I think it would be important for Huntress to set up escalations for any signings from users with global admin roles and allow us to specify expected sign-ins from certain IP addresses.

This will help identify when a user accidentally has global admin access, especially if the sign-in occurs from an unexpected IP address, which is usually suspicious.