RAID protects your data from one specific event: a hard drive failing. Nothing else. RAID mirrors or stripes data across multiple drives so that if one fails, the array keeps running and you retain access. That is all RAID does. It does not protect against accidental deletion, ransomware, silent data corruption, the NAS unit itself failing, fire, theft, or human error. Any of these events will destroy your data whether you have RAID configured or not.
In short: RAID is redundancy, not backup. They solve different problems. RAID keeps your NAS running when a drive fails. Backup keeps your data safe from everything else. You need both.
What RAID Actually Does
RAID distributes data across multiple physical drives using one of several configurations. The most common for home and SMB NAS use are RAID 1 (mirroring), RAID 5 (striping with parity), RAID 6 (striping with dual parity), and Synology's SHR, which is a flexible variant of RAID 5 or 6 that handles mismatched drive sizes.
In RAID 1, every write is duplicated across two drives simultaneously. If one drive fails, the other contains a complete copy and the system keeps running in a degraded state until the failed drive is replaced and the array rebuilds. In RAID 5, data is striped across three or more drives with parity information distributed across the array, tolerating a single drive failure. RAID 6 extends this to tolerate two simultaneous drive failures, at the cost of more storage overhead and slower write performance.
The common thread across all RAID levels: RAID exists to keep a storage system running through hardware failures. It is a high-availability mechanism. It is not a data protection mechanism in the broader sense that a backup is.
What RAID Does Not Protect Against
Accidental deletion. If you delete a file, RAID deletes it from all drives simultaneously. The deletion propagates instantly across the entire array. There is no version to recover from. RAID has no concept of history, only of the current state of the drives.
Ransomware. Ransomware encrypts files on the live file system. Because RAID maintains a synchronised copy of everything written to it, the encrypted versions propagate across every drive in the array in real time. A RAID 1 mirror is just as efficient at replicating ransomware-encrypted files as it is at replicating clean ones.
Silent data corruption. Some RAID configurations, particularly those using ext4 without block-level checksums, cannot detect corruption below the file system level. A bit that flips silently can be replicated across the array before anyone notices. ZFS-based systems handle this better through regular scrubs and self-healing, but the underlying issue holds: RAID replicates what is there, good or bad, without verifying the integrity of the data itself.
The NAS unit itself failing. If the NAS enclosure fails, the controller dies, or the operating system becomes corrupted, all drives become inaccessible simultaneously. Even with RAID 1, the data on those drives may be unreadable without an identical NAS to plug them into. RAID protects against one drive failing inside a working device. It does not protect against the device housing those drives failing.
Theft, fire, and flood. Both drives in a RAID 1 array sit in the same enclosure, on the same shelf, in the same room. A single theft, fire, or flood event destroys both copies at the same time.
Human error beyond deletion. Overwriting a file with the wrong version, corrupting a database, running a script in the wrong directory, saving over 12 months of work with a blank template - all of these propagate immediately across the array.
RAID 1 is two copies of your data in one location. That is redundancy, not backup. True backup requires a separate copy, stored separately, ideally with versioning so you can recover from any point in time.
RAID vs Backup: What Each Protects
What RAID covers vs what backup covers
| RAID 1 | RAID 5/6 | 3-2-1 Backup | |
|---|---|---|---|
| Single drive failure | Protected | Protected | Protected (also) |
| Accidental deletion | Not protected | Not protected | Protected (if versioned) |
| Ransomware | Not protected | Not protected | Protected (if offsite or immutable) |
| NAS device failure | Not protected | Not protected | Protected |
| Fire or flood | Not protected | Not protected | Protected (if offsite) |
| Silent data corruption | Not protected (ext4) | Not protected (ext4) | Protected (if verified) |
| File version recovery | Not possible | Not possible | Possible |
| Protects against two drive failures | No | RAID 6 only | Yes |
The Scenarios That Catch People Out
Ransomware is the most devastating failure mode for RAID-only setups. Ransomware campaigns have specifically targeted NAS devices because attackers know that NAS users often rely on RAID as their only protection and have never set up offsite backup. QNAP devices experienced high-profile ransomware attacks in 2022 and 2023 targeting internet-exposed NAS units with default or weak credentials. Users who relied solely on RAID lost everything. Users with clean offsite backups recovered. The lesson is not specific to QNAP - any NAS exposed to the internet without proper access controls is a target, regardless of brand or RAID level.
