are there any industry standards for bot user account security when people request access for those bots to have access to secure information? Or any suggestion on a policy? We’re trying to make a policy for bot accounts that need access to information users who use the bot would t typically have. And what approval process tends to look like?
Also policy for how to share a bot account and who takes responsibility, ie password manager etc.