Disabling direct root login to your VPS is almost a must!
Why? It makes it easier for an attacker to try and determine who priviledged user is.
Basically, you add a new user, and give him priviledged access. In some cases where you need to run commands as root, you can just use " su -" to get root access, or even run command as "sudo {command name}".
To setup sudo & a priviledged user, we suggest the following article on the CentOS Wiki