Manage user roles
- Last updated
- Save as PDF
Who is this article for?
CrashPlan for Small Business, no.
Code42 for Enterprise, yes.
Link: Product plans and features.
Overview
This article describes how to remove or assign user roles to specific Code42 accounts so you can set up role-based access control for your Code42 environment. Managing who has access to Code42 resources is an important security aspect of any Code42 environment.
Code42 includes a pre-existing set of user roles or privileges that can be applied to user accounts. These built-in user roles include a fine-grained set of permissions to ensure users only have access to the resources they need. This article includes a comparison of each of the roles to help you determine which roles fit your policies.
Considerations
Only users with the Customer Cloud Admin role can assign roles to other users.
Assign role to specific user
To assign a role to a specific user, follow the steps below.
- Navigate to the User Details view.
- From the Action Menu, select Edit.
- Select the Roles tab.
- From the Available Roles list, select the role you'd like assigned to the user.
- Click the right facing arrow to add the selected role.
- Select Update User to save your changes.
Roles reference
The available standard roles, as well as the permissions, limitations, scope of permissions, and recommended use cases for each are described in the table below.
For details about the specific permissions held by each role, review them in your administration console. To access role information, select Users > Active, click a user row to open the user details page, select Edit from the action menu in the upper-right corner, and then click the Roles tab.
| Role | Permission Summary | Limitations | Scope of permissions | Recommended Use Case |
|---|---|---|---|---|
| Admin Restore |
Administrative End user
|
No access to the administration console or Code42 app
|
All organizations | Assign in conjunction with a role that has access to the administration console and Code42 app. For example, PROe user and Desktop User. |
| Admin Restore Limited |
Administrative
End user
|
|
All organizations | Assign in conjunction with a role that has access to the administration console and Code42 app. For example, PROe user and Desktop User. |
| Alert Emails |
Administrative
End user
|
All organizations | Organization administrators who monitor the frequency and success of backup operations for their users' devices. | |
| Cross Org Admin |
Administrative
|
|
All organizations | Administrators who manage users and devices in all organizations and who need to restore files for users |
| Cross Org Admin - No Restore |
Administrative
|
|
All organizations | Administrators who manage users and devices in all organizations but should not restore files for users |
| Cross Org Help Desk |
Administrative
End user
|
|
All organizations | Help desk staff who assist others in all organizations, but not change any settings |
| Cross Org Help Desk - No Restore |
Administrative
End user
|
|
All organizations | Help desk staff who assist others in all organizations, but who do not change any settings or restore files |
| Cross Org Legal Admin |
Administrative
End user
|
|
All organizations | Legal personnel who place custodians on legal hold and administer legal holds for the entire Code42 environment, and who need to restore files for users |
| Cross Org Manager |
Administrative
End user
|
|
All organizations | Executive users who need statistics, but not technical details, about all organizations |
| Cross Org Security Viewer |
Requires Security Center User role
End user
|
|
All organizations | Information security personnel who need to retrieve information from devices that use endpoint monitoring in all organizations |
| Cross Org User Modify |
Administrative
End user
|
|
All organizations |
Help desk staff who manage users, but not devices or organization settings.
Assign in conjunction with a role that has access to the administration console (such as Cross Org Help Desk.)
|
|
Administrative
|
|
All organizations | Administrators who need administrative privileges for the Code42 environment | |
| Desktop User |
Administrative
End user
|
Cannot interact with other users' data or change settings in your Code42 environment | Assigned user | End users in your organization |
| Desktop User - No Web Restore |
Administrative
End user
|
|
Assigned user | End users in your organization who do not need to perform web restores |
| Multi-Factor Auth Admin | Permissions to view and edit the settings for two-factor authentication for local users. |
Does not directly grant access to view or manage users and organizations.
Use this role in addition to an administrative role such as Org Admin. |
The user's organization and its child organizations |
Administrators who manage user authentication within a specific organization. |
| Org Admin |
Administrative
End user
|
|
The user's organization and its child organizations | Administrators who only manage users and devices within a specific organization |
| Org Admin - No Web Restore |
Administrative
|
|
The user's organization and its child organizations | Administrators who only manage users and devices within a specific organization and who should not perform web restores |
| Org Help Desk |
Administrative
End user
|
|
The user's organization and its child organizations | Help desk staff who assist others within their organization, but not change any settings |
| Org Help Desk - No Restore |
Administrative
End user
|
|
The user's organization and its child organizations | Help desk staff who assist others within their organization, but who do not change any settings or restore files. |
|
Org Legal Admin |
Administrative
End user
|
|
The user's organization and its child organizations | Legal personnel who need to place custodians on legal hold and administer legal holds for the entire Code42 environment, but who only need to restore files from users within their organization. |
| Org Manager |
Administrative
End user
|
|
The user's organization and its child organizations | Executive users who need statistics, but not technical details, about their organization (not the entire Code42 environment) |
| Org Security Viewer |
Administrative
End user
|
Cannot change settings in the organization | The user's organization and its child organizations | Information security personnel who need to retrieve information from devices that use endpoint monitoring. |
| PROe User |
Administrative
End user
|
Cannot access other information or functions of Code42 for Enterprise |
Assigned user | End users in your organization |
| PRO-Online Admin | For CrashPlan for Small Business only. Do not use. | |||
| Push Restore |
Administrative
End user
|
Cannot add/deactivate users, organizations, or devices | All organizations | Help desk staff who assist others with restoring data. Assign in conjunction with a role that has access to the administration console. |
| Remote File Selection |
Administrative
End user
|
Cannot add/deactivate users, organizations, or devices |
All organizations | Help desk staff who monitor backups. Assign in conjunction with a role that has access to the administration console. |
| Security Center User |
Administrative
End user
|
Does not directly grant access to view or manage other users. Use this role in addition to an administrative role such as Org Admin. |
The user's organization and its child organizations | Information security personnel who review information about devices that use endpoint monitoring. |
| User Modify |
Administrative
End user
|
|
The user's organization and its child organizations
|
Help desk staff who manage users, but not devices or organization settings.
Assign in conjunction with a role that has access to the administration console (such as Org Help Desk.)
|