The only fully-secured computer is one that is turned off. It is impossible to guarantee total security, especially once a computer is connected to a network, including the Internet. The best for which an IT manager (or an individual user) may hope is that the installed antivirus, antispam, and firewall applications are stronger than the attacks the computer receives.
Listen to the podcast at Internet Archive.
On a positive note, the most common forms of successful attacks are those that begin with an infected attachment to an e-mail message. The second most common attack scenario involves a user’s visiting a Web site that installs malware.
Please, encourage safe computing in your organizations. Require users to delete e-mail attachments that they are not expecting to receive.
We must also require our IT departments to keep our employee’s computers up to date with Microsoft’s security updates. Malformed graphic images can also be used to launch attacks against computers, as was recently witnessed on MySpace.
I again suggest that, regardless of your interest in information technology, that you learn to secure your most valuable digital resource, your personal computer, by following Steve Gibson’s SecurityNow! podcast. Start with episode one, and either listen to or read all episodes, they build upon one another.