Since it's a service account, you don't want to alter the logon hours. You may, however, want to secure what systems it can logon to. However, since the concern is that someone will use the service account to connect to SQL Server, it would already have the ability to log on to the server needing protection.