Which Security Controls Are Least Favorite to Implement?

The author of the post asks users which security controls they least enjoy implementing, referring to the CIS top controls or any other list. The author personally mentions that anything related to permissions is always difficult to implement because users often feel they don't have enough, and it becomes even more complicated when permissions need to be removed to apply the principle of least privilege.