Disaster recovery is essential for all organizations, but how can a small IT team implement a backup strategy that rivals those of large enterprises? We spoke with Milovan Milic, IT head at Ichthus College in the Dutch city of Veenendaal, and Alexandra Bejan, Marketing Director at Synology, to find out.
With nearly 20 years at Ichthus College and previous experience in enterprise organizations, Milovan brings valuable expertise in storage and virtualization to the education sector. At Ichthus, IT professionals must be versatile due to department size constraints. The IT team consists of just three specialists: one handling workstations (laptops and interactive whiteboards), another managing cloud and local applications, and Milovan himself overseeing storage and networking.
Also read: Synology introduces eight new NAS systems
A decade with Synology
Ichthus College has relied on Synology hardware for over ten years. Their primary “Super NAS” is a Synology SA3400D with twelve 16TB disks. They recently added an expansion unit—an RXD1219sas with twelve 12TB disks—to support upcoming projects. Previous systems remain operational for secondary backups at remote locations, including an SA3400 with twelve 8TB disks and an RS1221RP with eight 8TB disks. For specialized projects like video editing and photography, they deploy a Synology DS923+ with four 6TB disks that can be accessed directly. The main NAS handles VM and system backups, while the expansion unit stores FSLogix profile files and local video archives.
The primary NAS system offers 120TB capacity in RAID 6 configuration, with 60-70TB currently in use. Milovan emphasizes the importance of careful backup planning to prevent storage overload. “You can fill up your available storage in no time,” he cautions, noting that this happens regardless of total capacity—with increased redundancy or longer retention periods, any amount of storage can quickly be consumed.
Although they initially chose Synology years ago, they reevaluate options with each upgrade cycle. Why has Synology remained their preferred vendor? “Synology is moving more and more toward enterprise solutions,” Milovan explains. He highlights dual controllers, which minimize downtime but were previously only affordable for large enterprises. These controllers—CPUs with motherboards—allow the second controller to take over immediately if the first fails. Since Synology’s Active Backup for Microsoft 365 is a license-free solution, the entire ecosystem (of both hardware and software) becomes particularly cost-effective.
A textbook example
About ten years ago, Ichthus College experienced firsthand the importance of a robust backup strategy. During the Christmas period, four out of eight storage volumes failed, causing their Active Directory and Exchange server to disappear completely. Thanks to a VM backup running on a Synology NAS, Milovan restored everything within a day—most of that time spent verifying the restoration’s completeness.
“It was a life-saver,” Milovan says of the Synology backup systems. Today, the school is even better prepared for such disruptions. Features like dual controllers and extensive redundancy are no longer optional. Their primary NAS runs in RAID 6, allowing two disk failures without immediate problems, plus a “hot spare” disk ready for immediate deployment.
Though backups are rarely needed, they form the foundation of disaster recovery. Milovan follows the classic 3-2-1 rule: three data copies, on two different media types, with one off-site copy. He insists on maintaining multiple copies “just in case.” In addition, NAS users need to update their OS regularly, Synology’s Alexandra Bejan says. “Outdated operating systems are particularly vulnerable there.”
Bejan emphasizes the positives from implementing the textbook best practices Ichthus employs. “Organizations are facing increasingly complex aspects of ransomware defense, including access management, vulnerability management, data backup, and ensuring the recoverability of backup data”, she says. “The biggest challenge in ransomware protection is no longer a technical issue but a management issue. For instance, how to plan a comprehensive strategy, how to minimize the management overhead, and how to achieve protection goals with limited resources.”
This challenge includes dealing with human factors, Bejan, notes. “For individuals within businesses, the practice of reusing passwords across work and personal accounts or using home computers for remote work increases the risk of sensitive materials being stolen.”
Planning for the future
Student numbers at Ichthus College fluctuate, affecting both infrastructure requirements and available subsidies. Current systems are configured for 2,000-2,500 students, preparing the school for future needs. Milovan and his team stay informed about possibilities through Synology’s roadmaps and competitor offerings. The school takes a gradual approach to scaling up, as purchases must be justified to management based on genuine need. The expansion unit purchase, for example, was planned in advance but only implemented when a new project required the additional storage. Multi-year plans undergo annual review, aligning with regular update cycles.
Milovan’s team gathers information from vendors before designing specific configurations, often consulting Synology directly. Features like video surveillance interest Ichthus College, with Milovan seeing “endless possibilities” in Synology’s full range of offerings. However, he emphasizes meeting core needs before expanding into new areas. “We would love to take advantage of Synology’s video surveillance,” Milovan notes. Hybrid cloud capabilities remain essential, as dependency on Microsoft 365 without local backup is considered undesirable.
