You'll want to have the system windows firewall and auto-updates on.
The following antivirus programs are regulars:
-MSE (MS security essentials)
Since you said "security control", you will also want to test it with different level user accounts (admin, non-admin, guest, etc..)
What I am wondering about is practical realistic setup for a Windows machine - and this is mostly about security and virus control.
I find that www.majorgeeks.com is a good resource for current advice and tools.
I agree with Mike,
Realistically, you should find some AV software on the laptop and you should be able to test it with and without any exclusions to your data or solution.
Also realistically, you may or may not find Windows 7 with the User Accounts Control (UAC) feature turned off or on. Turning it off is not recommended but turning it on can lead to some very interesting testing results. If you elect to have the UAC turned on, and you put your runtime solution and DATA within the Program Files directory, you will most certainly want to review the concept of the Virtual Store. Several years ago, Microsoft began warning that Databases should not be kept in the Program Files folders, rather in Documents or another predictable location.
If your Runtime and Data are bound to the same location, give serious consideration to installing out of the Program Files folder. As you near the roll out, continue to post your findings and questions.