We have talked about all kinds of security software and devices required to protect an individual as well an organization. But they alone cannot protect an organization till there is a process to safeguard the organization. Administrators and management should ensure that employees in an organization adhere to all kinds of processes needed to secure the organization. 

Here is a checklist that administrators should keep in mind:

• The operating system should be patched regularly.
• Administrators should keep an eye on security bulletins and accordingly update patches.
• Administrators should make sure that employee in an organization does not use software that is not allowed.
• Sometimes, for very small organizations and start-ups, buying commercial software may not be cost-effective but, eventually, they also need to protect themselves. So administrators should be trained to configure open source software such as cuckoo and snort and they should learn to deploy rules available publicly. 
• Antivirus signatures should always be updated.
• IPS, IDS, and firewall rules should also be updated regularly.
• Any kinds of services that are used by clients, such as your websites, should be properly tested for vulnerabilities so that exploits are not hosted.
• Data should be regularly backed up.
• Administrators should set access controls properly, that is, who are the people authorized to access certain data.
• Employees should be trained against all kinds of attacks.