Customers have often asked why we ask for an Remote Service Access Agreement (RSAA) on a per-ticket basis versus on a per-account basis. There are a number of reasons why we have this policy:
- Customers with multiple servers can have different login access to those servers: different usernames, different passwords, etc. Apart from the difficulty with managing this within our management systems, these logins and passwords can change, requiring constant management and oversight by both the customer and SmarterTools.
- Servers can have different purposes, different software installed (all SmarterTools products can run alongside other software without issue), different responsibilities and, therefore, different access levels. Again, this is problematic for both the customer and for SmarterTools as it requires constant oversight.
- Different departments -- both at the customer level and at the SmarterTools level -- may have, or may require, access to the servers. Managing group policy, and group access, to a server is a balancing act as it is, and there's no reason to add another group that requires management.
All of these make requiring one RSAA per ticket, versus having blanket RSAAs, the most logical solution.
In addition, there are other benefits such as removing access once a ticket is closed. Having "always on" access to a server, regardless of whether it's with an IT company or a software provider, is never a good idea from a security standpoint as it is just another point of potential failure should the server be targeted. Therefore, using temporary accounts that are removed once a ticket is closed is a much safer and more secure way of managing your infrstructure and providing access to a service provider.