Last year, we announced that we are making changes to how user roles are assigned in WithSecure Elements.
The next step will be to disable the user and permission management capabilities for the following roles, on organizations that have the Identity and Access Management (IAM) role defined.
- Exposure Management > Exposure > Full Editing
- Exposure Management > Vulnerabilities > Management
- Collaboration Protection > Management > Admin
- Endpoint Protection > Full Editing (Computers & Servers)
Other capabilities of these roles is not affected by this change.
From 15 December 2025, organizations who have the IAM role defined:
- Will NOT be able to assign roles with the older methods
- Will ONLY be able to assign user roles when logged in with an IAM user
The vast majority of organizations in WithSecure Elements already have the IAM role enabled, and our goal is that all organizations will have this defined soon.