Sophos Central administration roles and their meaning
In this article, we will explain what administration roles exist in Sophos Central and how they differ. So the next time you need to assign a role to a user, you know exactly which one to choose.
Administration Roles
There are five administration roles that you can assign to users in Sophos Central.
Info: Sophos Central contains several predefined roles. These roles cannot be edited or deleted.
1. Super admin
As the name suggests, a Super Admin has the highest permission level of all administrative roles. There is no role above Super Admin. This role has full control over the Sophos Central account without restrictions.
Important: There must be at least one user with the Super Admin role.
2. Admin
Users with the Admin role have access to all features in Sophos Central. The only thing that is denied to an admin is the management of roles. So he can neither change his own role nor assign a role to another user.
3. Help desk
Users with the Help Desk role have read-only access to all settings in Sophos Central. So you cannot change any settings yourself, you can only view them. However, receiving or deleting alerts, updating client software and scanning computers is enabled. However, they are denied access to sensitive protocols or reports.
4. Read-only
Users with the Read-only role can view sensitive logs or reports such as audit logs and also receive alerts.
Not possible:
- Roles and role assignments
- Assign guidelines
- Change settings
- Delete alerts
- Update client agents on computer
- Scan computer
5. User
Normal users cannot log in to Sophos Central Admin, but only have access to the self-service portal.
Change administration roles
To check or change the role distribution of your users later, click Global Settings in the navigation and select Role Management. You can also go through People, select a user, and click Edit.