Outside of instance-level security measures (SSL, subdomain isolation, configuring a firewall) that a site administrator can implement, there are steps your users can take to help protect your enterprise.
The audit log dashboard shows site administrators the actions performed by all users and organizations across your enterprise within the current month and previous six months. The audit log includes details such as who performed the action, what the action was, and when the action was performed.
By default, a user account is considered to be dormant if it has not been active for 90 days. You can configure the length of time a user must be inactive to be considered dormant and choose to suspend dormant users to release user licenses.