Control: Limit and manage those who have admin privileges to change, bypass, or override your security settings.
Implement processes to manage identities and credentials for authorized users and devices. Limit access to information assets and associated facilities to authorized users, processes or devices, for authorized purposes only. Use strong passwords or passphrases to help avoid user accounts being compromised. Closely manage remote access and physical access to assets.
Train and educate users on how to protect their account credentials.
Log all access activities and continuously monitor to detect anomalous behavior such as unauthorized access attempts. Review access permissions, particularly privileged accounts and remote access on a regular cycle (i.e., quarterly) to confirm it is needed.