I have search for many time, but i haven't found solution for this, protect my team drives from ransomware infection.
I have many many teamdrive in company, with mixed file type (microsoft office and google doc).
I have try to solve problem writing this script GitHub - sharpec/rclone-crontab: RClone script to define multiple crontab for multiple folder. Incremental backup for multiple Teamdrive
With Google account business i have infinite space whit infinite number of team drive.
For each teamdrive folder, i created another team drive folder-bck
folder have a service account backup whit read only permission to team drive.
The same account have R + W permission to folder-bck, without any other user permission.
With crontab setup i run one or multiple sync per day.
Sync crontab with many option, including --backup-dir to prevent losing of old version of file (ransomware protection).
I would like to ask yours opinion on the options used and on the data loss prevention policy.
is the best solution to keep data in sync, including syncing google gsheet and gdoc files?