ClickOnce deployment is another area where Code Access Security needs to be kept in mind. ClickOnce deployments will often be used to deploy Visual Basic .NET (or hybrid Interop Toolkit) applications from a website or network file share. In these cases, the applications don't get the standard Full Trust permissions in CAS. Instead they get the more limited Internet Zone permissions. As a developer, you will need to ensure that your application can run successfully with this permission set. Visual Studio can help out here, so rather than having to mess around with your security policy while you're debugging, Visual Studio can set up a debugging session with the required permissions (look on the Security page of your project properties to see how to configure this behaviour).
If the set of permissions granted to the Internet Zone aren't sufficient then you have two options:
Option 2 is obviously to be preferred, but needs a bit more work to get set up.