Endpoint Encryption User Roles

The following table explains the Endpoint Encryption user account types intended for different roles within the Enterprise or policy group. Each role determines the permissions granted when the user accesses Endpoint Encryption management consoles and devices.

Endpoint Encryption Account Roles

Role

Description

Enterprise Administrator

Intended for administrators who control the Enterprise and require administrative rights to all groups, users, devices, and policies regardless of where they reside.

Group or Policy Administrator*

Intended for administrators who control any assigned group or policy.

Note

Privileges do not apply to parent groups, groups at the same level in the hierarchy or their subgroups.

Enterprise Authenticator

Intended for Help Desk personnel who provide remote assistance when users forget their Endpoint Encryption password or have a technical problem. Enterprise Authenticators have configurable privileges for the Enterprise.

Group or Policy Authenticator*

Intended for Help Desk personnel with the same privileges as the Enterprise Authenticator except for being limited to the assigned group or policy only.

User

Intended for basic end users with no special privileges. The user role cannot log on to Endpoint Encryption management consoles.

Note

*Due to differences in policy architecture, Control Manager merges the policy and group structure of PolicyServer MMC. The following roles are the same between PolicyServer MMC and Control Manager:

Group Administrator (PolicyServer MMC) and Policy Administrator (Control Manager)
Group Authenticator (PolicyServer MMC) and Policy Authenticator (Control Manager)

$('#title').html($('meta[name=description]').attr('content'));