PlexTrac offers role-based access controls (RBAC) at the client level. RBAC allows teams to efficiently manage user privileges and permissions based on specific client requirements, enabling effective collaboration and task accomplishment.
Within PlexTrac, three default levels of access exist that can be assigned to users based on their responsibilities:
Administrator: An Administrator has the highest access level within PlexTrac. They possess extensive privileges and can perform various tasks, including creating reports, adding findings, tracking status, managing users, configuring settings, and accessing all areas of the platform related to the client.
Standard User: A Standard User plays a crucial role in managing and documenting activities for a client. They can create reports, add findings, and track the status of ongoing projects. This level of access allows Standard Users to contribute actively, collaborate with other team members, and provide valuable insights throughout the process.
Analyst: An Analyst is a user with a more limited role. Their primary responsibility is to track and update the status of identified vulnerabilities. While they may not have the authority to create reports or add findings, their role is essential in ensuring the accurate documentation and timely resolution of identified issues. Analysts can provide real-time updates on the progress of vulnerability mitigation efforts, making it easier for the broader team to stay informed and take necessary actions.
These default access levels ensure each team member has the appropriate privileges and responsibilities aligned with their role and contribution to the client's initiatives. By assigning specific access levels, teams can streamline workflows, maintain data integrity, and improve overall efficiency in managing and securing client environments.
The RBAC page provides more information on default roles, permissions throughout the platform, and user licensing.
When adding a user to a role that is licensed, an icon will appear at the end of the role title, regardless of the number of licenses available.
Any messaging regarding user licenses will appear as a banner on the "Authorize Client Users" modal.
Visit the RBAC page for information on the various messaging related to licensed users and their relationship to permissions.
Step 1: From the Clients module home page, click View under the "Actions" menu for the impacted client.
Step 2: Scroll to the User Access section and click Add/Authorize User.
Step 3: Select the user to add from the "User" field pulldown menu.
Only existing users in the tenancy who are not authorized for the client appear in the pulldown menu.
After adding a user, the "Role" and "Classification" fields will be automatically filled in but can be changed.
Step 4: Click Add User to add additional users (if applicable). Click Save when finished.
Step 1: From the Clients module home page, click View under the "Actions" menu for the impacted client.
Step 2: Scroll down to the "User Access" section and click Revoke under the "Actions" column in the user's row to remove access permissions.
Step 3: A dialog box will appear confirming the action. Click Revoke.
Step 1: From the Clients module home page, click View under the "Actions" menu for the impacted client.
Step 2: Under the "User Access" section, select the new role from the pulldown menu in the "Role" column for the user.
The change is immediate. A dialog box will appear at the bottom left of the screen confirming the change.
Step 1: From the Clients module home page, click View under the "Actions" menu for the impacted client.
Step 2: Scroll down to the "User Access" section and click the pulldown menu under the "Classification Level" column of the user impacted.
Step 3: Select the new classification level.
The change is immediate. A dialog box confirming the change will appear at the bottom left of the screen.