Managing security levels

SECURITY  Security level with Admin permission to configure Resources/Users (HR). Refer to Admin security settings.

NAVIGATION   > Admin > Organization Settings & Users > Resources/Users (HR) > Security > Security Levels

NAVIGATION   > Admin > Features & Settings > Co-managed Help Desk > Co-managed Security Levels

What are security levels?

Each internal resource and co-managing user is assigned a security level in Autotask that controls their access to features and data in your Autotask instance, including the main Autotask menu , the My menu, and task and ticket menus. Security level object permissions also control data access through dashboard widgets.

IMPORTANT  Security levels assigned to co-managing users should be given special consideration. Refer to Co-managed security levels.

What security levels does Autotask come with?

Autotask includes a set of system security levels intended for specific roles in MSP organizations. To get started, you can simply assign those to the users you are setting up.

Refer to System security levels for further information.

You can inactivate or copy most system security levels, but you cannot edit or delete them. You can assign system security levels to users as they are, but the best practice is to use them as templates for your own custom security levels.

Learn more in the Best practice recommendations section of this article.

Do you need additional security levels?

Probably.

Once you have a better understanding of Autotask and how your company will be using it, you should perform a security review. If the system security levels are not a perfect fit or you need additional ones, copy the closest match and add or remove access to specific features. You could, for example, create a "Manager" version of a security level by enabling admin access for certain features. Refer to Admin security settings.

For information on editing existing or creating additional security levels, refer to Creating or editing a custom security level.

Best practice recommendations

EXAMPLE  Make a copy of the Service Desk User (system) security level and name it "Field Technician".

This makes assigning security levels easy when you hire new staff.

To avoid using the system security levels or any outdated custom security levels, inactivate them. Inactive security levels can still be copied, but they cannot be assigned to a user.

The Full Access security level was designed as a backup to your Autotask Administrator security level. We recommend that you do not assign it to resources.

Full Access allows access to all basic System Administrator level security options; it does not automatically provide access to all optional features, for example, the Client Portal.

The system security levels will be updated to include new features and configuration options, but your custom security settings will not be touched. Review the Release Notes after each release and edit your custom security levels to include new features.

How to...

Security levels are managed from a right-click menu on the Security Levels page. To open the page, use the path(s) in the Security and navigation section above.

Menu Option Description
Edit You can edit custom security levels, but not system security levels. Refer to Creating or editing a custom security level.
Inactivate/Activate Except for the API User (system) security level, all other system and custom security levels can be inactivated to prevent further use. Inactive security levels show an "Activate Security Level" option, instead.

Copy

All security levels except Time and Attendance (system), Dashboard User (system), and Contractor (system) can be copied. Since all security levels must be based on an existing one, you must use the Copy option to create a new security level. Refer to Creating or editing a custom security level.
Delete System security levels cannot be deleted. Custom security levels can be deleted as long as there are no associated resources.

For details on list menu options, refer to Managing lists and tables.