How can a company secure and audit Amazon EC2 instances by restricting inbound SSH access and managing access without SSH keys?