Make sure your users follow these simple procedures.

•   Trust no one.
Most users are infected by attachments sent, or seemingly sent, by people they know and trust. Scan every incoming document.

•   Disable/remove Windows Script Host (WSH).
Microsoft added WSH to later versions of Windows and Office to bring a DOS-like macro language to its GUI platforms -- functionality sorely missed since Windows 3.x days. Unfortunately, WSH includes no security, and any e-mails containing scripting commands can damage your system. (Remember the ILOVEYOU worm.) Renaming WSCRIPT.EXE as WSCRIPT.EXX is an easy way to disable WSH.

•   Don't open files with embedded macros.
Newer versions of Microsoft Office warn you if a file you're opening contains a macro, but unless you expect a document to contain macros, disable them when you open it.

•   Decrease the amount of active content in your browser.
Netscape and Microsoft browsers let you select the amount of active content and scripting that can tap into your system. Restrict the amount of active content that can access your PC from untrusted sites. At minimum, make sure your browser prompts you if a site attempts to run any executable items.

•   Don't let Windows hide file extensions.
Hiding file extensions in Windows is an open invitation to disaster. It's safe to open nonexecutable file content such as graphics and sound files, but if the extensions are hidden, what you think is a graphic may be an executable in disguise. In a directory window, select View/Folder Options and uncheck "Hide file extensions for known file types."

•   Know thy system.
Understand which programs, processes, TCP/IP ports, and drivers are active on your system. Be aware of what takes up the most resources and what's running in the background.