KnowBe4 allows business users to assign individual roles to account members. This enables centralized administration, including account billing, to be distributed across a variety of user roles in the system.
Changing User Roles
Remember:Security Roles determine capabilities, like sending secure emails. Roles need appropriate permissions, and license discrepancies should be addressed. If there are any issues, verify role settings and manage user access under the User Management tab.
Default user roles are applied during the Security Center invitation process, but can be changed at a later date. To change the role of a user, follow the steps below:
- Navigate to User Management.
- Select the user whose role you want to change.
- In the User Details tab, use the Role drop-down menu to select the desired role.
- Select Save to confirm the role change.
User Roles
The following roles are currently available:
| Role | Description |
|---|---|
| Disabled | The user will not be able to access KnowBe4 functionality and will not be able to send or receive secure messages. This role does not use a KnowBe4 license. |
| Read Only | The user can only access secure messages that are associated with them. They cannot create or send their own secure messages. This role does not use a KnowBe4 license. |
| Limited Author | The user can access secure messages associated with them and send secure messages to other paying KnowBe4 users, but not to free users. This role does not use a KnowBe4 license. |
| Author | The user can create and send secure messages. External first-time users are given a number of credits for free, so every user who signs up for an account is automatically an Author until these credits are used. Authors in your organization’s business account can create and send an unlimited number of secure messages. |
| Auditor | The user can create and send secure messages. The user can view secure messages created by another user account in the same organization. |
| Power User | The user can create and send secure messages, as well as view and modify secure messages created by any other user account in the same organization. |
| Limited Administrator | The user has full, unrestricted access to secure messages and all the capabilities of an admin. This role does not use a KnowBe4 license. |
| Administrator | The user has full, unrestricted access to secure messages and users listed under the same organisation. The admin can also modify existing individual roles as well as remove legacy user accounts from the system. |
Additional Account Privileges
The following additional role privileges are available:
| Privilege | Description |
|---|---|
| Can Reset Passwords, Help Desk | This privilege allows the designated user to reset passwords for other users in the same business account. Passwords can either be changed explicitly, or the help desk user can send out a password reset email to the user. |
| Can Invite New Users | This privilege allows the user to invite new users into the business account. |
| Access to Payment Settings | This elevated privilege is available on request and provides full access to billing history. This includes payment settings and account transactions that have taken place since the business account was first created. |
| Billing Manager | The user is able to buy new subscriptions, add more licenses for more users, and renew a subscription. |