1. After initial login always make another account thats not root
2. Remove the ability to ssh into your server. Make it rsa key login only.
Non-technical description: don’t let people use username and password for
3. If using aws make a new .perm per instance group. Por