A good approach is to have rsync scripts that run more-or-less constantly, sending the data to a directory on the backup drive which is
write-protected, accessible only to the special user-id that's responsible for backups. This is basically how Apple's
Time Machine operates. There are a number of good web pages that show how the trick is done.
For instance, this one:
https://bipedu.wordpress.com/2014/02...-time-machine/
And, leave us not forget
this site!
http://www.linuxquestions.org/questi...achine-889376/ (There are numerous really good links in that thread.)
For recovery purposes, then, you need a bootable CD-ROM ("sticks" can fail or be modified ...) that can be used to launch a recovery system, to perform filesystem tests and repairs, and so forth.
But, to be any good at all, the backups
must be detailed and very current. "A week old" is useless.
From time to time, you should make a snapshot of the backup drive, take it to another machine altogether (which is not connected to the Internet), and "do a complete 'fire drill.'" The scenario is this: that "the worst has just happened," this machine is your replacement device, and your job is to completely and accurately restore the system onto it within two hours,
and to demonstrate that the procedure worked. These days, I would use a phone to
film the exercise.