A useful writeup over at O’Reilly about the top 7 things that sysadmins forget to do:
- Forgetting to Delete a Former User’s Account
- Forgetting to Regularly Search for Rootkits
- Forgetting to Use a Trouble Ticket Tracking System
- Forgetting to Set Up Technical Documentation and Creating a Knowledge Base
- Forgetting the Risks of Flash Memory Drives
- Forgetting to Manage Partial Root Access
- Forgetting Courtesy
I’m not sure that number 5 should really be on this list, as it strikes me as more of a Security Guy responsibility and should be covered by the Security Policy (assuming you have one) but it is something to keep in mind.
Go read the detailed descriptions.