This is important reading for everyone that owns a computer: The Ten Immutable Laws Of Security. The article has a short, non-technical discussion of each one. Highly recommended!
Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.
Law #4: If you allow a bad guy to upload programs to your web site, it’s not your web site any more.
Law #5: Weak passwords trump strong security.
Law #6: A machine is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as the decryption key.
Law #8: An out of date virus scanner is only marginally better than no virus scanner at all.
Law #9: Absolute anonymity isn’t practical, in real life or on the web.
Law #10: Technology is not a panacea.