Knowing me, knowing stuff I shouldn't

With due deference to El Reg's BOFH, let me tell you about some things that have been going on at work.
I'm participating in the KM project, an initiative to improve knowledge sharing largely through a portal (aka intranet) through which you can find relevant documents and people from the constituent companies in our recent merger. I've been drafted in to give the initiative some direction and some impetus; in other words a kick up the backside, though I may have mistaken this location with the teeth.
So today the portal was launched. Shortly afterwards, Client Partner (basically a sales director) comes back and says:

CP: I can access all the staff salary information on the portal.
Me: It's not on the portal. That's the point, it's a portal. It's just showing where you can access it on the file server.
CP: It's a disgrace. The portal's broken. It must be closed down at once.
Me: If I close the portal down, you'll still be able to access the salary information. You need to change permissions on the file server.
CP: Are you questioning me?
Me: Look, I can stop people finding this through the portal, but you're not solving the problem. You have a problem on the file server that existed before the portal did and will exist afterwards. Anyone with a mapped network drive can search using Windows search and find classified data. You need to fix this.
CP: Bring the portal down.
Me: Ok, so there's two-year old salary information available. Is that so important?
CP: It's a security risk. The portal shouldn't be able to access this information.
Me: I agree, but the search index runs as if it were any employee, so if the portal can access the data, so can anyone else. We checked with your office what should be indexed and they told us to index these folders. We have, now it's broken don't blame us.
CP: Well you obviously didn't check or we wouldn't have the problem.
Me: Here's the email that says index all the folders from your office. By the way, this problem doesn't exist for any server at any of the other offices. Doesn't that point to the problem being in your office rather than with the search tool?
CP: That's because you're from the other two offices and you don't understand how we have things set up.
Me: That's why we asked you what we should index the first time. Fine, we'll start again. We'll bring down the intranet, send you a list of all the folders that we index, you can tell us which to exclude, we'll reindex the server.
CP: I'm glad you've seen sense.
Me (to developer): Change the CP's profile so that every time you hover over their name, an appropriate message appears.

Obviously this is a stylised representation of fact, with CP representing a conglomerate of dickheads. If it had been just one idiot instead of half a dozen it wouldn't have bothered me so much.