When setting up a user account, you can choose to grant the user Manage or Read Only rights to certain functions. This allows you to customize exactly which functions a user can actively manage and which options can simply be viewed.
This also allows you to configure a Read Only user account. This can be useful during an audit, for example, when a person needs access to records but should not be able to make any changes to your deployment. You could also create a Read Only account for a member of your organization who is interested in reporting only.
Read Only and Manage access options make for very granular control over all aspects of Skyhigh CASB. You can bring Roles in Skyhigh CASB in line with the positions in your organization, neatly delineating tasks in Skyhigh CASB with job responsibilities. For example, below we're setting up a new Policy Management account, but we don't want this user to edit the email templates we have in place. We give this user Read Only access to Email Templates. The options are fully editable if we need to make changes later.