This page is not intended as a comprehensive guide, but illustrates a few of the problem areas that I have routinely had to address, some suggested solutions and sources for more information.

There are two main ways that the data on your computer can be accessed by others, direct access where someone gets to sit at your PC and browse through your files and perform almost any action and remote access via a local network or the internet. The first tends to get overlooked in many discussions of computer security issues but it is important to prevent unwanted casual access to your computer whether it's your children at home or the cleaner at the office. If your computer holds commercially sensitive data you should also consider the consequences if it were to be stolen.

Preventing unwanted direct access to your computer

Screensaver password protection
Set up a screensaver to activate when the computer has not been actively used for a period of say 5 minutes, and password protect it. Whatever work you are in the middle of, if you walk away to deal with something else the computer will soon hide it from the casual observer and prevent them from accessing your system.
You can set up a screensaver from the Display Settings Control Panel.

Password security for Windows 9.X
When you set up Windows 9.X or add a Windows 9.X system to a peer-to-peer network, you may be asked to create a username and password to use to identify yourself and (presumably) to restrict unwanted access. Unfortunately the security offered by this type of password is very weak. For instance, you can simply press the Escape key when being asked for your password to gain access to the computer. In the absence of a Windows NT/2000 server to validate the password and reject unidentified users there is no point in having the password dialog pop-up when you start Windows.
To prevent this dialog appearing, change your Primary Network Logon to Windows Logon in the Network Control Panel, then set a blank Windows password via the Passwords Control Panel.

Add a BIOS level password for Windows 9.X
A BIOS user password can prevent someone gaining access to your system by simply rebooting it. Used with a screensaver password this will provide adequate security for Windows 9.X standalone systems or those on a peer-to-peer network.
You can set the BIOS password from the configuration utility that is available when you boot your computer. Access to the BIOS differs from system to system, but typically you need to press a particular key such as F1 or DELETE as the computer starts up. There should be a message during the boot sequence that details the available options.
Note It is usually possible to reset the BIOS password by removing the internal battery that retains your BIOS settings and thus gain access, however it would be evident that someone had tampered with the computer so this would not be classed as a casual event.

Preventing unwanted remote access to your computer
As well as the threat posed by viruses, your computer may be under siege whenever you connect to the internet. It is possible to set up Windows in such a way that makes your computer relatively secure, but there are also plenty of opportunities for software to undermine your security by providing a route for data to flow in and out of your computer without your knowledge. Firewalls provide a way of restricting and monitoring which programs are connecting to the internet and the routes they use. By limiting the programs which may connect to your local network and/or the internet it is possible to reduce the risks of malicious data traffic.

It is important to keep up-to-date any software that you do allow to access the internet to minimise the risk that it can be subverted. I recommend BigFix to help in this task as it will let you know automatically when updates become available.