There are two basic approaches to providing security on a Windows computer. These are reflected in the various security packages available.
Each method has its strong points and weaknesses, and many security programs offer a combination of the two approaches to bridge the gap:
The weak point of providing security at the user interface level is that if a user can get past the protected interface the computer is completely vulnerable. The security software must protect against all possible methods of bypassing the user interface, and there may be many such methods. For example, simply renaming command.com to another name may provide access to the DOS C:\ prompt.
The weak point of protecting the computer at the hard disk level is that a Windows computer is not designed with this type of protection in mind. The Windows operating system or a program (such as Netscape) may not operate properly if the hard disk is protected. For example, Netscape version 3.0 expects use of the Windows\Temp directory. If this is protected (by protecting the Windows directory tree), Netscape will simply not run without any error messages. These types of problems can be very hard to resolve.
The strong point of using security that protects at the user interface level is that it is typically easier to setup than hard disk level security, and, in general, less likely to conflict with Windows and your installed software. Hard disk level security will probably provide better security, but will require quite a bit of trial and error, and require more technical skill.