You Just Got An AWS Security Audit… Now What?

So you successfully ran Trusted Advisor, Scout2, Access Advisor, or hired an external firm to audit your AWS accounts? You found that the co-founder is still logging in using root keys and that you have security groups allowing access from the internet. Not to mention the 20 developers offshore that are sharing the same IAM user and access keys. Oops!