Similar to what rdx said, RAID is really for data redundancy, not for data backups. We use two main backup methods at my company: full and incremental. Every server in the company gets a full backup of all its drives on at least a weekly basis. Mission-critical servers get full backups every night. Less critical servers get incremental backups nightly. This means anything that changed since the last full backup.
The backups are stored in four different ways: SAN, WORM, copies to failover servers and some sort of tape/optical drive. Servers of lower importance get backed up to SAN. A SAN is basically a giant cabinet of disks in RAID 5 (my personal favorite level of RAID). Servers of medium importance can go to SAN or to tape, and will also go to a failover server. The servers of highest importance are always clustered, sharing a SAN for normal storage. These also go directly to tape as well as a smaller failover cluster. Finally, some data is backed up to WORM (Write Once Read Many) which is a format that can never be overwritten or changed once it has been written. The two types of WORM we use are CD-Rs and SnapLock drives. This is only for data that has some legal or regulatory requirement to be stored in that format.
Here are a few common rules about our backups:
1. Everything on a SAN eventually goes to a tape as well, which means the ultimate copy of all data is to tape.
2. Anything that goes to WORM also has to be backed up elsewhere.
3. Failover servers and backup servers cannot be in the same facility as the servers being backed up. If a tornado wipes out a datacenter, we don't want to lose the backups too.
4. A copy of each tape must be made and sent to another offsite facility that is separate from the primary and backup datacenters. I believe we actually use a vendor with an underground vault for this.
5. Individual workstations don't get backed up. Period. Everyone gets an individual, hidden network share which only they can access. If you don't want your stuff lost, put it there.
