Opinion sought
As I continue strongly advocating better file management, storage and backup as the key* defence against ransomware, I'm very interested to hear from people who think this is the wrong approach.
Also, what do people consider the current state of the art with respect to internet facing file stores? So far I've got certifcate-based sftp on a non-standard port with fail2ban or similar, all other ports firewalled.
* emphatically not underplaying the importance of up-to-date FW, AV and OS.