Abolish or strongly discourage “insecure” network protocols (telnet, ftp, rlogin/rsh, std HTTP forms for sensitive data)
Encourage or require encryption for network protocols (passwords, data streams / stores)
Attempt to abolish use of Social Security # as a unique identifier as well as as a PIN/password.
Require/encourage strong authentication (good passwords, smartcards or physical tokens, biometrics, Kerberos or X.509 certificates) particularly for privileged access and sensitive important applications.
Conduct a massive education campaign – give examples of incidents and “bad practices”.