System administrators and accountability
System administrators (sys admins) perform a very important role in any corporate network. They are the first line of defense and all to often also the last line. This then begs the question of are they being held to account? By this I mean, is the sys admin being given the proper guidance in what is expected of them, and then the supervision to ensure they are doing so? All to often corporate networks are rooted by old exploits, or conversely by relatively new ones. The sys admin responsible often says they did not think, or were too busy, to check the vendor site for patches. That is an unacceptable excuse of course. With this scenario in mind you may want to include in the sys admin’s duties daily checks of the vendor sites for patches. That simple step would go a long way towards ensuring the safety of your networks.