Overview
Roles give users the authorization they need to do their work in CrashPlan. This article describes common use cases for role assignments.
For more information on role assignment, see these additional articles:
- For directions on how to assign roles, see Manage user roles .
- For a listing of available roles, see Roles reference .
Considerations
- Assign roles so that users have the lowest level of privilege needed to perform their jobs.
- After assigning roles, test to confirm that users can perform their required tasks and access the data they need.
- Assign the Customer Cloud Admin role only to those users who you want to have all possible rights.
Assign the Customer Cloud Admin role with care
Don't assign this role to anyone except for the individuals you want to have complete control of your CrashPlan environment. When possible, rather than assigning the Customer Cloud Admin role, assign roles with the lowest level of privilege necessary for users to do their jobs.
Use cases
Use case: Administer a CrashPlan organization
Scenario
You need to assign roles to a user who will manage an individual organization in the CrashPlan environment.
You want the individual to be able to perform all needed administrative tasks in the organization, such as add users, deactivate users and devices, move users to different organizations, and create child organizations. This individual will not perform any security investigations. Their duties will be solely to manage CrashPlan users, devices, and settings in their organization.
Assign this role:
- Org Admin: Allows the user to perform administrative actions in their organization.
Additional roles:
Following are additional roles you can assign that restrict access to only the user's own organization:
- Org Manager
- Org Admin - No Web Restore
- Org Help Desk
- Org Help Desk - No Restore
- Org Legal Admin
- Org Security Viewer
Use case: Perform end user help desk support
Scenario
You need to assign roles to an individual who will perform support-related tasks (such as restore files and change settings) for users of the CrashPlan app in multiple organizations.
You do not want this individual to be able to perform any administrative actions such as add users, deactivate users and devices, move users to different organizations, or create organizations. Their privileges are limited to helping end users.
Assign these roles:
- Cross Org Help Desk: Allows the individual to restore files and change settings for users of the CrashPlan app.
- User Modify: Allows the individual to view and update user information.
Use case: Create legal holds
(Crashplan for Enterprise only)
Scenario
You need to assign roles to an individual who will configure legal holds for multiple organizations in the CrashPlan environment.
You want the individual to be able to perform all the administrative tasks needed for legal holds, such as create matters, create preservation policies, add custodians to legal holds, and perform restores of files under legal hold. But you do not want this individual to be able to perform any administrative actions such as add users, deactivate users and devices, move users to different organizations, or create organizations. Their privileges are limited to legal hold tasks.
Assign this role:
- Cross Org Legal Admin: Allows the user to perfom legal hold tasks.