Deal with Human Component As Security Threat

Implement the principle of least privilege
Control the use of portable devices on the network
Trust employees, but not too much
Monitor network activity and audit who is doing what
Watch out for curious pokers into network and data security configurations
Determine your single point of failure
Physical security--no compensating controls here.