A user access control policy
Create and enforce a customized access policy that restricts logins according to multiple criteria. Employees should be restricted to specific workstations, devices, departments and IP ranges to reduce the number of systems login credentials can access.
Any security policy should come with education on why restrictions are in place. Once users understand not only what the restrictions are, but why, they will be empowered to follow them of their own volition.