It has been said to, “Get Wisdom – It is the Principal thing”. But what is wisdom? It is the best means for the best ends or you might say it is the optimum way. This is what is meant by following best practices. Best Practices are an attempt at collecting and encapsulating the collective experience of the many great minds that have done these things before. IT best practices come in many different forms and types. It is important to notice this because it is likely that you will need to employ more than one set depending on what you are architecting and building.

IT systems and their governance structures can be rather complex and solve specific problems. There are broad best practice documents, very detailed ones and there are those that are both. In the broad best practice documents, you may find a lot of overlap and if you meet the criteria of one you may meet the criteria of several others. When you are developing and maintaining your IT infrastructure you must use best practices, refer to them often and make sure your configurations, systems, processes and governance is consistent with them. If you do, you will build faster, safer, more useful and more secure IT systems.

Note that some of these best practices are legal frameworks or contractual frameworks and you must use them if your company or industry is subject to them.

I will list a few and classify them to guide you through the most commonly used best practices today.

I will classify them with the following Labels: Legal, Contractual, Broad Framework, Detailed Framework, Nuts and Bolts; the “Nuts and Bolts” best practices define an exact way to configure a machine, software, etc. The most common ones of most concern to most people are the following (there are many more):

NIST – Detailed Framework

GDPR – Legal, Broad Framework

DISA – Legal, Detailed Framework

HIPPA – Contractual, Detailed Framework

PCI DSS – Contractual, Detailed Framework

CIS – Nuts and Bolts

Best Practices are the foundation that your architecture should be built upon.