The second most common failure: accidental deletion at scale. A sync job runs in the wrong direction and overwrites a source folder with an empty destination. A user deletes the wrong top-level directory. A developer runs a cleanup script on a mounted NAS path instead of a local temp directory. RAID provides no record of what was there before the deletion. Without versioned snapshots or a separate backup, that data is gone permanently.
The third: the NAS device itself failing. NAS devices fail. Power surges destroy controllers. Firmware updates corrupt boot volumes. Capacitors fail after years of 24/7 operation. When this happens on a non-ZFS NAS, the drives may require an identical NAS model to be read - and even then, recovery is not guaranteed if the OS partition or drive encryption keys were stored on the device. This is a scenario where even RAID 6 provides no protection at all.
What a Real Backup Strategy Looks Like
The 3-2-1 rule is the standard: three copies of your data, on two different media types, with one copy stored offsite. Applied to a NAS setup, this typically means:
- Copy 1: The NAS itself (this is your working copy, not a backup)
- Copy 2: A second NAS or external drive at the same location (local backup - fast recovery)
- Copy 3: Cloud backup or a drive stored at a separate physical location (protection against site-level events)
Versioning is essential. A backup that only keeps the latest version of every file does not protect against accidental deletion or ransomware, where the encrypted or deleted files may have overwritten the clean versions before the backup ran. Backup solutions like Synology Hyper Backup, QNAP Hybrid Backup Sync, and Veeam support versioned backups that let you recover data from any point in a retention window. For a full comparison of NAS backup software, see the NAS backup software guide.
For the complete 3-2-1 strategy breakdown including cloud provider options and hardware recommendations, see the 3-2-1 backup strategy guide for NAS.
How RAID and Backup Work Together
RAID and backup are not alternatives to each other. They are complementary layers of a complete data protection strategy.
RAID handles the hardware availability layer: keeping the NAS running through drive failures, avoiding unplanned downtime, and giving you time to replace a failed drive without scrambling to restore from backup. For a business NAS shared by multiple users, RAID is essential because a non-redundant NAS going offline mid-workday is disruptive and potentially costly.
Backup handles everything RAID cannot: accidental deletion, ransomware, device failure, and site-level events. The correct mental model is this: RAID is availability insurance, backup is recovery insurance. Running RAID without backup is like insuring your car but not your house. Different risks, different coverage.
Common Mistakes Worth Knowing
Thinking RAID 1 gives you double the storage. It does not. RAID 1 gives you the full capacity of one drive, not two. Two 8TB drives in RAID 1 give you 8TB usable. The second drive is entirely consumed by the mirror.
Treating RAID rebuild time as low-risk. During a rebuild, the array is under sustained stress. Every surviving drive is being read in full to reconstruct the failed drive's data. This is when a second drive failure is most likely, particularly on drives that are the same age and batch. In RAID 5, a second drive failure during rebuild means total data loss. Replace failed drives promptly and keep current backups at all times, but especially during a rebuild.
Thinking RAID 6 or SHR-2 eliminates the need for backup. RAID 6 tolerates two simultaneous drive failures. It does not protect against ransomware, accidental deletion, or the NAS device itself failing. The distinction is always the same: RAID protects against drive hardware failure. That is the only thing it protects against.
Australian Buyers: What You Need to Know
Ransomware and AU NAS users. The QNAP ransomware campaigns of 2022-2023 hit Australian users hard. NAS devices exposed to the internet on consumer-grade NBN connections without VPN or access controls were targeted by automated scanning. Most affected users had RAID configured and assumed it provided protection. It did not. The lesson applies to all NAS brands: any device reachable from the internet is a potential target. The correct response is proper access controls (VPN-only remote access, no direct port forwarding for management interfaces) combined with offsite backup. For more on hardening your NAS against network threats, see the NAS security and ransomware protection guide.
