Data protection

I read a news article at http://ca.news.yahoo.com/s/afp/080826/world/britain_us_banking_internet_company_rbs_ebay_data_1.These kind of articles are making headline and reminding us that we need to handle our Information Technology infrastructure with more care and strong policies. After reading the complete article, I think it is high time we should review Information Technology Best practices regarding the acquisition and access of assets till its disposal. In today’s world when we are storing everything in computer, which includes but not limited to source code for s/w program, customers demographic details, personal details, trade secrets, business model, its security should be first priority for every company. When we dispose off our computers/servers/hard disk special care about data erase should be mandatory. When we don't need computers/servers/hard disk, data should be backed up to the active server (Data retention Policy) and data should be cleaned from the computer asset we are going to dispose. A strict policy regarding asset disposal and handling should be in place in every organization to avoid the mistakes like this in future.Not doing so is like giving our home key to intruder.