Specific Service Roles

Harmony Endpoint supports specific service roles. The specific service roles are in addition to the global rules and do not override them. For more information, see Specific Service Rules in the Infinity Portal Administration Guide

To access Specific Service Roles, go to Global Settings > Users > New > Add User and expand Specific Service Roles.

Role

Description

Admin

Full Read & Write access to all system aspects.

Read-Only User

Has access to all system aspects, but cannot make any changes.

Helpdesk Level 1

Has Read-only access to the service and Data Protection.

Has Read & Write access to computer actions and Logs.

Helpdesk Level 2

Has the same access as Helpdesk Level 1 and, in addition, full access to Repair Client and Forensics and Remediation Push Operations.

Helpdesk Level 3

Has the same access as Helpdesk Level 2 and, in addition, full access to Manage Virtual Groups and Read-Only access to Software Deployment Policies.

Log Only User

Has full access to the Logs tab.

Has no access to other features.

Power User

Has full Read & Write access to the Harmony Endpoint EPMaaS service, but cannot control the service.

Remote Help User

Helps Full Disk Encryption and Media Encryption users with access to encrypted media.

The table below summarizes the permissions of each user type:

Tab on

Left Panel

Section

Admin

User

Helpdesk

Level 1

Helpdesk

Level 2

Helpdesk

Level 3

Remote Help

User

Log Only

User

Power

User

Read-Only

Overview

All

Read & Write

Read-Only

Read-Only

Read-Only

Read & Write

No Permission

Read & Write

Read-Only

Policy

All

Read & Write

Read-Only

Read-Only

Read-Only

No Permission

No Permission

Read & Write

Read-Only

Software Deployment - Install Policy

Read & Write

Read & Write

Read & Write

Read-Only

No Permission

No Permission

Read & Write

Read-Only

Software Deployment -Write Policy

Read & Write

Read & Write (Cannot edit groups, only select objects in rules)

Read & Write (Cannot edit groups, only select objects in rules)

Read-Only

No Permission

No Permission

Read & Write

Read-Only

Threat Prevention -Exclusions

Read & Write

Read-Only

Read-Only

Read-Only

No Permission

No Permission

Read & Write

Read-Only

Asset Management

 

 

All

Read & Write

Read-Only

Read & Write

Read & Write

No Permission

No Permission

Read & Write

Read-Only

Data Protection

(Recover Media)

Read & Write

Read & Write

Read & Write

Read & Write

Read & Write

No Permission

Read & Write

Read-Only

Data Protection

(Full Disk EncryptionClosed A component on Endpoint Security Windows clients. This component combines Pre-boot protection, boot authentication, and strong encryption to make sure that only authorized users are given access to information stored on desktops and laptops. Acronym: FDE.Remote HelpClosed Users can be denied access to their Full Disk Encryption-protected computers or Media Encryption & Port Protection-protected devices for many different reasons. Remote Help can help users in these types of situations. The user contacts the Help Desk or specified administrator and follows the recovery procedure.)

Read & Write

Read & Write

Read & Write

Read & Write

Read & Write

No Permission

Read & Write

Read-Only

Push Operations (Remediation)

Read & Write

No Permission

Read & Write

Read & Write

No Permission

No Permission

Read & Write

Read-Only

Push Operations

(All,

except Remediation)

Read & Write

Read & Write

Read & Write

Read & Write

No Permission

No Permission

Read & Write

Read-Only

Computer Actions (Reset computer,

Delete computer data, add Pre-bootClosed Authentication before the Operating System loads. users)

Read & Write

Read & Write

Read & Write

Read & Write

No Permission

No Permission

Read & Write

Read-Only

Manage Virtual Groups

Read & Write

Read-Only

Read-Only

Read & Write

Read-Only

No Permission

Read & Write

Read-Only

Logs

All

Read & Write

Read & Write

Read & Write

Read & Write

No Permission

Read & Write

Read & Write

Read-Only

Push Operations

All

Read & Write

No Permission

Read & Write

Read & Write

No Permission

No Permission

Read & Write

Read-Only
Remediation

Read & Write

 No Permission Read & Write Read & Write

No Permission

No Permission

Read & Write

Read-Only
All except Remediation

Read & Write

Read & Write

Read & Write

Read & Write

No Permission

No Permission

Read & Write

Read-Only

Endpoint Settings

All

Read & Write

No Permission

No Permission

No Permission

No Permission

No Permission

Read & Write

Read-Only

Service Management

All

Read & Write

No Permission

No Permission

No Permission

No Permission

No Permission

Read & Write

Read-Only

Service Actions (Restart, pause or terminate the service)

Read & Write

No Permission

No Permission

No Permission

No Permission

No Permission

 No Permission

Read-Only

Threat Hunting

All

Read & Write

No Permission

No Permission

No Permission

No Permission

No Permission

Read & Write

Read-Only