An oft-overlooked aspect of any security practice or policy is its usability. Do the checks and controls added for the sake of security make the system harder for end-users to do their jobs? An unusable system will never be fully implemented and will fail to secure even the simplest of platforms.