04-07-2010, 05:40 PM
It depends upon your goals. If you wish to avoid infection then you need to 1) train users not to open emails from unknown sources 2) don't go to websites that you wouldn't take your grandmother to 3) use AND maintain antivirus and antispyware software 4) come to terms with the fact that it just won't matter because eventually the computer will be compromised if someone is actually using it and it is connected to the internet.
In general I find that it is impossible to dodge malware on Windows machines even with all the precautions, but you can minimize the impact and downtime. Run Linux on the hardware, install VMWare and run a snapshot of Windows inside of Ubuntu. When the machine becomes crippled ditch that copy of Windows and restore a snapshot from back when it was healthy and fully patched and updated. Total downtime is likely less than 15 minutes.
In general I find that it is impossible to dodge malware on Windows machines even with all the precautions, but you can minimize the impact and downtime. Run Linux on the hardware, install VMWare and run a snapshot of Windows inside of Ubuntu. When the machine becomes crippled ditch that copy of Windows and restore a snapshot from back when it was healthy and fully patched and updated. Total downtime is likely less than 15 minutes.