Team Printing Inc. is a commercial printing and design studio based in Ontario, Canada. Their work depends on large, frequently-updated design files — the kind that move between designers' workstations, the production floor, and increasingly to people working from home. When the studio first reached out to us in early 2025, that workflow had been built on infrastructure that had quietly grown out of sync with the value of the data running through it.
The trigger for the engagement was a cyber attack. The recovery had been slow, painful and incomplete, and it had exposed three things the existing setup couldn't defend against. The brief was to fix the underlying architecture, not just buy more security software.
What we found
The starting point, as on most engagements, was looking carefully at what the studio already had. The primary file repository was a single Windows server with no RAID protection — one drive failure would have wiped out live production work. The backup destination was a 2-bay NAS, also without RAID, so the backup tier itself was a single point of failure rather than a safety net. And remote designers had no structured way to access central files; people were working from local copies, emailing edits back and forth, with no reliable mechanism for changes to flow into the master.
Each failure mode individually was survivable. Together, they meant the cyber attack had been able to destroy live data, corrupt the only backup copy, and leave the team without a clean recovery point — in a single sequence.
The studio didn't need more storage. They needed a storage architecture where no single failure — drive, server, ransomware encryption, or stolen device — could take out both the production data and the backup copy at the same time.
The 3-2-1 architecture
The reference point we used was the industry-standard 3-2-1 backup principle: three copies of the data, on two different media types, with one copy off-site. It's a thirty-year-old idea, but most small and mid-sized businesses still don't actually meet it. The fix had to satisfy all three numbers simultaneously, not just one of them better.
For the central storage tier, we specified a Synology DS425+ — a 4-bay NAS sized for a creative studio's working set. Four 4 TB drives in RAID 5 give roughly 12 TB of usable capacity that survives a single drive failure with no downtime, and SSD caching accelerates access to the large files designers open day-to-day. For the off-site copy, an encrypted cloud backup job runs on a schedule out of the NAS itself — encryption at rest, encryption in transit, and a copy that lives somewhere a ransomware infection on the local network can't reach. For the remote workflow, Synology Drive Sync gives designers a secure way to access central files from anywhere, with two-way synchronisation back to the NAS.
Three copies (server, NAS, cloud), two media types (local NAS, cloud storage), one copy off-site. The 3-2-1 picture in practice.
A migration that didn't break production
The Synology was deployed alongside the existing central server rather than replacing it outright. The workstation-to-server workflow that designers were already used to was preserved, with the server replicating to the new NAS in the background. From the studio's day-to-day point of view, very little changed visually — but the data was now landing on a fault-tolerant tier with a real off-site backup behind it. The team built confidence in the new setup before the old one was retired.
What changed
The most visible change for designers was speed: SSD caching makes opening and saving large files noticeably quicker than the old server allowed. The remote workflow stopped being something people improvised around — designers working from home now access the same master files as the team in the studio, with edits flowing back automatically.
The less visible and more important change is what happens if there's another incident. The studio now has a clean recovery point that lives away from any infection on the local network, and the operational tier itself can absorb a single drive failure with no data loss and no downtime. The next attack, if it comes, doesn't end with a forensic recovery and incomplete restore. It ends with a restore from clean off-site copy.
What this engagement demonstrates
Storage and backup engagements often get treated as "buy a NAS" purchasing decisions. They're not. They're architecture decisions, and the architecture is what determines whether your business survives the next bad day. The Synology hardware in this project is good, but it's not the point — the point is that every component in the chain has a defined role, and no single failure can take out the data and the safety net at the same time.
The right time to design a serious storage architecture is before the incident, not after it. The cost of doing it after — in lost work, lost time, and lost confidence — almost always exceeds the cost of designing it properly the first time.
For organisations whose work depends on irreplaceable digital assets — design studios, architecture firms, engineering practices, legal and accounting offices, anyone whose unique value lives in files on a server — the same logic applies. If you can't tell a story end-to-end about how your data survives a drive failure, a building fire, a stolen laptop and a ransomware attack, the architecture isn't done yet.