Workspace level roles
In general: Roles within workspaces can only be assigned to Emsisoft user accounts or Emsisoft Partner accounts.
Available roles within workspaces are:
Primary Workspace Owner
Is the legal owner of the workspace and responsible for all activities within a workspace. Has full access to everything and can re-assign ownership to another user.
Typical use case: The person that bought the software directly at Emsisoft.
Workspace Admin
Has full access to the workspace and can view/edit all devices, policies, incidents, logs, reports, users and the license of your workspace. Workspace Admins can change all user permissions except those of the Primary Workspace Owner.
Typical use case: An organization has multiple full-access administrators to share management tasks of the workspace.
Protection Manager
Can view/edit all protection relevant settings, such as devices, policies, alerts, logs, reports, but can’t change the workspace settings such as user roles and licensing.
Typical use case: A trusted third party who has more experience with security software manages the protection for the workspace, i.e. an IT professional or the ‘computer geek’ in the family.
Billing Contact
Special case: This role can not be manually assigned like the other roles. It is implicitly defined through the assignment of a license to an Emsisoft partner account. It is only displayed for workspaces that use partner-assigned licenses.
Billing contact is responsible for license payments at Emsisoft. Can view/edit license information, but doesn’t have access to devices or other protection related workspace settings.
The billing contact receives license renewal reminders from us.
Typical use case: A managed service provider (MSP) or reseller who sells the malware protection in a bundle with other services, i.e. general computer maintenance services.
User access
| Feature | Primary Workspace Owner | Workspace Admin | Protection Manager |
| Workspaces list | |||
| WS Dashboard | |||
| WS Incidents | |||
| WS Policies | |||
| WS Reports/Logs | |||
| WS Settings: General | Read-only | ||
| WS Settings: Licensing | Read-only | ||
| WS Settings: Users | Yes (except change of owner) | Read-only |
Partner account level roles
Partner accounts are virtual entities that have the same functionality as user accounts, but can contain multiple users. E.g. a partner company can have one or more employees that will be granted access to all workspaces where the partner account has a role assigned.
Available roles within partner accounts are:
Primary Partner Account Owner
Is the legal owner of the Emsisoft Partner account and is responsible for all activities within a partner account. Has full access to everything within the partner account (billing, licenses, settings, users) and can re-assign ownership to another user.
Typical use case: The owner of the partner company.
Protection Admin
Can:
- Edit policy- and report templates.
- Edit protection settings of managed workspaces.
- Deal with malware incidents.
Can’t:
- Buy or manage licenses.
- Edit license settings in managed workspaces.
- Edit partner account settings or users.
Typical use case: A tech employee of a partner company who’s job is to set up new workspaces and monitor the security of managed workspaces. Shouldn’t need to see any billing related information.
License Manager
Can:
- Buy and manage licenses.
- Edit license settings in managed workspaces.
Can’t:
- Edit policy- and report templates.
- View and edit protection settings of managed workspaces.
- Deal with malware incidents.
- Edit partner account settings or users.
Typical use case: A sales employee of a partner company who’s job is to sell licenses (new and renewals). Shouldn’t see any protection/technical related information of customer workspaces.
Partner access
| Feature | Primary Partner Account Owner | Protection Admin | License Manager |
| Partner: Buy a License | No | ||
| Partner: Manage Licenses | No | ||
| Partner: Order History | No | ||
| Partner: Sales Assets | No | ||
| Partner: Policy Templates | No | ||
| Partner: Report Templates | No | ||
| Partner: Settings | Yes (read-only) | ||
| Workspaces list | Yes (license information only) 1 | ||
| Create new workspace | Yes | Yes | Yes |
| WS Dashboard: if partner is owner/admin/manager | Yes | Yes | No (redirects to WS settings) 1 |
| WS Incidents: if partner is owner/admin/manager | Yes | Yes | No |
| WS Policies: if partner is owner/admin/manager | Yes | Yes | No |
| WS Reports/Logs: if partner is owner/admin/manager | Yes | Yes | No |
| WS Settings: if partner is owner/admin/manager | Yes | Yes (license section read-only) | Yes (edit license only, everything but the WS name hidden) 1 |
| WS Dashboard: if partner is billing only | Yes (license information only) 1 | No | Yes (license information only) 1 |
| WS Policies, Incidents, Reports, Logs: if partner is billing only | Yes | No | No |
| WS Settings: if partner is billing only | Yes (edit license only, everything but the WS name hidden) 1 | No | Yes (edit license only, everything but the WS name hidden) 1 |
Remarks
(1): If the partner account only has the billing contact role but not technical roles on a workspace:
- All non-license/billing related information is hidden from the workspace list.
- Any columns that can’t be accessed are left blank and filter/search features don’t apply.
- Any alerts, issues, quarantine or other information is not included in KPI tiles, charts or alert lists.
- A click on such a workspace’s name doesn’t open the workspace dashboard but its Settings panel instead. The settings panel only shows the workspace name and the License section but nothing else.
- All sub-menu items of the workspace (policies, reports, logs, etc.) are hidden.