Users and user types
One of Coro’s key functions is to protect and monitor users within an organization who have accounts with connected cloud applications, such as Microsoft 365.
When an admin user connects their Coro workspace to a cloud application, Coro searches the application directory for all identifiable and accessible user accounts. These accounts are defined as protectable by Coro.
Important
Coro identifies users by their email address. If a user uses different email addresses across different applications within the same organization, Coro might not be able to identify them as the same individual across all connected applications.
Additionally, user accounts must be able to receive external emails for Coro to automatically identify them as protectable. If you want to extend protection to users with restricted external access, add them individually or through a user list import.
The workspace admin user instructs Coro to protect users by:
- Adding individual user accounts .
- Importing a list of user details.
- Selecting a known user group from the application's directory.
- Instructing Coro to protect all identifiable and protectable users in the connected cloud application.
Coro automatically applies protection to all selected users and monitors their activity within the connected application.
Certain user types are automatically granted protection by virtue of their privileged status: workspace admin users, MSP admin users, and Coro administrators.
| Category | Description |
|---|---|
| All cloud app users | All user accounts in a connected cloud application. |
| Protectable users | Cloud application users identified as protectable. Coro considers a user account as protectable if there are no external access restrictions or other reasons that might prevent Coro from applying protection. |
| Protected users | Users that have been explicitly added to Coro for protection by a workspace admin user, either individually or as part of a user group from the cloud app. To learn more about how to add users for protection, see adding users for protection. |
| Admin users | Privileged users that have access to the Coro console to administer and monitor an organization's cyber protection, see admin users. |
| Managed Service Provider (MSP) admin users | Privileged users within an MSP organization that have access to the Coro console of all their child workspaces and MSP global view, see Managing MSP roles and permissions |
| Coro administrators | Coro employees that have access to the Coro console to administer and monitor an organization's cyber protection. |
note
If a workspace is in trial mode (or where an MSP admin has enabled the relevant option for channel and child workspaces), Coro monitors your protectable users in addition to protected users. Coro raises tickets for protectable users in the same way as protected users, but these are non-actionable and for information only. To learn more, see viewing tickets.
Admin users
note
To learn more about the role of MSP admin users, see Managing MSP roles and permissions.
Administrators in Coro are referred to as admin users and each new subscription includes one initial admin user with super admin credentials to access the Coro console.
Admin users are part of the set of protected users. This ensures that the administration of the workspace is not compromised.
In addition to managing and configuring all protection settings in a workspace, an admin user is generally responsible for:
- Introducing cloud security
- adding users for protection
- deploying the Coro Agent to endpoint devices.
- monitoring and addressing raised tickets for suspicious events that Coro cannot automatically remediate.
Coro allows you to add additional admin users with various levels of access and authority depending on their assigned roles.
To learn more about admin users, see Managing admin users.