If your app uses third-party services, they should be used in a secure manner:

* Any services used by your app should have a unique login and password.
* Apps should not share service accounts such as email or database services to manage your SaaS service.
* Only employees with administrative duties should have admin access to the infrastructure that hosts your app.