Slashdot ran this story about a couple whose hard drive, which had been supposedly destroyed by Best Buy, turned up at a flea market.  The implications are, of course, a little scary.

It amazes me how blazé people are with their data.  It's just not a lot of effort to keep your data secure.  Here are the measures that I take: 

1. Password-protect your user account.  My wife an I run as local admin, which is a bad idea, and I strongly recommend that you do NOT do that unless you are very confident in your ability to protect your system from malware.  That said, it is ALWAYS a good idea to password-protect your user account.  My wife and I have separate logons on all of our systems, and we use Fast User Switching to log on/off.  Password protecting your accounts ensures that anyone in your house using your system is going to be logged on as the guest account, and will only have the rights you grant them.
   
   
2. The directory tree on our network that we store all of our stuff in is set up with proper ACLs to deny access to anyone that isn't me or my wife.  This is lets us comfortably allow a guest to login to our desktop system without worrying that they'll get into our files.
   
   
3. The really sensitive stuff (financial records, images of our birth certificates and SSN cards, medical records, certain pictures) is kept in a TrueCrypt drive.  This way, if the machine is stolen, and an adversary bypasses the ACLs (easy enough to do - reinstall the OS), the sensitive stuff is still safe.  The TrueCrypt drive also has ACLs to deny guests access if we leave the drive mounted while they log on via Fast User Switching.
   
   
4. Sensitive information is never sent to anyone via email.  I've got my mom and wife using PGP to encrypt plain-text messages and binary files for email transmission.  The basic functionality will always be free, thanks to the efforts of Phil Zimmerman (a true hero, in my mind).  My wife is a power user, but my mom is a more "typical" user, and she caught on very quickly.  If my mom can pick it up, how hard can it be?  (Sorry, Mom...)
   
   
5. Backup your stuff, but take the same measures to protect your data.  I use the cheap-o cheezy Backup app that's built into Windows to backup all my directories and TrueCrypt drives to an external drive, but I maintain the same ACLs on the backup media as I do on the "production" media.
   
   
6. If you're going to be selling/throwing away/giving away a drive, please, for the love of Pete, at least format the stupid thing first.  A better option would be Darik's Boot and Nuke, but a regular format will take care of most adversaries.
   
   
7. Whenever I connect to my network remotely, it's all done via SSH.  The only inbound port on my network is SSH, and I use PuTTY to set up a secure tunnel for any connectivity I need from work or on the road.
   

Admittedly, my wife's passphrases/keys/passwords are not as strong as I would like them to be, but I had to reach a compromise with her to get her to agree to use them (Scott Hanselman calls this WAF - Wife Acceptance Factor).  Am I going to keep the NSA out?  Nah, probably not.  The NSA could probably get around my countermeasures pretty easily.  But am I going to make it hella-hard for the punk who breaks into my house/car and steals my laptop/PC or the Russian mafia script-kiddie who intercepts my email to get into my sensitive information?  Hell yes!