Cloud backup and NBN upload speeds. The NBN 100 plan delivers around 18-20Mbps typical upload in most states. Uploading 4TB of data at 20Mbps takes approximately 18 days of continuous transfer. This makes the offsite cloud backup component of a 3-2-1 strategy a long-horizon project for larger NAS setups. The practical approach is to start cloud backup with your most critical data, complete the initial seed over several weeks, and then let incremental daily backups maintain the copy. After the seed is complete, daily incrementals are typically small and manageable on any NBN plan.
Warranty covers hardware, not data. Under Australian Consumer Law, if a NAS device fails within its warranty period, the retailer is responsible for repair or replacement. The standard warranty process in Australia runs through the full chain: retailer to distributor to vendor in Taiwan, then back again. Expect a minimum of 2-3 weeks for resolution. Warranty covers the hardware purchase. It does not cover the contents. If the NAS fails catastrophically during the warranty period, no ACL claim will recover your data. This is the most important reason to maintain a real backup independent of the NAS or its warranty status.
Power events. Connecting a NAS to a UPS (uninterruptible power supply) protects against the most common cause of non-drive NAS hardware failure: power events during a write operation that can corrupt the file system or damage the controller. RAID does not protect against this. For UPS selection and sizing, see the UPS for NAS Australia guide.
Related reading: our NAS buyer's guide.
Free tools: RAID Calculator and Backup Storage Calculator. No signup required.
Does RAID count as a backup?
No. RAID is redundancy, not backup. It protects against drive hardware failure only. It does not protect against accidental deletion, ransomware, NAS device failure, or physical events like fire or theft. A real backup requires a separate copy of your data, stored separately from the NAS, ideally with versioning.
Do I still need RAID if I have a good backup strategy?
Yes, for different reasons. RAID keeps your NAS running through a drive failure without needing to restore from backup, which can take hours or days depending on data volume. If the NAS serves multiple users or holds data you access constantly, RAID prevents unplanned downtime. Backup is for data recovery after a loss event. RAID is for availability through hardware failure. They address different risks and you benefit from having both.
Can ransomware be recovered from if I have RAID?
No. Ransomware encrypts files on the live file system. Because RAID maintains an exact synchronised copy of everything, the encrypted versions propagate across all drives in the array. Recovering from ransomware requires a clean backup taken before the encryption occurred, not RAID. The only protection against ransomware is a separate, versioned, offline or immutable backup.
What is the difference between RAID 1 and RAID 5 for home use?
RAID 1 mirrors two drives, giving 100% redundancy with the simplest rebuild process. It is the only option for 2-bay NAS devices. RAID 5 uses three or more drives with distributed parity, giving you the capacity equivalent of N-1 drives with a single drive failure tolerance. RAID 5 is more storage-efficient than RAID 1 on larger arrays but more complex to rebuild. Synology's SHR is a flexible variant that handles mixed drive sizes. For a full comparison of RAID levels, see the NAS RAID explained guide.
Is ZFS better than RAID for data protection?
ZFS provides stronger data integrity than traditional RAID by adding checksums at the block level, detecting and self-healing silent corruption during scheduled scrubs. QNAP's QuTS Hero and TrueNAS both use ZFS. But ZFS still does not protect against deletion, ransomware, or device failure. ZFS improves the quality of your redundancy. It does not replace backup.
How often should I test my backups?
At minimum, quarterly. The most common backup failure is not the backup stopping - it is the backup running silently but the restore failing when needed. Test restoration of a sample of files from your backup every three months. Set a calendar reminder. A backup you have never tested is a backup you cannot rely on.
What backup software works with Synology and QNAP NAS devices?
Synology includes Hyper Backup (supports local and cloud destinations with versioning) and Active Backup for Business (for backing up PCs and servers to the NAS). QNAP includes Hybrid Backup Sync, which supports a wide range of local, cloud, and NAS-to-NAS destinations. Both support cloud destinations including Backblaze B2, Amazon S3, and others accessible from Australia. For a full comparison, see the NAS backup software guide.
RAID is the first layer. The next step is building the backup layer that protects against everything RAID cannot handle. The 3-2-1 backup strategy guide covers local backup hardware, cloud provider options for Australian NBN speeds, and how to set up versioned backups on Synology and QNAP.
Read the 3-2-1 Backup Guide