Zecurit’s Custom Role Permissions feature allows organizations to define tailored access control for different user types. This ensures users only access features relevant to their responsibilities — enhancing security and streamlining operations.
Who can manage custom roles?
| Action | Access Level |
|---|---|
| Create/Edit/Delete Roles | ✅ Super Admin only |
| Assign Roles to Users | ✅ Admin & Super Admin |
Only the Super Admin can create, modify, or delete custom roles. Once created, Admins and Super Admins can assign these roles while inviting or editing users.
Custom Role Creation
To create a custom role:
- Go to Settings → Organization → Roles
- Click Create Role
- Provide a Role Name and an optional Description
- Select permissions (Enable/Disable) for each module and functionality:
Below are the areas where access can be controlled when creating or editing a custom role:
Once saved, the role will appear in the list and can be assigned to users during invitation or modification.
Use Case Examples
- Software Manager Role: Grant access only to the Software License, Category and Deployment modules. This role is ideal for individuals solely responsible for managing software assets.
- Security Analyst Role: Provide access exclusively to Alerts, Activity Logs and Security Reports. This ensures security personnel can monitor and investigate threats without access to unrelated system configurations.
- Audit Viewer Role: Offer read-only visibility into reports and user activity. This is perfect for auditors who need to review data without the ability to make changes.
Best Practices
- Use clear, descriptive role names (e.g., Compliance Officer, Remote Technician)
- Always follow the principle of least privilege. So assign minimal necessary access based on job roles.
- Review custom roles periodically as responsibilities evolve.
Need help assigning roles to users? See the User & Role Management documentation.