This page is not intended as a comprehensive guide, but illustrates a few of the problem areas that I have routinely had to address, some suggested solutions and sources for more information.

There are two main ways that the data on your computer can be accessed by others, direct access where someone gets to sit at your PC and browse through your files and perform almost any action and remote access via a local network or the internet. The first tends to get overlooked in many discussions of computer security issues but it is important to prevent unwanted casual access to your computer whether it's your children at home or the cleaner at the office. If your computer holds commercially sensitive data you should also consider the consequences if it were to be stolen.

Preventing unwanted direct access to your computer

Screensaver password protection

Set up a screensaver to activate when the computer has not been actively used for a period of say 5 minutes, and password protect it. Whatever work you are in the middle of, if you walk away to deal with something else the computer will soon hide it from the casual observer and prevent them from accessing your system.
You can set up a screensaver from the Display Settings Control Panel.

Password security for Windows 9.X
When you set up Windows 9.X or add a Windows 9.X system to a peer-to-peer network, you may be asked to create a username and password to use to identify yourself and (presumably) to restrict unwanted access. Unfortunately the security offered by this type of password is very weak. For instance, you can simply press the Escape key when being asked for your password to gain access to the computer. In the absence of a Windows NT/2000 server to validate the password and reject unidentified users there is no point in having the password dialog pop-up when you start Windows.
To prevent this dialog appearing, change your Primary Network Logon to Windows Logon in the Network Control Panel, then set a blank Windows password via the Passwords Control Panel.

Add a BIOS level password for Windows 9.X
A BIOS user password can prevent someone gaining access to your system by simply rebooting it. Used with a screensaver password this will provide adequate security for Windows 9.X standalone systems or those on a peer-to-peer network.
You can set the BIOS password from the configuration utility that is available when you boot your computer. Access to the BIOS differs from system to system, but typically you need to press a particular key such as F1 or DELETE as the computer starts up. There should be a message during the boot sequence that details the available options.
Note It is usually possible to reset the BIOS password by removing the internal battery that retains your BIOS settings and thus gain access, however it would be evident that someone had tampered with the computer so this would not be classed as a casual event.

Preventing unwanted remote access to your computer
As well as the threat posed by viruses, your computer may be under siege whenever you connect to the internet. It is possible to set up Windows in such a way that makes your computer relatively secure, but there are also plenty of opportunities for software to undermine your security by providing a route for data to flow in and out of your computer without your knowledge. Firewalls provide a way of restricting and monitoring which programs are connecting to the internet and the routes they use. By limiting the programs which may connect to your local network and/or the internet it is possible to reduce the risks of malicious data traffic.

It is important to keep up-to-date any software that you do allow to access the internet to minimise the risk that it can be subverted. I recommend BigFix to help in this task as it will let you know automatically when updates become available.

Personal Firewalls
The Kerio Personal Firewall seems to be a clone of Tiny's (see below) at the version 2 stage. I've not had a chance to test it but the interface looks almost identical.
More info:
Tiny Software's Personal Firewall is an alternative to ZoneAlarm with detailed monitoring but a less intuitive interface. Version 2 was provided free (for personal use only) and is still available from various shareware archives such as ComNetbut is no longer supported. The commercial product has since moved on to version 4.5 (last time I checked).
More info:
ZoneAlarm still has a free for personal use offering here. It's probably the easiest to set up and is the one I use at home.
More info:

Security Sites
GRC's Homepage For more information on online security issues take a tour around Steve Gibson's site. In particular check the Shields UP!! pages for an analysis of any flaws in your current set-up.
More info:
Drop in here for an online security check from Microsoft. This site can help ensure you are up-to-date with the latest security patches and that your system configuration is relatively secure.
More info: Free tools and security advice.
More info: