We’ve been discussing the ever-present problem of malware in our Desktop Support team meetings. We need a coordinated “Defense-in-Depth” strategy to address this problem. There is no single tool that one of us can use as a magic bullet to prevent or clean malicious software. Instead we need to define and implement a multilayered approach to prevention, incident response, and education.
Here is an interesting PDF document from Microsoft on the Defense-in-Depth concept.
…and a nice article about computing behaviors and habits that can prevent malware incidents.