By definition a disaster recovery solution needs to be geographically separate. You’re protecting yourself from catastrophe, and some of those scenarios include your main location burning down, flooding, being hit by a tornado, etc etc.

So you either need to collocate systems with a friend who you trust, purchase colocation services from a provider, or use a cloud service to achieve what you’re looking for to truly have a DR solution.

As far as how to do that, the main idea is to have that point in time available on a system that, even if you get compromised, the backups won’t. The old school method here is to use an external hard drive or a tape device, and physically store that offsite. So like use your regular backup mechanism, and in addition to what it’s doing now schedule a daily/weekly/monthly job that backs up to this other device, and then store that away from your main location.

That’s essentially the idea though, and there are any number of solutions you can use to do it.

What cloud backup solution are you using? A lot of them offer additional protection that would keep a history of your files. You can essentially say “once a week create a point in time recovery of all my files” and then you could recover your files from that point in time.

This usually costs extra, and it makes sense why. They’re essentially keeping extra copies of your data for you.

How that is configured allows you to determine your RPO, or recovery point objective.

https://www.imperva.com/learn/availability/recovery-point-objective-rpo/

So you can decide how much data you’re comfortable losing by determining how often those point in time recovery events happen.

Did that make sense?

The real issue here is backups vs disaster recovery.

Backups can live on the same network. Backups are there for the day to day things that can go wrong. A server disk is corrupted, a user accidentally deletes a file, those kinds of things.

Disaster recovery is what happens when your primary platform is unavailable.

Your cloud provider getting taken down is a disaster recovery situation. The entire thing is unavailable. At this point you’re accepting data loss and starting to spin up in your disaster recovery location.

The fact they were hit by crypto is irrelevant. It could have been an earthquake, flooding, terrorist attack, or anything, but your primary data center was destroyed.

Backups are not meant for that scenario. What you’re looking for is disaster recovery.

I’ll agree with the other commenter here.

Also there may not be any difference between the consumer and enterprise drives. The reason the enterprise cost more is the better warranty. But because they have different components.

Monitor the drives, modern drives are pretty good at predicting when they are dying, and replace it necessary.