Assign all users a unique ID before allowing them to access system components or cardholder data.