SecuGuard Ltd. has recently enabled Cloud Identity to manage its user accounts and has also configured its Google Cloud Organization . The security team now wants to secure all projects within the Organization by preventing IAM users outside the company’s Cloud Identity domain from being granted permissions moving forward. What is the most appropriate action to take?