For unmanaged accounts that are leveraged for purposes similar to add-on accounts, admins have no way of enforcing security policies.
In contrast, for managed accounts, admins have no method to bypass SSO initiated logins.
Allow Org Admins the ability the option to configure a managed account to use conventional SSO settings or force authentication against id.atlassian.com but still enforce security policies.
As a Site-admin, its not feasible to establish and maintain local service accounts for a few reasons:
1. Users that login to other Cloud instances wouldn't be redirected to SSO but they would still have security policies applied
2. Atlassian Accounts creates more administrative overhead (now that we have managed accounts it can be viewed as being uncomplimentary)
3. Atlassian Accounts cannot be enforced with security policies