As a security professional at a Fortune 500 I can tell you that few security professionals in a mature enterprise want to spend the resource hours to police where you keep your passwords. It’s a wasted investment. I’d rather give you better options & make doing “the right thing” (more appropriately, “the more secure & effective process”) easier for all users.
Moral: incentivize the behaviors you want.
DOD says “no más” on commercial cloud, puts brakes on $450M contract | Ars Technica
Interesting choice. One of the most security-minded agencies in the government has so little appetite for the cloud that it’s not going to use $450 million dollars that have already been approved & allocated.