As our digital ecosystem evolves, so do the tactics of malicious actors. Cybersecurity is now a fundamental part of every IT administrator’s role, not just a specialized concern for security teams. In this third installment of the State of IT series, we delve into the growing threats targeting both large enterprises and smaller environments, providing effective steps that even novice IT administrators can implement to enhance their security posture.
The Expanding Threat Landscape
Today’s threats are increasingly sophisticated, ranging from ransomware-as-a-service to phishing kits, supply chain attacks, and deepfake-driven social engineering. High-profile breaches may make the news, but many attacks succeed due to a lack of basic security practices.
The misconception that only large organizations are at risk is fading. Small businesses, remote work configurations, and poorly managed environments are increasingly vulnerable to attacks. In this landscape, even the simplest IT practices can offer substantial protection.
Five Simple but Effective Steps Every IT Admin Should Take
- Establish a Baseline Security Policy
A basic security policy, even if it’s just one page, can define acceptable practices for your organization. Include requirements such as:
- Mandatory use of strong, unique passwords.
- Locking the screen after a period of inactivity.
- Prohibiting certain software or plug-ins.
Tools like Microsoft Intune, Google Workspace Admin Console, or open-source alternatives like Wazuh can help enforce these policies.
- Use Multi-Factor Authentication (MFA) Everywhere
Credentials remain the primary target for attackers. Enabling MFA on all critical accounts and systems—such as email and admin dashboards—adds a vital layer of security. For smaller teams, services like Authy, Microsoft Authenticator, or Google Authenticator are straightforward to implement and train for. - Harden the Network Perimeter
Even without a dedicated security appliance, you can:
- Disable unused ports.
- Change default router credentials.
- Segregate guest Wi-Fi from internal networks.
- Use DNS filtering (e.g., Quad9, NextDNS, Cloudflare for Teams) to block known malicious domains.
If your network includes a firewall such as Fortigate, pfSense, or OPNsense, ensure logging is enabled and alerts configured for suspicious activities.
- Secure Endpoint Devices
While EDR tools may not be feasible for all organizations, you still have options:
- Uninstall unnecessary software.
- Set devices to auto-lock after inactivity.
- Disable USB autorun.
- Use free or open-source tools like Malwarebytes, ClamAV, or OSQuery for regular endpoint scans and monitoring.
Encourage regular updates for systems and software. Automating updates with tools such as Patch My PC can alleviate some of the burden.
- Prepare for the Worst – Backups and Incident Response
Security isn’t solely about prevention; it’s also about recovery. Be sure that:
- At least one automated, offline backup exists.
- Admins know who to contact during an attack.
- A simple “what to do if compromised” flowchart is available (even in print form).
Open-source solutions like Duplicati or Restic, as well as platforms like Backblaze or Wasabi, can provide cost-effective and reliable backup options.
Bonus Tip: Create a Culture, Not Just Controls
Regardless of how advanced your tools are, human error remains a significant vulnerability. Foster a culture of security awareness by:
- Sharing quick security tips in team communications.
- Explaining the rationale behind specific security measures.
- Recognizing and rewarding secure behavior, particularly among non-technical staff.
Make security awareness engaging and relevant. Gamify the learning experience with “phishing simulations” using tools like GoPhish, and discuss actual incidents during team meetings.
Conclusion
As an IT administrator, you are tasked not only with resolving issues as they arise but also with preventing them from occurring in the first place. While security can seem overwhelming, it doesn’t have to be. By taking small, consistent steps towards fortifying your environment, you lay the foundation for long-term resilience.
Although we may not control external threats, we can manage our preparedness from within. Whether you are beginning your IT journey or leading a small team with limited resources, consistency, awareness, and a proactive mindset are crucial.
Stay vigilant, stay resilient—and continue to build systems that are worth protecting.