Sophos Central administration roles and their meaning
In this article, we will explain what administration roles exist in Sophos Central and how they differ. So the next time you need to assign a role to a user, you know exactly which one to choose.
Administration Roles
There are five administration roles that you can assign to users in Sophos Central.
Info: Sophos Central contains several predefined roles. These roles cannot be edited or deleted.
1. super admin
As the name actually already shows more than clearly, a Super Admin has the highest authorization level of all administration roles. Something above the Super Admin does not exist. He has full control over the Sophos Central account, without restrictions.
Important: There must be at least one user with the Super Admin role.
2. admin
Users with the Admin role have access to all features in Sophos Central. The only thing that is denied to an admin is the management of roles. So he can neither change his own role nor assign a role to another user.
3. help desk
Users with the Help Desk role have read-only access to all settings in Sophos Central. So you cannot change any settings yourself, you can only view them. However, receiving or deleting alerts, updating client software and scanning computers is enabled. However, they are denied access to sensitive protocols or reports.
4. read-only
Users with the Read-only role can view sensitive logs or reports such as audit logs and also receive alerts.
Not possible:
- Roles and role assignments
- Assign guidelines
- Change settings
- Delete alerts
- Update client agents on computer
- Scan computer
5. user
Normal users cannot log in to Sophos Central Admin, but only have access to the self-service portal.
Change administration roles
If you want to check or change the role distribution of your users again, you can click on Global Settings
in the navigation and then select Role Management
. Another possibility would be the way via the navigation point People
. After that, simply select a user and click Edit
.