later on I will connect the proposed Synology to a OVPN server, for remote access.

My thinking is that this allows the following “backup layers” :
Layer 1 - OneDrive
Layer 2 - Onsite redundant disk (in the NAS).
Layer 3 - 2x ext disks that get brought onsite every alternating week.
Layer 4 - Current NAS will sit at the owners house. (Will VLAN this off of the main house network). I’ll likely use something like Syncthing , Rsync or CloudBerry to sync data from BackBlaze (or Synology NAS) to this NAS.
Layer 5 - BackBlaze

Thoughts? Concerms? Comments?

2

We like the Synology product it does work very well, but the Layer3 relies on a human so it is not likely to be done consistently.

3

Hi ZaK86,

Layer 2: raid isn’t backup
Layer 3: sneakernet isn’t reliable
layer 4: syncing isn’t backup

All you need is 1 good grandfather father son backup schema, with an archival solution for extra security (in case of original file corruption which isn’t detected for a while, in which case you can still get a really old archive where the original file was still good).

Not only the backup type and schedule is important. You also need to pay attention to retention times and test restore schedules.

4

Design your schema based on a list of potential threats.

  1. Unintentional deletion
  2. Corruption
  3. Ransomware
  4. Disk failure
  5. NAS failure
  6. Flood
  7. Fire
  8. Theft
  9. LAN failure
  10. WAN failure
  11. Power failure/interruption
  12. UPS failure
  13. Air conditioning failure
  14. External network threats
  15. Internal network/personnel threats

My solution (not perfect)

  1. Client local TimeMachine backups (encrypted)
  2. Hourly backups to primary NAS (encrypted)
  3. 2x daily backups to secondary NAS
  4. Weekly backups to external storage in 45 min fire rated safe which sits directly under fire suppression system
  5. Everything on UPSs and all laptop clients
  6. NAS and network gear in well conditioned, highly secure, restricted access area
  7. Premises surge suppresion
  8. Dual WAN fail over
1 Like
5

I would suggest not investing in a NAS (just an opinion). What is your role or purpose in the matter of this business? Why are they on Windows in the first place? Is there a specific app, business case/reason for this?

One Drive in itself truly isn’t a backup but we view it as such. I can think of a number of potential email viri that could break just this particular option and spread out to other peers.