Saner CVEM Access Control: Roles and Required Permissions

Modified on Fri, 1 Aug at 12:53 AM

Overview

Saner CVEM uses a role-based access system to ensure that users have the appropriate permissions to perform specific tasks across the platform. Depending on the role assigned—such as Normal user, Admin, Organization Admin and Account Admin—users can manage organizations, accounts, users, devices, agent settings, and key configurations like SSO and MFA.

This article outlines which user roles are required to carry out various operations within Saner CVEM. Understanding these access levels helps administrators delegate responsibilities appropriately while maintaining a secure and controlled environment


User Roles in Saner CVEM

Saner CVEM supports the following administrative roles:

  • Admin – Full access to manage all modules, organizations, and global settings.
  • Organization Admin – Can manage organizations, accounts, and users within a specific organization.
  • Account Admin – Can manage settings and operations at the account level, including device discovery, agent deployment, and user management.

Each role has a defined scope of access based on responsibility and operational need.


Organization Management

Action

Required Role

Customer Notes

View all organizations

Admin / Organization Admin

Must be signed in with sufficient privileges to access all organizations.

Add an organization

Admin / Organization Admin

A default account is automatically created within the new organization.

Modify an organization

Admin / Organization Admin


Delete an organization

Admin / Organization Admin

⚠️ This will permanently delete all associated accounts and data. Saner Agents on linked devices will be deactivated and must be uninstalled manually.


Account Management

Action

Required Role

Customer Notes

View all accounts

Admin / Organization Admin


Add an account

Admin / Organization Admin

Inherits all tools provisioned for the parent organization. You can modify tool access in account preferences.

Modify an account

Admin / Organization Admin


Delete an account

Admin / Organization Admin



User Management

Action

Required Role

Customer Notes

View all users

Admin / Organization Admin


Add a user

Admin / Organization Admin / Account Admin

Can invite users with custom roles as needed.

Modify a user

Admin / Organization Admin


Delete a user

Admin / Organization Admin



Authentication & Security Settings

Action

Required Role

Customer Notes

Configure Single Sign-On (SSO)

Admin / Organization Admin / Account Admin

Supports integration with SAML 2.0-compliant identity providers.

Configure Multi-Factor Authentication (MFA)

Admin / Organization Admin / Account Admin

Enhances login security with additional verification.


Device & Agent Management

Action

Required Role

Customer Notes

Discover devices

Admin / Organization Admin / Account Admin

Initiate network scans to identify managed devices.

Import devices

Admin / Organization Admin / Account Admin

Bulk import devices using supported file formats.

Download & deploy Saner Agents

Admin / Organization Admin / Account Admin

Download the appropriate installer for agent deployment.

Create agent settings

Admin / Organization Admin / Account Admin

Define behavior and communication preferences for agents.

Edit agent settings

Admin / Organization Admin / Account Admin


Delete agent settings

Admin / Organization Admin / Account Admin



Email Configuration

Action

Required Role

Customer Notes

Configure basic mail settings

Admin / Organization Admin / Account Admin

Setup basic SMTP/IMAP for alerts and notifications.

Configure OAuth mail settings

Admin / Organization Admin / Account Admin

Use OAuth-based secure email authentication


Logo Upload

Action

Required Role

Customer Notes

Upload a custom logo

Admin / Organization Admin

Customize branding with your organization’s logo.



Important Considerations

  • Deleting an organization will permanently remove all associated accounts and data.
  • Devices with Saner Agents linked to deleted accounts will be marked inactive, and the agents must be manually removed.
  • Always assign roles carefully to ensure users have the appropriate level of access for their responsibilities.

 

Conclusion

Managing user access based on defined roles helps maintain security, prevent unauthorized changes, and streamline administrative operations in Saner CVEM. By assigning roles thoughtfully, organizations can ensure that team members have just the right level of access they need nothing more, nothing less.

We recommend periodically reviewing user roles and permissions, especially as team structures or responsibilities change. For assistance in managing roles or configuring access settings, please reach out to SecPod Support.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article