said by slajoh01:Good idea, provided everyone has 2 PCs.
Well, here my rule of thumb...
I think one should set up two PCs one with sensitive data on it which would NOT connect to the outside world except within inside a corporate network. In addition, not to allow ANY kind of USB sticks, DVDs on that PC and I would disable USBStore. And use full HDD encryption.
One PC, for general use.