should be usedto manage authentication of shared accounts whenever possible, since Okta has individual user activity logs; these logs help provide a compensating control to mitigate the risk associated with shared account access.
policy exceptionis required to track this shared access. A process for the lifecycle of the access and a mechanism to alert the appropriate teams when authentication credentials must be reset (e.g., email alerts, an issue, calendar event, etc) should be established.
Security Process and Procedures for Team Members- Accounts and Passwords
Access Management Process