Windows IT people everywhere owe thanks to Dr. Mark Russinovich, now a Technical Fellow at Microsoft and his less-famous partner Bryce Cogswell. Russinovich is famous both as an author, making the technical details of Windows accessible to the rest of us who dare to think we are technical, and as a programmer writing utilities that give us better command of Windows and teach us about it at the same time.
A recent video interview with Russinovich spent quite a bit of time talking about security. I don't necessarily agree with everything he has to say, which has me re-examining my beliefs, since I have so much respect for what he has to say. The interview is 42:39 long, so I'll relate the security-related parts here, but I certainly recommend watching it yourself (or just listening as there isn't much in terms of visual action).