I see more ignorant posts being made by idiots in the field of actual computer security, not salesmanship.
not really. social engineering is omnipresent and can happen everywhere. hopefully the new ISP has some stricter quality management and certain processes to prevent it.
No, it is not. What would happen if theymos actually forgot his password and they couldn't reset it?
You can't prevent social engineering, no matter what you do.
This type of attack is easily preventable. I'm just going to quote myself again. Further discussion and explanations are available in the parallel threads in this subforum.
Easily preventable on two levels:
1) collocate your own equipment in a remote data center. The customer service staff will simply have no access to it besides being able to press buttons on the box.
2) use non-commodity hardware like Oracle SPARC or IBM POWER or HP Integrity/Itanium. Then even if they manage to steal it they most likely will not be able to get the data off of it without specialized assistance.
Edit: Also, don't run Linux on those machines, but their native OS: Solaris, AIX, HP/UX respectively.