What is a service account?
To secure your apps during the onboarding process we need you to provide us with a temporary ‘service account’ on your email system. Setting this up is an easy 5-minute process however it needs to be done by someone that has admin access to your mail system:
If you have admin access to your mail system – Please click the links in the ‘how’ section below and follow the simple steps. If you don’t have time, let us know by email now and we can do this for you on a screen share meeting.
If you don’t have admin access to your mail system – Please forward this article to the relevant colleague, IT department or your external IT provider requesting that they set it up for you. Copy us in on the email so they have our details in case they have questions directly.
How is it done?
You can find the simple steps to set this up here:
- If you have Office 365 Email click here
- If you have Google Suite Email click here
- If you have a local or privately hosted exchange server please let us know
Why do we need it?
We need this access so that we can do the heavy lifting without impacting on your time. Here’s what we will do:
Mail Redirection – To prevent unauthorised resetting of passwords via app websites, we centralise all password reset emails to re-route to the nominated password admin in your firm. We do this by changing a setting on your email system called ‘mail transport rules’.
Password Resets – To secure your apps we reset passwords for all nominated apps during user onboarding. This is a time-consuming process that we complete using a service account to minimise the requirement for your password admin’s time.
Federation / SAML Integration – Is a cloud security technology that protects your firm against brute force attacks. Practice Protect allows you to leverage these features. This is especially important for email and file storage apps. We will let you know if and what we will federate in your firm.
Confidentiality –We provide a confidentiality agreement at the point of sale to provide additional comfort to your firm in the delegation of this access. We do not access or view your company email outside of password reset emails.
How long do you need it for? – For mail redirection and password resets we require a service account for the duration of the onboarding process only. If federation is a requirement, a service account is required to provide this integration on an ongoing basis. When onboarding is completed we will let you know and the reverse of the above process can be undertaken by your contact.
Is there an additional cost? – Office 365 do not charge for additional service accounts. G-Suite Service accounts require a fee of approximately $5 per month which is paid to Google. This cost is only applicable during the onboarding process.