Manage user roles

Last updated
Save as PDF
Share
1. Share
2. Share
3. Tweet

Who is this article for?

Code42 for EnterpriseSee product plans and features

CrashPlan for Small Business

CrashPlan for Small Business, no.

Code42 for Enterprise, yes.

Link: Product plans and features.

This article applies to Cloud.

Other available versions:

Version 6 | Version 5 | Version 4

Overview

This article describes how to remove or assign user roles to specific Code42 accounts so you can set up role-based access control for your Code42 environment. Managing who has access to Code42 resources is an important security aspect of any Code42 environment.

Code42 includes a pre-existing set of user roles or privileges that can be applied to user accounts. These built-in user roles include a fine-grained set of permissions to ensure users only have access to the resources they need. This article includes a comparison of each of the roles to help you determine which roles fit your policies.

Considerations

Only users with the Customer Cloud Admin role can assign roles to other users.

Assign role to specific user

To assign a role to a specific user, follow the steps below.

Navigate to the User Details view.
From the Action Menu, select Edit.
Select the Roles tab.
From the Available Roles list, select the role you'd like assigned to the user.
Click the right facing arrow to add the selected role.
Select Update User to save your changes.

Add role to user

Roles reference

The available standard roles, as well as the permissions, limitations, and recommended use cases for each are described in the table below.

For details about the specific permissions held by each role, review them in your administration console. To access role information, select Users > Active, click a user row to open the user details page, select Edit from the action menu in the upper-right corner, and then click the Roles tab.

