Good day,
I would like to review what are the best practice solutions to securing the service account when all accounts are MFA enabled.
Current Azure setup uses contitional access. A Policy is setup to require Multifactor Authentication on all user accounts (SMS, Notification Push, PIN, etc.).
The application ServiceDesk Plus (Cloud) has been added to the Exclude list (Cloud apps or actions) to insure it is still able to fetch emails, create tickets and send status/comment update emails.
This works but is it the proper way of doing things?
Note that SDP Mail server settings are set to Modern Auth
Thank you