User roles and organization access in Guardey

Understanding the different roles within Guardey is essential for proper organization management and security. Each role comes with specific permissions and access levels designed to balance functionality with data protection. By assigning appropriate roles to team members, organizations can maintain security while ensuring that everyone has the tools they need to succeed.

This guide will help you understand the different roles available in Guardey, their capabilities, and how they function in different organizational setups. Whether you're setting up a single organization or managing multiple entities through a reseller account, choosing the right roles is crucial for an effective security awareness program.

Standard organizational roles

Guardey has three main roles with different access levels that accommodate various responsibilities within your organization. Each role is designed to provide the right balance of functionality and security for different types of users.

Admin

The Administrator role is designed for individuals who need full oversight and control of the Guardey implementation within an organization.

Key capabilities:

• User management - Add/remove users, assign roles, and manage teams
• Comprehensive reporting tools - Access to activity reports, engagement metrics, and completion rates
• Organizational dashboards - Complete organizational overview and detailed analytics
• Team statistics - Performance tracking, challenge completion rates, and engagement levels across all teams
• Gamification settings - Configure challenges, and competitions
• Complete organizational data access - View all data within the organization

When to use this role: Assign the admin role to IT managers, security officers, or training coordinators who need comprehensive control over the security awareness program. This role is ideal for those responsible for the overall security posture of the organization and need to make data-driven decisions about training initiatives.

Note: Regular organization admins cannot modify or view subscription plans - this requires reseller admin privileges.

Group Leader

The Group leader role provides targeted administrative capabilities specifically designed for department heads and team managers who need visibility into their team's performance.

Key capabilities:

• Team statistics dashboard - Can view comprehensive statistics for their assigned team, including:
  • Individual and team completion rates
  • Challenge performance metrics
  • Engagement levels and participation rates
  • Training progress tracking
  • Gamification achievements and scores
• Team progress monitoring - Real-time insights into how team members are progressing through their security awareness training
• Performance insights - Detailed analytics to help identify training needs and celebrate successes within their team
• Focused reporting - Access to reports specific to their team's activities and outcomes

When to use this role: Assign the Group leader role to department managers, team leads, or supervisors who need visibility into their team's performance but don't require organization-wide access.

User

The User role is the standard role for employees participating in security awareness training, designed to provide an engaging and personalized experience.

Key capabilities:

• Training challenges - Access to all assigned security awareness training content
• Gamification features - Participate in badges, competitions, leaderboard and rewards systems
• Personal progress tracking - View their own training history and achievements
• Interactive learning - Engage with various training formats and scenarios

When to use this role: This is the default role for most employees. Users can complete their assigned security awareness training, participate in gamification elements, and track their own progress,

Organization Admin

In a standard Guardey environment, organization admins have complete control within their organizational boundary:

• Organizational scope - Admin access limited to their own organization only
• Complete internal access - Full access to all data within that organization
• Privacy boundaries - No insight into other organizations' data
• Operational focus - Cannot modify subscription plans or billing settings

When to use this role: This is the standard administrative role for a single organization implementation. It's ideal for companies managing their own security awareness program without the need to oversee multiple separate organizations.

Reseller Admin

For resellers and managed service providers, Guardey offers enhanced administrative capabilities:

• Multi-organization access - View and manage all connected sub-organizations
• Subscription management - Modify subscription plans for sub-organizations
• Billing administration - Configure billing settings for all managed organizations
• Centralized control - Manage all connected organizations from a single interface

When to use this role: This role is designed for ressellers, or partners that need to manage multiple client organizations or subsidiaries from a central administrative account.

Conclusion

Assigning the right roles to your team is key to maintaining security while ensuring everyone has the access they need. Administrators receive the oversight necessary to manage the system effectively, group leaders gain the insights to support their teams, and users get access to the training that helps them stay engaged and informed.

Matching roles to responsibilities in this way creates an organized structure that supports your organization’s security awareness goals. It ensures the program runs smoothly while respecting privacy and access requirements, allowing everyone to participate effectively.