This can be very tricky. One of the huge benefits of consultants is that they can look at an environment from a different perspective, or at least with a fresh set of eyes.
As consultants are not an option, though, there are a couple of things you can do. One is look at other deployments being publicly discussed and compare and contrast them with your own environment. This allows you to compare your enterprise with those of your peers and identify possible ways of improving things.
Alternately, go through a thought exercise in which you redesign the environment to your dream specifications, as if cost or business concerns didn't interfere. You can then again compare what you'd have in an ideal world with what you have today and see if any of the differences are ones you can implement.
A third option is to hand your architectures to members of your own team or a related team (someone from networking or servers or engineering, for example) and ask how they'd do things differently.
For more information:
Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments
Related Q&A from David Mortman
PCI DSS audits can be a lot easier if the scope is narrow. Learn how to consolidate and store sensitive data in order to best reduce PCI DSS security... Continue Reading
When hiring an information security team member, how important is a certification in information security? Learn how to talk to executives about ... Continue Reading
Learn when Social Security numbers can be used for patient identification without violating HIPAA patient confidentiality requirements. Continue Reading