Aligning User Roles to Job Descriptions
Skyhigh CASB's Role-based Access Controls let you set an access level for each user, controlling what they can access in Skyhigh CASB. This gives you flexibility on how you want to create your user workflow.
Users must have at least one access level and can have any combination of user roles and access any combination of areas in Skyhigh CASB. The following list contains suggestions on the types of roles you can create using access levels but is not intended to be a comprehensive list of all of the ways you can use access levels.
When updating user access roles for existing users, the new role will take effect once the user logs in again. No email notification will be sent to the user with the new role.
| Sample User Title | Role Description | Suggested User Role |
|---|---|---|
| Cloud Analyst | Users with a workflow that centers around how your users interact with the cloud to determine what software best meets their needs. | Usage Analytics User, Compliance Manager |
| New User On-Boarding | Users tasked with creating accounts for new employees, but will not interact with Cloud Security at all. | Compliance Manager |
| Cloud Security Administrator |
A user who manages your cloud security efforts, including setting up new users, building DLP policies, managing the Cloud Security Advisor, and adding new sanctioned cloud services. |
Compliance Manager, Usage Analytics User, Policy Manager, Administrator, Cloud Security Advisor Dashboard Manager |
| Compliance Manager | A user who collects logs and data to ensure that users are interacting with the CASB within policy. | Administrator (grants access to the Audit Log) |
| Security Response | A user who investigates and address threats to the data in your cloud services. | Incident Manager |
| CISO | A top-level employee who needs to know information about how your employees are interacting with the cloud, but not interact with any of the details of cloud security. | Read Only |