Beyond 3-2-1: the 3-2-1-1-0 strategy
Synology regularly launches solutions supporting customers’ backup needs. As organizations grow, data and backup strategies become more complex, especially when using products from different vendors. Synology aims to reduce both costs and learning curves. Building on the 3-2-1 rule, Synology has developed the 3-2-1-1-0 strategy: three copies, two different media types, one off-site backup, plus one immutable copy to protect against ransomware, and zero backup failures.
“Ransomware is constantly evolving. It’s no more a matter of if, but when a ransomware will take place”, Bejan tells us. “The primary challenges for business in safeguarding their data from ransomware attacks comes from the lack of a comprehensive data protection plan. Without such a plan, companies may find themselves in difficult situations if targeted by ransomware, potentially facing data loss and, more critically, disruption of business continuity.”
The necessities, from a Synology perspective, are clear. Bejan: “if companies can adapt a zero-trust, assume-breach mindset and implement least privilege principles, such as role-based access control, along with the use of strong and unique passwords, and multi-factor authentication, they can significantly reduce the possibility of a ransomware attack.”
Synology provides tools to implement this comprehensive strategy and identifies areas where coverage may be lacking. Their user-friendly interface comes without additional licensing costs, as with Active Backup for Microsoft 365. While hardware costs are unavoidable, the software incurs no extra expense—benefiting organizations with limited budgets, such as educational institutions. Milovan and his team at Ichthus College are reaping the benefits by maintaining enterprise-grade backups despite their small IT department.
Another benefit is cost: “Our goal is clear”, Bejan says. The company aims “to help customers reduce costs associated with backup infrastructure investments, both in terms of human resources and financial expenses.”
Big and small
One may imagine that smaller enterprises make for easier targets due to their limited IT. However, nothing could be further from the truth. Bejan: “We have observed that the larger the enterprise, the more difficult it is to implement a comprehensive data protection strategy.” She says the primary reason for this lies in the previously fragmented investments in backup infrastructure, where different solutions were procured for various workloads. “These legacy solutions struggle to effectively manage the rapidly growing number of workloads and the increasing data size. At the same time, they require significant human resources for training, with steep learning curves, making self-learning difficult. When personnel are reassigned, considerable time is needed to relearn the system.”
Recently, Synology has launched a new range of products that can perfectly be adapted to those companies looking for extra security. With ActiveProtect Manager (APM) and Data Protection (DP) series, companies and schools like Ichthus College, can secure their data and grow their business with a backup device designed for this purpose. ActiveProtect is an all-in-one data protection solution designed for modern businesses. The DP series, such as the DP320 and DP340, are preconfigured with hardware and powered by ActiveProtect Manager, a specially designed operating system, this solution simplifies management while offering comprehensive backup and recovery capabilities. Advanced features like immutability, isolated backups, and access controls protect your data against ransomware and other threats.
Conclusion: keeping data safe
The Ichthus example showcases how an enterprise-grade backup strategy can be realized for an organization with limited resources. To conclude this overview, Bejan reiterates the most important challenges companies face and how Synology can help solve them. “Don’t wait for ransomware to happen. It’s best to always assume a zero-trust, assume breach mindset, and to prepare your company as if ransomware can happen at any time.”
To conclude, Bejan notes the following frameworks which Synology can help organizations adhere to:
Organizations can enhance their security through three robust frameworks: access control, system security, backup and recovery.
Always have an extra layer of security. Synology offers plenty of license free solutions to ensure extra layers of backup. In backup and recovery, data should be regularly backed up, with multiple copies stored in different locations. It’s also important to back up to various destinations with versioning support. Regular testing of backup and recovery procedures is essential to ensure fast and effective restoration, and users should develop and maintain a disaster recovery plan.For system security, it is crucial to keep all software and operating systems up to date. Users can install and maintain antivirus and anti-malware software to detect and remove threats and choose solution providers with a proven track record in product security.In identity and access management, role-based access control is supported, along with the use of strong, unique passwords and multi-factor authentication (MFA)
Of the three, backup and recovery are increasingly emphasized. As ransomware becomes more advanced, ensuring complete security is nearly impossible. The industry now advocates for an “assume breach” mindset, which focuses on minimizing the impact when full prevention isn’t feasible.