The first line of security defense is to control access to systems. You can control and monitor system access in the following ways.
Maintain physical site security.
Maintain login control.
Restrict access to data in files.
Maintain network control.
Monitor system use.
Set the path variable correctly.
Monitor setuid and setgid programs.
Track superuser (root) login.
Install a firewall.
Report security problems.
Use the Automated Security Enhancement Tool (ASET).
Use role-based access control (RBAC) to grant users rights to perform specific system administration tasks without full superuser access.