For each repository in use, review inactive user accounts (members that left the organization, etc.) and remove them.
Set the minimum number of administrators in your organization.
Use the built-in setting to set the enforcement of Multi-Factor Authentication for each member of the organization.
For every repository in use, set two administrators.
Set strict base permissions for the organization repositories — either “None” or “Read.”
Verify the organization’s domains and secure a “Verified” badge next to its name.