When managing your critical environmental data, security and control are paramount. Efento Cloud provides robust user access management to ensure data integrity and streamline operations across your organisation. Assigning the right Efento Cloud permission levels is crucial for maintaining a secure and efficient monitoring environment, preventing unauthorised changes, and ensuring compliance.
Why do Efento Cloud user permissions matter for your organisation?
In a platform managing sensitive measurement data from industrial or clinical environments, implementing proper user roles and access levels is essential. Organisations utilise permissions to share measurement data while controlling who can see or modify configurations, reports, and sensors.
Effectively managing user access allows you to:
- Enhance Security: Limit sensitive actions, like editing system configurations or deleting data, to trusted personnel. The platform offers location-specific access, so users only see the data relevant to their assigned area.
- Streamline Operations: Ensure users can perform their specific job functions (e.g., viewing alarms, generating reports) without being exposed to unnecessary complexity or destructive controls.
- Maintain Data Integrity: Prevent accidental or malicious changes to alarm rules, sensor configurations, and automatic reports.
Understanding the Efento Cloud permission levels
Efento Cloud utilises three primary permission levels within an Organisation: Administrator, Manager and Analyst. Each role is designed for a specific level of responsibility and control over the sensor monitoring infrastructure and data.
Here are the key responsibilities and limitations of the three user roles:
| Role | Core Focus | Access Level |
| Administrator | Full system ownership, user management, and organisation settings. | Highest |
| Manager | Operational management of sensors, alarms, and reporting configurations. | High |
| Analyst | Data consumption, monitoring, and reporting. | Read-only / data access |
What can each Efento Cloud user role do?
The capabilities of each user level differ significantly, granting granular control over various platform functions. The creator of an Organisation is automatically designated as an Owner – Administrator with access to all locations.
1. Administrator / Owner
The Administrator has unrestricted access to the entire platform and organization settings. Administrators are the only user role that can manage user accounts and system-wide audit logs.
Key Administrator Privileges:
- Full User Management: adding, editing permissions, and removing users / API tokens.
- Organisation Control: managing organisation account settings.
- System Audit: previewing system logs (audit trail) for all actions.
- All Management Tasks: can perform every action available to the Manager role (see below).
2. Manager – the operational lead (configuration and setup)
Managers handle the operational configuration of the monitoring system. They can configure sensors, set up alarm rules, and manage data output but cannot manage user access or system-level accounts.
Key Manager Privileges (Shared with Administrator):
- Configuration: setting up sensors, locations, and location maps.
- Alerts & Reports: configuring alarm rules and automatic reports.
- Data Handling: archiving measurements, managing notification settings, web hooks, formulas, and SIM card management.
- Monitoring & Reporting: previewing the dashboard, alarms, and generating reports (the same permissions as Analyst).
3. Analyst – the data consumer (monitoring and reporting)
The Analyst is the most restricted role, primarily focused on monitoring and generating standard data output. They have read-only access to the core configuration elements. The Analyst cannot configure any structural or alerting parts of the system, such as changing sensor settings, configuring alarm rules, or creating automatic reports.
Key Analyst Privileges:
- Monitoring: viewing the main dashboard and the historical measurements
- Alarms: previewing active and historical alarms.
- Reporting: generating manual data reports.
Best practices for assigning Efento Cloud permissions
To maintain the highest security and operational efficiency, it is vital to follow the principle of Least Privilege when assigning roles. This means users should only be granted access to the specific data and features necessary to perform their job. When adding new users and assigning privileges on the platform, remember these two crucial best practices:
- Avoid assigning Administrator / Manager permissions to all users. Only assign Administrator or Manager permissions to users who are fully aware of the platform’s comprehensive features, as these roles wield significant control over sensors, data, and system-level configuration. Remember that Administrator rights, in particular, grant full control over users, sensors, alarm rules, and the Organisation’s account, and should therefore be reserved for highly trusted personnel only.
- Assign the permission only to selected locations. It is a fundamental best practice to assign a permission level and grant access based on specific locations within the organisation’s structure. This ensures that, for instance, a Manager responsible for a specific warehouse can configure sensors in that location but has no visibility or control over another facility.
If you need more information about permissions in Efento Cloud please refer to the user manual available in the Support section.