Access Control[Mandatory]

SSH login for root user must be disabled and a dedicated user with sudo access for CI/CD pipelines and automation must be created and used. All users must use passwordless authentication to access the servers. User access to software and database must be configured to allow strict access to software and database needed by their applications only.