The defense-in-depth approach to malware

Computerworld - Ever try to hammer a nail with a pair of pliers? You might succeed, but it will take much longer and be more difficult than it would if you used a hammer.
Having the right tools makes any job easier, and when it comes to protecting workstations and servers from malware, the same rule applies. When you're securing computer systems against threats from hackers and malicious code, a defense-in-depth strategy is the best option. Defense-in-depth is based on the premise that multiple layers of security offer greater security than can be achieved by any single protection mechanism. The layers may be procedural, technological or policy-based.
These days, the time between vulnerability discovery and exploit has diminished to a very short period leaving, little or no time to adequately test patches before deploying them. This may force haphazard patching or, worse, giving up on patching altogether. Unfortunately, hacking and cracking into computer systems seems to have become a global sport. Computer intruders from virtually everywhere in the world routinely attempt to break into unprotected systems via the Internet. Once in, they may modify, steal or even destroy your data. But with the right combination of software, policies and education, your chances of suffering a catastrophic loss are greatly diminished.

Antivirus software
Several forms of malicious code are used to attack computers, wreaking havoc on systems and slowing down productivity. The simplest method of protection is to eschew opening e-mail attachments from unknown or unreliable senders or downloading software from unreliable Web sites.
Question all e-mail attachments before automatically opening them. These days, there is no excuse for not having up-to-date antivirus software installed and operating on workstations, servers and e-mail gateways.
It's important to remember that although antivirus software is useful and effective in detecting many of the known viruses, it must be updated regularly to maintain that effectiveness. When choosing an antivirus product, be sure that it's ICSA Labs-certified. According to company's Web site, the ICSA Labs' Product Certification Program provides assurance to the user community that antivirus products attaining the rating reduce security risks caused by viruses and other malware to a level that's consistent with a set of publicly vetted and industry-accepted criteria. The Web site also has a list of ICSA-certified products.

Personal firewalls
With the exception of the built-in Windows XP firewall, which filters only incoming traffic, most personal firewalls today are bidirectional and monitor traffic heading both to and from your computer. Having a personal firewall allows your system to block malicious programs (rootkits or