Overview
Saner CVEM uses a role-based access system to ensure that users have the appropriate permissions to perform specific tasks across the platform. Depending on the role assigned—such as Normal user, Admin, Organization Admin and Account Admin—users can manage organizations, accounts, users, devices, agent settings, and key configurations like SSO and MFA.
This article outlines which user roles are required to carry out various operations within Saner CVEM. Understanding these access levels helps administrators delegate responsibilities appropriately while maintaining a secure and controlled environment
User Roles in Saner CVEM
Saner CVEM supports the following administrative roles:
- Admin – Full access to manage all modules, organizations, and global settings.
- Organization Admin – Can manage organizations, accounts, and users within a specific organization.
- Account Admin – Can manage settings and operations at the account level, including device discovery, agent deployment, and user management.
Each role has a defined scope of access based on responsibility and operational need.
Organization Management
Action | Required Role | Customer Notes |
View all organizations | Admin / Organization Admin | Must be signed in with sufficient privileges to access all organizations. |
Add an organization | Admin / Organization Admin | A default account is automatically created within the new organization. |
Modify an organization | Admin / Organization Admin | |
Delete an organization | Admin / Organization Admin | ⚠️ This will permanently delete all associated accounts and data. Saner Agents on linked devices will be deactivated and must be uninstalled manually. |
Account Management
Action | Required Role | Customer Notes |
View all accounts | Admin / Organization Admin | |
Add an account | Admin / Organization Admin | Inherits all tools provisioned for the parent organization. You can modify tool access in account preferences. |
Modify an account | Admin / Organization Admin | |
Delete an account | Admin / Organization Admin |
User Management
Action | Required Role | Customer Notes |
View all users | Admin / Organization Admin | |
Add a user | Admin / Organization Admin / Account Admin | Can invite users with custom roles as needed. |
Modify a user | Admin / Organization Admin | |
Delete a user | Admin / Organization Admin |
Authentication & Security Settings
Action | Required Role | Customer Notes |
Configure Single Sign-On (SSO) | Admin / Organization Admin / Account Admin | Supports integration with SAML 2.0-compliant identity providers. |
Configure Multi-Factor Authentication (MFA) | Admin / Organization Admin / Account Admin | Enhances login security with additional verification. |
Device & Agent Management
Action | Required Role | Customer Notes |
Discover devices | Admin / Organization Admin / Account Admin | Initiate network scans to identify managed devices. |
Import devices | Admin / Organization Admin / Account Admin | Bulk import devices using supported file formats. |
Download & deploy Saner Agents | Admin / Organization Admin / Account Admin | Download the appropriate installer for agent deployment. |
Create agent settings | Admin / Organization Admin / Account Admin | Define behavior and communication preferences for agents. |
Edit agent settings | Admin / Organization Admin / Account Admin | |
Delete agent settings | Admin / Organization Admin / Account Admin |
Email Configuration
Action | Required Role | Customer Notes |
Configure basic mail settings | Admin / Organization Admin / Account Admin | Setup basic SMTP/IMAP for alerts and notifications. |
Configure OAuth mail settings | Admin / Organization Admin / Account Admin | Use OAuth-based secure email authentication |
Logo Upload
Action | Required Role | Customer Notes |
Upload a custom logo | Admin / Organization Admin | Customize branding with your organization’s logo. |
Important Considerations
- Deleting an organization will permanently remove all associated accounts and data.
- Devices with Saner Agents linked to deleted accounts will be marked inactive, and the agents must be manually removed.
- Always assign roles carefully to ensure users have the appropriate level of access for their responsibilities.
Conclusion
Managing user access based on defined roles helps maintain security, prevent unauthorized changes, and streamline administrative operations in Saner CVEM. By assigning roles thoughtfully, organizations can ensure that team members have just the right level of access they need nothing more, nothing less.
We recommend periodically reviewing user roles and permissions, especially as team structures or responsibilities change. For assistance in managing roles or configuring access settings, please reach out to SecPod Support.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article