1. Disabling security software: Before you deploy any piece of hardware, you ensure the firewall is enabled, anti-virus software is installed, and all other measures are in place. Yet, this can all be for naught if a user decides to disable them.
2. Neglecting to install updates: In many instances, patches can be pushed out to client machines automatically; but for those of you still relying on your users to apply updates when a vendor requires it, you're left wishing on a star.
3. Downloading software from the Internet: These rogue users view the preinstalled software on their boxes as a mere starting point. They download at will, inviting all manner of miscreant to take up residence on your precious network.
4. Opening attachments: File attachments are nasty business. They may contain viruses designed to pilfer information and otherwise wreak havoc on your network.
5. Using weak passwords: Granted, all passwords are crackable, but that's no excuse to make it easy. Easily guessed passwords provide intruders with a clear entry point.
6. Losing hardware: Laptops, smartphones, and thumb drives not only contain sensitive information and intellectual capital, but could open the door to further plunder.
7. Sharing laptops or cell phones: As users are more mobile they could be inclined to share devices with children or spouses. Unfortunately these valued family members probably haven't reviewed your corporate security policies.
8. Surfing the Web in risky fashion: Visiting untrusted or insecure Websites can expose your network to whatever malware lie in wait.
9. Succumbing to social engineering attacks: Even well meaning, security-conscious users have been tricked out of their network credentials with increasingly sophisticated phishing schemes.
10. Connecting to unsecure Wi-Fi hotspots: Recent media coverage of the Firesheep application confirms that it is possible to intercept data sent in clear text over unsecured Wi-Fi hotspots.