<b>Encrypting your backups is great until you realize the key was only on the dead server.</b>

<b>Encrypting your backups is great until you realize the key was only on the dead server.</b>
Everyone gets the memo: encrypt your offsite backups. Good. Then the prod box dies, and the decryption key lived in the .env on that exact box, which is now a brick. Your backups are now perfectly secured against you.
The key has to live somewhere your disaster can't reach: a password manager, a separate KMS, a printed copy in a safe.
A backup you can't decrypt is indistinguishable from random noise.
Key management is the backup. The files are just the easy part. Fight me in the comments.