Mitigating the Identity Risks of Ex-Employees' Accounts

According to CISA, a threat actor recently gained access to a US government organization’s network using a former employee’s administrative login credentials. 

By using compromised credentials, the attackers were able to access an internal VPN and the on-prem environment and execute LDAP queries on a domain controller. 

So, how can you mitigate the identity risks of ex-employees' accounts?