“Your highly privileged and shared accounts must be discovered, grouped for easier management, monitored and audited. Passwords must be strong, unique and rotated regularly. Furthermore, when using work services, passwords should only be entered into approved devices that can ensure the security of those credentials.”