My backup looks like this.
- automatic, local backup to several Cryptomator vaults (which are synchronised with the respective clouds/FTP servers via OneDrive, Google Drive, SyncFTP. (Weekly/as needed). Backup as mirror, so only with 1 file version, locally deleted files are removed. These are primarily critical documents for which it is often useful to have mobile access (insurance policies, for example, or pictures).
- Automatic, external (non-encrypted) HDD backup with historical up to max 10 file versions and without deletion (only marking) of files no longer available in the source (weekly/as needed). This is my primary backup and includes all data.
- Automatic cloning of backup HDD1 to a second external hard drive (monthly).
- manual and monthly backup of larger and non-critical amounts of data directly online (without local synchronisation). I use Cyberduck for this and encrypt the files with the integrated cryptptomator encryption (it’s more of a gimmick).
My personal opinion:
I strongly recommend to not mix up data privacy and data protection. Tools like Cryptomator are not for covering data loss risk. So you should not have your only backup being encrypted (regardless which encryption tool you are using)