After multiple implementations with clients we have some comments/concerns about the current way we have to gain access to our client's environments. In order to help our clients with system setup and training we need to have access into their system. The current method we use to get into our client's SCM system is to ask for their administrator's login and password. We then use that user throughout training. We do not create users for ourselves as we do not want to take up any of the users they have licensed, and some clients only have a few available.
Both our company and our clients have raised security concerns with this process. With Intacct clients we are able to slide in user the external users, which can eventually be turned off once the clients are live. We are worried about certain liability regarding having the clients password, as this could possibly lead to security issues. Most of our client's systems are connected to Intacct, therefore does give some insight into their accounting information.
We were wondering whether there is a way to provision the system with a user, similar to Intacct's external user, that allows us to access their system with admin permissions but is a separate user than the client's user. Is this functionality you are possibly already planning or something you think can be added in the future?