Microsoft patches for all MS operating systems are currently being released at the rate of about 15-20 per month. These patches address specific vulnerabilities in Microsoft Server and Desktop OSs as well as the Microsoft Office Suite. While the majority of these updates pose no compatibility risk in most environments, they must still be verified beforehand and approved based on the severity of the vulnerability.
Security on the corporate WAN can be hardened by periodically reviewing firewall/intrusion prevention logs and taking proactive measures to prevent false positives.
Constant review of backups is required for obvious reasons. Data loss should never be a concern. Analyze data backup/recover practices. Determine whether they are well documented, implemented and tested. Analyze disaster recovery plan and determine vulnerabilities and omissions. Examine relationships with third-party vendors to identify potential sources of risk in case of catastrophe.
It is essential to keep all documentation of information systems up to date. Falling behind in documentation will slow down the troubleshooting process. There is no worse feeling for a network administrator than having unknowns on the network.
Daily/Weekly review of logs is required for obvious reasons. No explanation needed.
ACTIVE DIRECTORY MANAGEMENT
The purpose of Active Directory is to keep all objects (users/computers) in the enterprise organized into organizational units (OU). A standardized naming convention is part of this organization. OUs will be created for each location/department and PCs should be moved into their corresponding OU once added to the domain.
Routine maintenance of servers should be done, including defragmentation, disk space monitoring, event log monitoring, etc.
A comprehensive budget should be prepared each year and submitted to management. This budget should not only include monthly/yearly renewals for support services, but should also include estimates for any hardware/software replacements that might happen throughout the year.
Analyze data security measures and determine vulnerabilities; Network security measures; Database security measures; Platform security measures; Application security measures; Employee file permissions, password policies; physical access to critical assets; analyze change management policies and procedures.
Company data/email should be monitored and quotas enabled if necessary. It is the responsibility of the systems administrator to work with users on archiving old email to keep Exchange Information Stores running at optimal levels.