There isn't a single perfect answer to this. Whatever you do don't listen to people that will bring OS (Operating Systems) debates as an answer. A good Windows admin can kick a bad Linux admin's butt any day..and vice-versa. Its really a question of maintenance. You need to make sure that someone is in charge of making sure that all your points of failures are updated on a regular basis. You need to keep a close eye on sites like (http://www.securityfocus.com) for the latest threats and make sure that you're not affected by them. Keep logs of all the work you do concerning network operations. Make sure you have a decent IDS (Intrusion Detection System) ...etc... I'm sure you can find some good literature out there on the proper steps for your day-to-day operations. Personally, I think the most important part is user education. I cannot stress this enough. No matter what steps you take to ensure your network is safe, it only takes 1 clueless user to install a Trojan. So you need to be up-to-date on "social engineering" tactics and enforce appropriate policies in your workplace. For example: this place where I was working at had decent admins and systems in place. However, all it took for someone to hack into the network was for 1 (stupid) user who decided one day to connect a wireless router at his desk so that he could move around the office with his laptop and PDA... get it? There are great books out there, and I strongly urge you to take a look at works by Kevin Mitnik (http://en.wikipedia.org/wiki/Kevin_Mitnick). Hope this helps.Good luck!