Over many years of providing hosting services, I've been through a huge number of backup strategies. The servers that we use all run Plesk (different versions), and to be honest I have moved in recent years from using pretty heavily customized environments, to running things pretty much as they come from MediaTemple and Parallels. The reasoning here is simple - recovering from disaster can be accomplished simply on a standard box.
In developing e-commerce sites, we are frequently asked by our clients to explain the various facets of developing a "secure" web site. I thought it might be helpful to put some of what we know on our web site for those of you that aren't fortunate enough to work with us directly 
.
There are a couple of different elements to security that you need to understand.
So I saw today (and I'm probably really late to the party) where there is a web site dedicated to getting a bunch of users to quit facebook on the 31st of May (2010). They have upward of 15,000 as I type. Reasons sited; Facebook doesn't respect you, your data, or the future of the web. Brilliant. How remarkable that a company, which by definitaion exists to generate profit, doesn't respect your data. You sandal wearing, beard-growing, greatful-dead listing hippies need to wake up and smell the capitalism. But I digress.