Re: I'm tired already just reading it
This is fantastic advice, unfortunately the rest of the article sounds more like "go to enormous lengths to protect everything 100%".
I hate to criticize writing style as I do not want to come across as making an ad hominem attack, but it is pertinent here. This entire article amounts to a collection of personal anecdotes. for example, "Lesson well and truly learned: most laptops that are stolen are by opportunistic thieves." A single sample study? The article purports to address personal security practices aimed toward protecting personal data both from unauthorized access and from accidental loss. I am not entirely sure if this was the case, which is where the writing style issue comes in for me.
Rather than continue in this vein, perhaps it would be instructive to point out a few things. First, what we are discussing here is personal security, not corporate. This implies both a comparative lack of resources, as the author rightly pointed out, and a greater need to customize the solution to the needs of the person. For example, the point about encryption of everything is rendered moot if you consider that one of the devices someone might have is a home media server. Perhaps placing it behind a firewall and setting up a cloud backup schedule for updated files only might be appropriate. Or simple offsite storage of a copy of the drives to be updated monthly would be more cost and time effective given that cloud storage might become prohibitively expensive as the library grows. What would encryption bring to the party here?
This brings up the issue that security beyond the endpoint was hardly addressed. A typical household that has internet connectivity probably has a phone per resident and perhaps a similar number of desktops, laptops, tablets or similar. It increasingly has other devices that connect to the internet. If you have a new TV or recording device or BR player or... the list goes on... you should at least understand how they work and how someone else might take advantage of them. You should take some basic precautions with your home router, perhaps setting up a separate network with your own kit and your own firewall. Put simply, the data on your devices is not the only thing you should be concerned with; there is plenty of sensitive data that can be pulled from your devices beyond your Word and Excel files.
Also lacking was how to act when outside the home. Should you connect to your hotel's wifi? If so, what kind of info should you trust to flow across their network? OK, trick question there, but the point is that it is not all about equipment. It is arguably more about behavior than anything else. Social engineering has probably compromised more data than attacks that do not make use of it. I would argue that a mandatory course in good online behavior and online risks would do more to ensure personal security than setting up encryption for all the drives in the world.
Personal security should be tailored to the individual's needs and situation, it does not stop with their files and one or two of their devices, it varies depending on situation and location, and good behavior is more important than everything else.