An interesting article in Washington Post describe how to increase the IT security, the answer is simple:
Do not use windows
This is knowledge that is well known to most people in the IT industry, the interesting part is that this knowledge is now being transfered to common people and an article in Washington Post reflect this.
Another part is that a whole industry is built up around securing windows environment. This is mostly done by adding more and more complex infrastructure components that makes the problem even worse.
A simple comparison could be done:
If you are in pain because of a broken leg. Is the solution to eat painkillers or to go to the doctor and get a plaster bandage? Painkillers are easy to apply, just swallow them. The plaster is uncomfortable and makes it hard to do what you want. The short term solution is painkiller, the long term solution is fix the root cause of the problem, fix the broken leg.
Continue using windows for business critical solutions and protect it with "patch tuesday", antivirus, rootkit scanners and so on. That is eating painkillers. Remove the vendor lock-in software, that is the long term solution.
A good example of that it is possible to write secure software is OpenBSD where the approach to software development is focusing on security and as they claim on thier homepage "Only two remote holes in the default install, in a heck of a long time!".
