User roles available for each service

One user can have several roles but only one role per service. For each service, you can define which role will be assigned to a user.

The services that are available to you are configured by your service provider.

Service	Role	Description
n/a	Company administrator	This role grants full administrator rights for all services. This role grants access to the corporate allowlist. If the Disaster Recovery add-on to the Protection service is enabled for the company, this role also grants access to the disaster recovery functionality.
n/a	Unit administrator Unit level	This role grants highest possible permissions to all applicable services in the unit. The role does not provide access to the disaster recovery functionality.
Management Portal	Administrator	This role grants access to the management portal where the administrator can manage users within the entire organization. See also Disaster Recovery roles.
	Read-only administrator Partner level	This role provides read-only access to all objects in the partner's Management Portal and the Management Portal of all customers of this partner. See Read-only administrator role.
	Read-only administrator Customer level	This role provides read-only access to all objects in the Management Portal of the entire company. See Read-only administrator role.
	Read-only administrator Unit level	This role provides read-only access to all objects in the Management Portal of the company unit and sub-units. See Read-only administrator role .
Vendor Portal	Developer	This role provides full access to Vendor Portal. Developers can create and manage CyberApps, CyberApp Descriptions, and CyberApp Versions. They can also submit deployment requests and monitor CyberApp metrics.
	User	This role allows the user to create, manage, and request approvals of CyberApp Descriptions.
	Read-only user	This role provides read-only access to Vendor Portal.
Protection
	Administrator	This role enables configuring and managing the Protection service for your customers. This role is required for: configuring and managing the Disaster Recovery functionality. configuring and managing the corporate allowlist. performing autodiscovery of devices. performing all actions related to software deployment by using DeployPilot (working with software deployment plans, software repositories, software packages, and performing quick deploy actions).
	Cyber administrator	In addition to the rights of the Administrator role, this role enables configuring and managing the Protection service, and approving actions in Cyber Scripting. The Cyber administrator role is only available for tenants with enabled RMM pack.
	Read-only administrator	The role provides read-only access to all objects of the Protection service. See Read-only administrator role.
	User	This role enables using the Protection service but without administrative privileges. Access is provided to functionality such as Endpoint Detection and Response, but users assigned this role cannot access the data of other users in the organization.
	Restore operator	Applicable to Microsoft 365 and Google Workspace organizations, the role provides access to backups and allows their recovery, while restricting the access to sensitive content inside the backups. See Restore operator role.
	Security Analyst	The role can be assigned only in customer tenants for which the Detection and Response offering item is enabled. It provides access to the Cyber Protection console and enables the user to manage EDR incidents and perform response actions.
	DR support operator	This role provides read-only access to all objects of the Protection service in the organization and access to Disaster Recovery environment and allows to perform advanced troubleshooting. See also Disaster Recovery roles.
RMM operator	The role provides access only to the remote management and monitoring features of the Protection service. With this role, you can: start remote desktop connections (via NEAR, RDP, Apple Screen Sharing, or web client) without having access to workload credentials management. manage workloads (restart, shut down, put to sleep, empty recycle bin, or log out remote user). browse device details, software and hardware inventory, and monitoring data. run approved built-in scripts on demand. install software packages from the My packages repository on demand. install approved patches with accepted EULA on demand. browse alerts and activities. This role has read-only access to the other objects of the Protection service, as the Read-only administrator role.
File Sync & Share	Administrator	This role enables configuring and managing File Sync & Share for your users.
Cyber Infrastructure	Administrator	This role enables configuring and managing Cyber Infrastructure for your users.
PSA	There are a number of roles that can be assigned to PSA users. For more information, see PSA roles.
Partner Portal	There are a number of roles that can be assigned to Partner portal users. For more information, see Partner portal roles.
Notary	Administrator	This role enables configuring and managing Notary for your users.
Notary	User	This role enables using the Notary service but without administrative privileges. Such users cannot access data of other users of the organization.

Vendor Portal is available to technology partners who registered on the Acronis Technology Ecosystem website after October 04, 2023.
If you are looking to build an integration and require access to Vendor Portal and a dedicated Sandbox, see the Integrations chapter.

Any changes related to the accounts and roles are shown on the Activities tab with the following details:

What was changed
Who did the changes
Date and time of changes