Most people take proper precautions only if they are required to or if compliance is audited. The most common mistake is not involving experienced security personnel in the initial planning of the offsite meeting, conference or corporate move. Early involvement allows a security practitioner to educate and advise planners as to issues that may put sensitive information at risk. A CSO can then advise alternative ways to avoid or mitigate the potential of exposing sensitive information to loss. Another common mistake or oversight is to not adequately educate all contractors, subcontractors, vendors and suppliers.”]
Source: https://www.csoonline.com/article/2116468/ip-precautions.html