An organization hosts an app on EC2 instances which multiple developers need access to in order to perform updates.
The organization plans to implement some security best practices related to instance access.
Which one of the following recommendations will not help improve its security in this way?

A. Disable the password based login for all the users. All the users should use their own keys to connect with the instance securely. B. Create an IAM policy allowing only IAM users to connect to the EC2 instances with their own SSH key. C. Create a procedure to revoke the access rights of the individual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration. D. Apply the latest patch of OS and always keep it updated.