Not that I want to be the one to have argued against backups if something bad happens, but I don’t see a lot of value in this. The whole point of Git is that a copy of the entire commit history exists on everyone’s computer (and would still be available in the reflog for a while even after a catastrophic force-pull). And while that doesn’t include things like issues and pull requests, restoring those from a backup would be pretty ugly. So while periodically running one of the open-source scripts that dumps everything available via the API seems like a decent idea, I don’t see this as something that’s particularly worth paying for.
I’d say the most important thing would be making sure that people with write access have 2FA enabled and limited API key settings.