Access Management Overview
Access management and permissions in Qubitro are simplified through distinct roles, ensuring specific levels of control and security within project and dashboard collaborations, and organization-wide settings.
Collaborator Roles
Available to users on the Scale or Enterprise plans.
Read-Only
- Description: Users can view resources (devices, functions, device data, etc.) but cannot modify or delete them.
- Permissions:
- View resources
- No modification or deletion rights
Read/Write
- Description: Allows creation and modification of resources (devices, functions, device data, etc.), but not deletion.
- Permissions:
- Create and modify resources
- No deletion rights
Admin
- Description: Grants full authority to manage, modify, and delete resources (devices, functions, device data, etc.) and access to access management settings.
- Permissions:
- Full control over creation, modification, and deletion
- Access to access management in projects/dashboards
- Manage all resources
Collaborator Roles Reference
| Feature | Read Only | Read/Write | Admin |
|---|---|---|---|
| View Resources | Yes | Yes | Yes |
| Create Resources | No | Yes | Yes |
| Modify Resources | No | Yes | Yes |
| Delete Resources | No | No | Yes |
| Access Management in Projects/Dashboards | No | No | Yes |
Organization Member Roles
Exclusive to Enterprise plan accounts.
Read-Only
- Description: View-only access to all organizational resources (devices, functions, device data, etc.).
- Permissions:
- View organizational resources
- No modification or deletion
Read/Write
- Description: Can create and modify organizational resources, excluding deletion and certain settings.
- Permissions:
- Create and modify organizational resources
- No deletion or access to sensitive settings
- No access to groups and members settings within the organization
Billing Admin
- Description: Specific to managing billing and invoice settings.
- Permissions:
- Access only to billing and invoice tabs
- No access to other organizational settings or resources
Admin
- Description: Extensive control within the organization and access to groups and members settings.
- Permissions:
- Manage projects, dashboards, and similar resources
- Access to groups and members settings within the organization
- Limited access to certain sensitive settings
Super Admin
- Description: Unrestricted access to all organizational aspects, including groups and members settings.
- Permissions:
- Full control over all features, settings, and resources
- Access to groups and members settings within the organization
- Comprehensive management capabilities
Organization Member Roles Reference
| Feature | Read Only | Read/Write | Billing Admin | Admin | Super Admin |
|---|---|---|---|---|---|
| View Org. Resources | Yes | Yes | No | Yes | Yes |
| Create Org. Resources | No | Yes | No | Yes | Yes |
| Modify Org. Resources | No | Yes | No | Yes | Yes |
| Delete Org. Resources | No | No | No | Limited | Yes |
| Access Billing and Invoice Tabs | No | No | Yes | No | Yes |
| Access to Groups and Members Settings | No | No | No | Yes | Yes |
Best Practices
-
Principle of Least Privilege:
- Assign roles based on the minimum access needed to perform tasks efficiently.
-
Regular Reviews:
- Conduct periodic reviews to ensure role assignments align with current organizational needs and security protocols.
-
Temporary Access:
- Grant higher-level access temporarily for specific tasks and revert to original permissions after task completion.
-
Emergency Protocols:
- Have emergency protocols in place to quickly address security breaches or misuse of access privileges.
Start building today
Collect, process, and activate device data. Scale from one device to thousands.
