Administrators in multiple roles

Depending on the needs of your organization, the same administrator may be assigned to multiple roles. Administrators assigned to multiple roles must choose a single role to manage at logon.

After logon, your permissions are as follows:

  • Policy management:
    • Full policy: You can add and edit filters and policies for the role selected during logon, and apply policies to that role’s managed clients.
    • Exceptions only: You can create and manage exceptions for the role selected during logon, and apply exceptions to that role’s managed clients.
  • Reporting: you have the combined reporting permissions of all your roles. For example, suppose you are assigned to 3 roles, with reporting permissions as follows:
    • Role 1: no reporting
    • Role 2: investigative reporting only
    • Role 3: report on all clients, full access to all reporting features

In this situation, regardless of which role you choose during logon, you are permitted to view charts on the Status > Dashboard page, and report on all clients, using all reporting features.

If you are logged on for reporting only, the Role field in the Web Security toolbar indicates whether you have Full Reporting (report on all clients) or Limited Reporting (report on managed clients only) permissions.

Important: Delegated administrators with permission to Report on managed clients only, and assigned to multiple roles, will be able to view cloud application data only for their managed clients.