Over-actuated systems, namely systems with more inputs than outputs, can increase control performance, yet are susceptible to model-based undetectable attacks if the actuator channel is compromised. In this paper, we show how implementing a sparse actuator schedule can introduce security by rendering these attacks ineffective. We formulate a novel methodology whereby a periodic sparse schedule, implemented at the actuators, secures the system by ensuring that a malicious adversary cannot exploit actuator redundancy to deploy undetectable attacks. The schedule is designed offline and repeats periodically at the actuators, so that the adversary is constrained to only tamper with the active actuators. We devise a degeneracyaware greedy selection procedure with low computational complexity to design an actuator schedule that renders undetectable attacks ineffective, whilst simultaneously providing relatively small performance degradation. We illustrate the effectiveness of our approach using a reference tracking model predictive controller on the IEEE-39 bus power network employing the designed sparse schedule.