RAID is not a backup: the 3-2-1 rule explained
This is the sentence that has saved more businesses than any other, and cost the ones who ignored it dearly: RAID is not a backup. RAID is a wonderful thing at what it does, keeping you running when a single disk dies. But people hear "the data is mirrored across drives" and conclude they are safe, and then a deleted folder, a ransomware attack or a stolen server takes everything, mirrored perfectly across every drive at once. If you run a business on data, this is worth ten minutes. Here is what RAID actually protects against, what it does not, and the simple rule that does.
What RAID is, and what it is genuinely good at
RAID spreads your data across several disks so that if one drive fails, the system keeps running on the others while you replace the dead one. That is real and valuable. A drive failing is common, and RAID turns it from an outage into a quiet swap. For keeping a business running through the everyday death of a disk, RAID earns its keep.
The trouble is not what RAID does. It is what people assume it does. Because the data lives on multiple drives, it feels backed up. It is not, and the reason is the very thing that makes RAID work: it copies everything you do to all the drives, instantly, all the time.
Why that instant copying is the whole problem
Here is the catch that undoes people. RAID does not understand good changes from bad ones. It copies them all, faithfully, the moment they happen. So consider what actually destroys business data, and watch RAID fail every one:
- You delete the wrong folder. RAID deletes it from every disk at once. There is no older copy to go back to.
- A file gets corrupted. The corruption is mirrored across all drives instantly. Every copy is now broken.
- Ransomware encrypts everything. RAID dutifully encrypts it across all drives. Every disk now holds the same locked, useless data.
- The server is stolen, flooded or burnt. All the drives are in the one box, so all the copies go together.
Notice the pattern. RAID protects against exactly one thing, a single drive dying, and that is the least common way businesses actually lose data. Deletion, corruption, ransomware and disaster are the common causes, and RAID answers none of them. A business relying on RAID alone is armoured against the rare threat and naked to the frequent ones.
What a real backup is
A backup is a separate copy of your data, kept apart from the original, that you can go back to. The two words that matter are separate and back to. Separate, so that whatever harms the original, a deletion, ransomware, a fire, cannot reach the copy. And back to, meaning you can recover the data as it was before the disaster, from an earlier point in time. RAID has neither property: its copies are not separate, they are the same live data, and it cannot take you back to before, because it only ever holds now.
That distinction is the whole thing. RAID keeps you running. A backup lets you recover. A serious setup wants both, and the two are not interchangeable no matter how the drive count tempts you to think so.
The 3-2-1 rule, the simplest one that works
You do not need to memorise a manual to be genuinely safe. You need one rule, and it has survived every kind of disaster precisely because it is so simple:
- 3 copies of your data. The original plus two backups. One failure never leaves you with nothing.
- 2 different types of media. So that one kind of fault, or one kind of attack, cannot take all your copies together.
- 1 copy off-site. Kept somewhere else entirely, so a fire, theft, flood or ransomware at your premises cannot reach every copy.
That off-site copy is the hero of the story. It is the one that survives when the whole office is gone, and it is the one that beats ransomware, because a copy the attacker cannot reach is a copy the attacker cannot encrypt. If you take a single action from this page, it is to make sure one good copy of your data lives somewhere out of harm's reach.
The two questions that decide if you are actually safe
Beyond the rule, two honest questions settle whether your business is protected. First: is a copy of your data somewhere ransomware cannot reach? A backup drive left permanently plugged in and writable gets encrypted right alongside everything else. Only an off-site or offline copy, out of reach, survives an attack. Second: has anyone ever actually restored from your backup? A backup you have never tested is a hope, not a plan, and the emergency is the worst possible moment to discover it was quietly failing for months. Real backups are tested by genuinely recovering files, on purpose, before you ever need to.
Backups sit alongside your other foundations, and they are part of the same picture as your cyber security and how your server or main machine is set up. If you have RAID and thought that meant backed up, you are exactly who this page was written for, and you are in good and common company.
FAQ
Is RAID a backup?
No. RAID keeps your system running when a single disk fails by mirroring data across drives, which is valuable, but it is not a backup. It copies everything you do instantly, including a deletion, a mistake, or a ransomware encryption. If your files are wrecked, RAID has faithfully wrecked them on every disk at once. It protects against a dead drive, not against loss.
What is the 3-2-1 backup rule?
Keep three copies of your data, on two different types of media, with one copy kept off-site. The three copies mean a single failure never leaves you with nothing. Two media types mean one kind of fault cannot take all copies. One off-site copy means a fire, theft or ransomware at your premises cannot reach every copy. It is the simplest rule that actually survives real disasters.
Why is RAID not enough to protect my business?
Because most data loss is not a dead disk. It is someone deleting the wrong folder, a file getting corrupted, ransomware encrypting everything, or the whole machine being stolen or destroyed. RAID answers none of those, because it only guards against one drive failing. A business that relies on RAID alone is protected against the least common cause of loss and exposed to all the others.
Does ransomware get into my backups too?
It can, if your backup is always connected and writable, which is exactly why the off-site and offline part of the rule matters. Ransomware encrypts everything it can reach, including a backup drive left permanently plugged in. A copy that is kept off-site or offline, out of the attacker's reach, is the one that survives and lets you recover. That copy is the whole point.
How do I know my backups actually work?
By testing a restore, not by assuming. A backup you have never restored from is a hope, not a plan, and the worst time to discover it was silently failing is during a real emergency. A proper backup setup is checked regularly by actually recovering files from it. If nobody has ever restored from your backup, that is the first thing worth doing.
Can Alien IT set up proper backups for us?
Yes. We set up backups that follow the 3-2-1 rule, with an off-site copy out of ransomware's reach, and we test that they actually restore. Whether you have RAID and thought you were covered, or no real backup at all, we will get you to a position where losing a drive, a file, or the whole office is an inconvenience rather than a catastrophe.
The bottom line
RAID keeps you running when a disk dies, and that is worth having. It is not a backup, because it copies your mistakes and your ransomware as faithfully as your good work, and all its copies live in the one box. A real backup is separate, recoverable, and includes a copy kept out of reach. Follow the 3-2-1 rule, keep one copy off-site, and test that it restores. Do that, and the day something goes badly wrong becomes a bad afternoon instead of the end of the business.
Not sure whether your backups are real or just RAID? We will check what you actually have, fix the gaps, and prove it restores. Tell us how your data is stored and we will map the honest picture.