Role	Permission Summary	Limitations	Recommended Use Case
Admin Restore	Administrative Allows users to restore data using the administration console End user None	No access to the administration console or Code42 app	Assign in conjunction with a role that has access to the administration console and Code42 app
Admin Restore Limited	Administrative Allows users to restore a limited amount of data using the administration console (configurable limit) End user None	Restore limit is configurable from organization settings (250 MB by default) No access to the administration console or Code42 app	Assign in conjunction with a role that has access to the administration console and Code42 app
Alert Emails	Administrative Receives automated backup reports and backup alerts by email. End user None		Organization administrators who want to monitor the frequency and success of backup operations for their users' devices.
Cross Org Admin	Administrative Read and write information for users, computers, and organization settings for all organizations Read and write to plans within all organizations Use the Reporting web app to view data for all organizations Perform push and web restores for users in all organizations End user Perform personal backups from the Code42 app and administration console	Limited access to the administration console command line interface (CLI) Cannot access system logs	Administrators who should manage users and devices in all organizations and who need to restore files for users
Cross Org Admin - No Restore	Administrative Read and write information for users, computers, and organization settings for all organizations Read and write to plans within all organizations Use the Reporting web app to view data for all organizations End user Perform personal backups from the Code42 app and administration console	Cannot perform push or web restores Limited access to the administration console command line interface (CLI) Cannot access system logs	Administrators who should manage users and devices in all organizations but should not restore files for users
Cross Org Help Desk	Administrative View (read-only) users and devices in all organizations Restore files to the source user's devices using the administration console Use the Reporting web app to view data for all organizations End user Perform personal backups from the Code42 app and administration console	Cannot change settings	Help desk staff who can assist others in all organizations, but not reconfigure any settings
Cross Org Legal Admin	Administrative Use the Legal Hold web app to: Create, modify, and deactivate legal holds Restore files for legal hold collection purposes (push restore) for users in all organizations Perform web restores for other users in all organizations Use the Reporting web app to view data in all organizations End user Perform personal backups from the Code42 app	No "root" level access Cannot change settings Read-only view of users, devices, and organizations	Legal personnel who need to place custodians on legal hold and administer legal holds for the entire Code42 environment, and who need to restore files for users
Cross Org Manager	Administrative View (read-only) users and devices in all organizations Restore files to the source user's devices using the administration console Use the Reporting web app to view data for all organizations End user Perform personal backups from the Code42 app and administration console	Cannot change settings	Executive users who need statistics, but not technical details, about all organizations
Cross Org Security Viewer	Administrative Use the Reporting web app to view data for all organizations Use the Security Center to view data for all organizations End user None	Cannot change settings in organizations	Information security personnel who need to retrieve information from devices that use endpoint monitoring in all organizations
Customer Cloud Admin	Administrative Read and write information for users, computers, and organization settings for the user's Code42 environment Read and write to plans within the user's Code42 environment Use the Reporting web app to view data for the user's Code42 environment View the Subscriptions screen for the user's organization or organizations. End user Perform personal backups from the Code42 app and administration console	Limited access to the administration console command line interface (CLI) Cannot access system logs	Administrators who need administrative privileges for the Code42 environment
Desktop User	Administrative N/A End user Perform personal backups from the Code42 app and administration console Perform web restores	Cannot interact with other users' data or change settings in your Code42 environment	End users in your organization
Desktop User - No Web Restore	Administrative N/A End user Perform personal backups from the Code42 app and administration console	Cannot interact with other users' data or change settings in your Code42 environment Cannot perform web restores	End users in your organization who do not need to perform web restores
Org Admin	Administrative Read and write information for users, computers, and organization settings for the user's organization and its child organizations Read and write to plans within the user's organization and its child organizations Use the Reporting web app to view data for the user's organization and its child organizations Perform web restores for individuals within the user's organization and its child organizations End user Perform personal backups from the Code42 app and administration console	Cannot read or write information outside their organization Limited access to the administration console command line interface (CLI) Cannot access system logs	Administrators who should only manage users and devices within a specific organization
Org Admin - No Web Restore	Administrative Read and write information for users, computers, and organization settings for the user's organization and its child organizations Read and write to plans within the user's organization and its child organizations Use the Reporting web app to view data for the user's organization and its child organizations End user Perform personal backups from the Code42 app and administration console	Cannot read or write information outside their organization Limited access to the administration console command line interface (CLI) Cannot access system logs Cannot perform web restores	Administrators who should only manage users and devices within a specific organization and who should not perform web restores
Org Help Desk	Administrative View (read-only) users and devices in the user's organization and its child organizations Restore files to the source user's devices using the administration console Use the Reporting web app to view data for the user's organization and its child organizations End user Perform personal backups from the Code42 app and administration console	Cannot change settings Cannot read or write information outside their organization	Help desk staff who can assist others within their organization, but not reconfigure any settings
Org Legal Admin	Administrative Use the Legal Hold web app to: Create, modify, and deactivate legal holds Restore files for legal hold collection purposes (push restore) for users within their organization and its child organization Perform web restores for other users that are within their organization and its child organizations Use the Reporting web app to view data for the user's organization and its child organizations End user Perform personal backups from the Code42 app	No "root" level access Cannot change settings Read-only view of users, devices, and organizations Cannot restore files for users outside their organization and its child organizations	Legal personnel who need to place custodians on legal hold and administer legal holds for the entire Code42 environment, but who only need to restore files from users within their organization.
Org Manager	Administrative View (read-only) users and devices in the user's organization and its child organizations Restore files to the source user's devices using the administration console Use the Reporting web app to view data for the user's organization and its child organizations End user Perform personal backups from the Code42 app and administration console	Cannot change settings Cannot read or write information outside their organization	Executive users who need statistics, but not technical details, about their organization (not the entire Code42 environment)
Org Security Viewer	Administrative Use the Reporting web app to view data for user's organization and its child organizations Use the Security Center to view data for user's organization and its child organizations End user None	Cannot change settings in the organization	Information security personnel who need to retrieve information from devices that use endpoint monitoring.
PROe User	Administrative Sign in to the administration console End user None	Cannot access other information or functions of Code42 for Enterprise	End users in your organization
PRO-Online Admin	For CrashPlan for Small Business only. Do not use.
Push Restore	Administrative Restore files from the administration console View files within backup archives End user None	No read or write access to any user, organization, or device	Help desk staff who will assist others with restoring data. Assign in conjunction with a role that has access to the administration console.
Remote File Selection	Administrative View files within backup archives End user None	No read or write access to any user, organization, or device	Help desk staff who will monitor backups. Assign in conjunction with a role that has access to the administration console.
Security Center User	Administrative Use the Security Center to view user activity detected by endpoint monitoring. Manage Security Center activity profiles. End user None	Does not directly grant access to view or manage other users. Use this role in addition to an administrative role such as Org Admin.	Information security personnel who need to review information about devices that use endpoint monitoring.

Overview

Considerations

Assign role to specific user

Roles reference

Related topics