A third-party application requires a service account key to function correctly. When attempting to export the key from your Google Cloud project, you encounter the error: "The organization policy constraint iam.disableServiceAccountKeyCreation is enforced." How can you enable the third-party application to work while adhering to Google's recommended security best practices?