Role-Based Access Control in the Management Console

True Protection by Jag implements role-based access control (RBAC) in the Management Console to ensure that administrators have only the permissions they need. This follows the principle of least privilege and reduces the risk of accidental or unauthorized configuration changes.

Default Roles

Super Administrator: Full access to all console features, including user management, billing, and organization settings.
Security Administrator: Can manage policies, view reports, respond to threats, and configure protection settings. Cannot manage users or billing.
Helpdesk Operator: Can view device status, run remote scans, and view basic reports. Cannot modify policies or settings.
Auditor: Read-only access to all reports, logs, and compliance data. Cannot make any configuration changes.
Device Manager: Can enroll and remove devices, assign devices to groups, and view device details.

Custom Roles

Step 1: Navigate to Settings > Access Control > Roles.
Step 2: Click Create Custom Role.
Step 3: Name the role and provide a description.
Step 4: Select permissions from the available list, grouped by feature area.
Step 5: Save the role and assign it to users as needed.

All role assignments and permission changes are recorded in the audit log. Administrators can review who has access to what at any time under Settings > Access Control > Audit.