There are various ways to ensure that important parts of your system are backed up securely. The method using tar which is suggested in this thread is useful, but if you want to be really thorough about backing up, it helps to have a dedicated backup server. For example, between my colleague and I we have about five or six servers, one of which uses rsync to mirror the other servers on a nightly basis, and then, to supplement that, we use BackupPC (which is in most distros) to do full weekly backups and daily incremental backups of the client areas of our servers, as well as directories such as /etc/. The beauty of BackupPC is that it stores multiple backups up to a specified age, so if you screw up your configuration you can go back to a previous setup with ease. I have used it to rescue a badly corrupted live server after it suffered a bit of overzealous upgrading.
The backup server communicates with the live servers using root logins with private/public key negotiation. Obviously, if some scoundrel gets root access to the backup server, the whole network is endangered. The solution to that one is probably to have vpn connections between the live servers and the backup server which can be off the internet.