While his SEP is a fictional device that generates a field over things that might otherwise be noticeable, security designs apparently suffer from a similar effect. Studies have shown that people, be they users or designers, have a tendency to delegate security to others [Flechais et al., 2003], [Dourish et al., 2003]. The other entity may be technology (``Oh, the server will handle the security"), another individual (``Well, my cousin who knows more about computers set it up") or an organization (``The IT department's system administrators handle that"). This is particularly noticeable when combined with the attitude that security gets in the way of work: it seems logical that it should be handled by someone else so the user's important work is not delayed. Unfortunately, it is often not someone else's responsibility and users, particuarly managers and users with higher status in a company, may mistakenly believe it is rather than taking personal responsibility.