I have spent a lot of time ensuring that no matter what happens, my data is not only safe, but also accessible. Here is how
I will break this into sections:
And I also have a diagram. Here it is, hopefully it makes it a little more clear to follow along
I have a Synology DS1817+ picture below, all of the data is encrypted and requires me to manually mount the folders on reboot, meaning if you steal the NAS there is no way to get to the data.
I only use NAS rated drives, and the NAS is protected by an APC SMX1500RM2u UPS and configured to do automatic shutdown via the APC's network card
I have 8 drives in total, and I can lose any 2 thanks to SHR2. SHR2 is similar to RAID6, however I can use any sized drives
I also have BRTFS snapshots on all of the important shared folders. This means even in the case of mass data loss I can restore the entire folder in seconds.
I take snapshots every hour
I keep 24 hourly snapshots, and 2 daily snapshots. Anything further I will resort to backups
So, lets move on to..
All of the important data (Everything but Movies and TV Shows) is replicated to a second Synology NAS system which is located on my colocated server (More information on that server can be found here)
Replicating the data means that if my main system is offline, I can still actually access and use my data. Having a backup is all well and good, but if you can't actually use the data when you need to, what's the point?
Here is what the server physically looks like, however the Synology NAS is really just a virtual machine.
I use Cloud Station ShareSync to sync the data between the two Synology NAS systems. Some folders are set to sync just one way, and others are two way
Synology Cloud Station will only sync changed blocks, meaning if I edit a file it only needs to upload a tiny part of it. This is useful because while Comcast gives me a full Gigabit down, I only get 40Mb/s up..
I also take off-site backups from the replicated data, this again minimizes the amount of data that needs to be uploaded.
To protect the replicated data, I also take hourly snapshots of those folders.
And I also retain them for a little longer, but keep less hourly snapshots
Lets move on to backups
First, lets talk about on-site backups. For this I use Synology HyperBackup, with an hourly schedule. I backup to a 4TB USB 3.0 WD Easystore that is located right next to the NAS. This allows me to backup and restore very quickly.
I keep the data forever, with 256 versions
A 4TB drive might not seem to big, however most of my data is media like TV shows and movies, which I don't back up (Backing up 20TB of movies would cost more than its worth)
Next, I do an off-site, offline backup to a hard drive in a protective case
I use a USB 3.0 dock plugged into the Synology NAS to do this, as well as using HyperBackup again. I do this once per month, and keep the data forever.
The hard drive is kept at my work in my drawer. Because it is offline, almost anything can happen to my data and nothing will get to this, unless I actually bring it back home. All the data is encrypted, obviously
After that, I have an off-site online backup. For this I use Arq 5 which is installed on my colocated server. This backs up the replicated data to a secured, isolated shared folder.
I also keep this data forever, with backups being thinned to weekly, then monthly as time goes on.
Because the data is already off-site from the replication, it happens very quickly.
Lastly, I do a final backup to an encrypted Stablebit CloudDrive volume which is stored on Microsoft SharePoint Online through Office 365. I do this monthly
This drive is kept un-mounted so no automated software or malware could get to it
I do a simple Robocopy sync to keep the data updated.
So far I really like this plan. Its very simply and mostly automated, and requires almost no maintenance. It easily satisfies 3-2-1 and it would be very hard to destroy the backups, as 2 of them require manual intervention to mount. I am also using multiple different pieces of software, making software bugs a non-issue
The data is also very safe before backup thanks to the NAS rated drives, UPS, Encryption and replication to a secure datacenter
Restore and backup speed is also excellent as I can simply drive to the datacenter and and move the data manually.
Cost is minimal as I already have the colocated server, local NAS and Office 365 subscription
If you have any questions, improvements or issues with my setup please do let me know! I am always looking to improve