Remote Monitoring & Management Help

Dashboard User Management - Roles and Permissions

During the Dashboard setup a default Agent Key user with full system's access is created. From a security, confidentiality and accountability standpoint it is not ideal for all users of the Dashboard to login with the same set of credentials (and by extension, same level of permissions) so we have included the ability to create as many Dashboard users as required for both Staff and Client roles.

Dashboard users are managed from Settings, Users, User Accounts when logged to the Dashboard under an account with Users permissions enabled (for example SuperUser)

This User Account dialog contains a number of options, add, edit ordelete users, manage their level of access through Roles and Permissions and assign the Client Groups they are responsible for or have access to. As an extra security precaution the Agent Key's Dashboard access may be revoked. Once revoked this will force all users to login to the Dashboard with their own rather than the potentially shared Agent Key login.

When a new user is created they are sent a verification email with a set password link with any subsequent changes actioned by the user through the Password Reset options.

A unique login can improve Dashboard security and confidentiality, for example when combined with Roles and Permissions and Client Groups a staff user's Monitoring and Management Dashboard view may be limited to only those Clients and sections they have direct responsibility for with other Clients and sensitive information (including billing) hidden. This can prove particularly useful when restricting access for temporary or contract staff.

Please be aware that the Asset Tracking section and all Dashboard Reports (apart from the account wide User Audit Report and Remote Support Report) are Client Group aware. So users will only see Assets and Dashboard Reports that are specific to their assigned Clients; for example when selecting All Clients from a Report drop-down, this will only return the Reports for their Client Group.

Additionally unique logins can help increase accountability as the system logs any substantive actions performed by a Dashboard user in the User Audit Report (from clearing Checks, adding Checks or features to logging into the Dashboard itself), their username is also recorded against any Dashboard Notes they create.

Staff and Client Users

The system supports two overall categories of users:

User Type

Intended use

Staff

Designed for employees, this allows staff users to manage their assigned Clients on the Dashboard

Client

Designed to allow customers their own version of the Dashboard only their sites and devices and ensuring full confidentiality of the other Clients data

Before the release of Dashboard version 6, multiple Staff and one Client level user per Client were available, with selectable but non-configurable roles (Staff: Superuser, Administrator, Standard | Client: Client).

As the permissions associated with these default roles may not necessarily match the level of granularity required by the company, from Dashboard version 6 the ability to configure and apply custom Roles and Permissions was introduced,

Roles and Permissions can be used to tailor Dashboard access for each user type, including the creation of custom roles for feature specialists, the addition of billing roles for the finance team or a contractor level role with targeted permissions.

To tie-in with the release of the Roles and Permissions functionality the default System Roles were revisited and their permissions updated, for example the Administrator role was enhanced to include feature management whilst the Standard role gained additional system access. We have also retained the original System Roles, available in the User Accounts dialog and identified by the (Classic) tag.

Please note, any users created before the release of Dashboard 6 retains the same role, the only difference is to the role name which now contains the (Classic) tag. This also applies to Client users created in the Edit Client, Dashboard Access dialog. Due to the options available for a Client user created in the Dashboard Access dialog this level of role is different to the User Account's Classic Client role. Please be aware that any Client users created in the Dashboard Access dialog will remain in this location and are not transferred over to the User Accounts dialog.

In addition to the role, a User's Monitoring and Management Dashboard view can be restricted to specific customers by the use of Client Groups. The use of the Client Groups is not only useful when creating Staff level logins, as they ensure that the technicians only focus on those Clients they are assigned to, but in the case of Client level logins they are a vital step in ensuring confidentiality and that the customer only sees their own Dashboard and devices.

The following chart displays the selectable System Roles in the User Accounts dialog and their intended use:

User Level

Selectable System Role

Intended use

Staff

Superuser

Superuser (Classic)

Full access to all areas of the Dashboard

Administrator

Administrator (Classic)

Access to all features except for user management and billing information.

The new Administrator role offers more access than the ‘Classic’ Administrator role, for example it can roll out features.

Standard

Standard (Classic)

General day-to-day feature user, without the ability to set feature policies or roll out feature access.

The new Standard role offers more access than the ‘Classic’ Standard role in terms of feature usage.

Client

Client

Client (Classic)

Basic Dashboard access to specific Client : Additional management and view options available

More detailed information on each user types is available in: Dashboard Permissions and Privileges

Although the username and password of the Agent Key may be changed, the Agent Key is a non-selectable role.

What do you want to do?