For a start, antivirus software and a firewall should be installed. When browsing the Internet, use an account which does not have administrator rights. This will prevent the laptop from the majority of malware attacks, with insufficient permission to install the malware.
It's also important to configure Web browser security settings so that frequently used trustworthy sites have lower settings than other untrustworthy ones. The settings ensure that potentially dangerous browser extensions are disabled when visiting untrustworthy sites.
Behaviour is also important in preventing infection. Users should be educated to work safely. They should be made aware that untrusted websites, emails or even USB storage-based devices should be viewed with suspicion, and seen as potential sources of malware.
Finally use a modern operating system and ensure it is patched frequently. Modern operating systems have numerous protective mechanisms against buffer overflows, and frequent patching will protect a laptop against malware that uses the latest exploits.
Related Q&A from Richard Brain
Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ,...continue reading
Which browsers are secure enough for enterprise use, and which should be avoided at all costs? In this expert response, Richard Brain examines the ...continue reading
Google cloud applications aren't necessarily known for their security. In this expert response, learn what to watch out for when considering using ...continue reading