0:06
In today's dynamic work environment, controlling who has access to what is more crucial than ever. Our Gopher application empowers your team, but how do you ensure everyone has the right level of access?
 

0:20
Enter Access Management Gopher's Powerful Feature, designed to give you granular control over permissions. Gone are the days of one-size-fits-all access. With Access Management, you can finally tune privileges to match your organization's unique structure.
 

0:37
First, let's talk about roles, the what in access management. A role defines what a user can do within the application.
 

0:45
Imagine setting up a device manager role with specific permissions to manage devices, or a support staff role that can assist users without altering core settings.
 

0:55
You'll build the roles that reflect your team's responsibilities. Let's add the Tier 1 role. 
 

1:28
Next, we have User Collections, the Who in Access Management. These are flexible groups you create to organize your users, whether it's all librarians, the IT department, or your faculty. Your collections allow you to group individuals for easy permission assignment.
 

1:42
This goes beyond simple organizational units, giving you adaptability. Let's add the Librarian User Collection. That's where OU Collections come in, the where in Access Management.
 

2:20
These define your administrative scope; instead of granting users power over your entire domain, you bundle specific OUs to create a boundary.
 

2:30
For example, you can create an elementary school's OU collection to ensure actions only affect devices within those specific containers. This is the key to granular control.
 

2:41
It ensures that a delegated admin in one location can't accidentally modify devices in another. Finally, designations bring it all together.
 

2:57
This is where you complete the logic, who, what, and where. You connect a user collection to a role and then to an OU collection to define their scope.
 

3:07
For example, you can designate your librarians, the who, to the tier one support role, the what, specifically for the elementary school's OU collection, the where.
 

3:20
Instantly, they have the power to help, but only within their intended scope. Access Management provides a robust audit trail so you always know who performed what action, ensuring transparency and accountability.
 

3:38
By using this system, you can safely delegate tasks like wiping profiles or moving a user without the security risk of granting full Google Admin console access.
 

3:51
Before we send you off to start defining your environment live, we have a few critical points to cover. First, before you delete any component, role, collection, or designation in access management, understand that the deletion is immediate.
 

4:05
Deleting a role will instantly revoke all permissions from every user currently linked to it. Likewise, deleting a collection or a designation immediately revokes the associated access.
 

4:17
Always double-check that no active users rely on that component before you click delete. Next, what happens when a user needs permissions from several different roles?
 

4:46
Users can wear multiple hats, and Gopher lets you grant them multiple designations. This means you might see the same user listed on multiple rows in the designations table.
 

4:57
The key thing to remember is that permissions are always additive. A user's total access is the combined sum of all the rules granted across all their active designations.
 

5:08
You'll see one entry for each permission link. Ready to take control of your team's access? Explore Access Management today. It's about more than just permissions.

5:20
It's about empowering your team with clarity and confidence.