With the transition away from profiles to permission sets, auditing your security model is more important than ever.

Principle of Least Privilege

Users should have the bare minimum access required to do their jobs. Use Permission Set Groups to manage access efficiently.

Health Check

Run the native Salesforce Health Check baseline regularly to identify vulnerabilities in session settings and password policies.