I thought I may have something to add, these two did jump out at me though.

5. The only place I?ve seen a network admin actually granted the authority to apply real security outside of influence from job titles was on a military base. Civilian business still doesn?t ?get it? when talking about security. Worse still, try and convince managers already uncomfortable with there workstations that working in a secure manner does not have to be at the expense of getting work done.

10. I liked this one too. Here are all our admin passwords and security related information hidden away on this publicly accessible website subfolder. In the case of the university I attended; if you need to access the campus Wifi, simply walk past the computer labs and read the super-secure network name and router password off the banner posted beside each lab door. There?s a MAC filter on the router so it should take anyone motivated about two minutes longer since they?ll have to spoof.