DAM User Roles 101: What are they and how to use them right?

We come across big headlines about massive data leaks at least once a month. For example, the data breach announced by US hotel chain Marriott was one of the biggest this year. Could you imagine that this event resulted in the loss of private information of over five million users?

Fortunately, DAM comes with lots of security and safety so the users won’t need to worry about any leakage. There are four default user roles you assign to the storage, which you could then adapt to the team’s specific needs and preferences. For this very reason, you get a secure repository, controlling how individual users interact with your storage, limiting their access and actions.

So let’s turn to user roles now…

👨‍💼 Administrator

This is a person owning full control over the account, including your media library and users.

Who can it be? Someone with a leadership role within the company. It could be a director, account or client manager, or the team lead of your marketing, sales, or IT department. Plus, this person must be familiar with DAM functionality and its best practices to use it most productively.

What does this person do?

Can do
Cannot do
Takes responsibility for DAM adoption and manages the process; Can but will unlikely upload/download assets;
Controls and has access to all aspects of DAM, with full feature functionality and managerial capacity; Will unlikely edit metadata & share files;
Defines the structure and policy of the storage and makes sure everyone is following them. Won't set an organization structure for files.

If we take our own Pics.io team as an example, it’s not that big. And so we have only two people with admin roles in our DAM storage - our CEO and chief technology officer. They manage both assets and user rights and supervise our DAM account in general like its functionality and structure.

But let’s imagine your team is over 50 people, and the size of your library reaches at least 1000 assets. And thus you may need to divide the different roles of your administrators into:

  1. Master admin: a person with the widest aspects of rights and permissions, including user account & asset management, access to billing details, analytics, purchase/update options, etc.
  2. User admin: a person responsible for managing user access, rights, and roles.
  3. Library admin: a person curating the assets like approving uploads/downloads, adding/editing/deleting metadata, and organizing the corpus of data.

Depending on your firm’s size, you can experiment with different managerial roles. For example, a master admin may also take care of user accounts if the company doesn’t hire weekly. Or vice versa, you may need a few library admins, assigning a new one to each department. Your working process will run smoother if the marketing, design, and product team leads manage assets related to their departments only.

Examples of admin users:

  • Director responsible for billing and updating features in DAM;
  • Marketing team lead making sure all assets related to their department stay updated, relevant, and in order;
  • HR specialists preparing the report on the use of data in their agency by department.

🧑 Regular DAM user

This is a person that puts your DAM storage directly to its intended use like storing, accessing files, sharing, and downloading.

Who can it be? All sorts of employees. Most typically, these include a marketing and sales team, PR department, product team, designers, and web managers. This is the most numerous category of users.

What does this person do?

Can do
Cannot do
Accesses DAM and previews the assets; Has normally no right to upload, edit, or move assets except for some exclusions e.g. for team leads;
Searches for what they need & downloads; Cannot delete assets;
Asks for permissions to view/download if access to some particular file or collection is restricted. Has no access to billing, analytics, updates, etc.

The basic idea underlying this DAM user role is self-serving. This means that the user gets access to the storage, comes and does what they need without bothering everyone around them. Plus, the role expects so-called general use, without any specific actions done to assets like editing or deleting.

Examples of regular DAM users:

  • A content editor looking for banners for the article;
  • A web manager searching for photos/videos to upload on the website;
  • A product team browsing collections for the latest logo to use.

🕺 Power DAM user

This is an alternative to regular DAM users. In other words, this is a regular DAM user, with a bit of extended rights.

Who can it be? Again, your marketing & sales team, product team, web designers, and developers.

What does this person do?

Can do
Cannot do
Has all the same rights as regular users like accessing files, previewing, and downloading, plus these users are allowed to upload assets; Sometimes, this role enforces some limitations related to upload/download options;
Creates new collections; As a rule, they cannot move or delete assets;
Edits, moves, and deletes files. Has no access to billing, analytics, updates, etc.

In our team, for example, you won’t upload any assets unless you enter the name and description for the uploaded files. This approach helps us to keep the materials organized as we use these metadata in our searches later.

Likewise, a power user may be asked to fill in other fields, depending on the industry the company works in. A travel agency may need data concerning the location, while videographers may attach the date when the material was created/uploaded, the type of equipment used, etc.

Another interesting restriction admin may enforce refers to downloading original content. There are lots of DAM users where copyright is of the utmost importance. And so you may provide some of your users or teams to download renditions only in contrast to original materials.

  1. Internal or those who work within the same company, for example, content creators i.e. marketing team;
  2. External or those who contribute outside the company, for example, external photographers, videographers, freelance designers, and so on. This type of user usually has to wait for the administrator’s review & approval before they upload the assets.

Examples of power DAM users:

  • Marketing Assistant uploading latest marketing collateral;
  • Marketing and Promotion manager looking for leftovers from older campaigns to reuse these materials;
  • Freelance designers uploading their works for a new product line.

👤 Guest

This is a user with the fewest rights, which are normally reduced to viewing/reading only.

Who can it be? People outside the company like partners, agencies, freelancers, volunteers, vendors, and clients. Sometimes, these could be your teammates from other departments when you share the asset for a second opinion or need someone else’s approval.

What does this person do?

Can do
Cannot do
Browses collections and views files only; No upload/download options are available;
Leaves comments under particular assets. Has no access to billing, analytics, updates, etc.

In some industries, guests are end-users as opposed to more popular regular and power user roles. For example, travel agencies may set guest roles to their clients to allow them to view the latest photos and videos from their tours.

Examples of guest users:

  • Clients willing to check projects before choosing to cooperate with some creative agency;
  • An IT specialist browsing the marketing collection to give feedback on the material from the technical perspective.

Team vs. collection permissions

Another good news is an opportunity to differentiate your permissions by a whole team and different collections. Admin roles could be the same over the whole storage. But you may need different user rights depending on a particular collection.

Your product team may be satisfied with regular user roles. Most of the time, they will use DAM for downloading assets only. For example, they may need different designs uploaded by the UI/UX designer.

In contrast, your marketing team will need more extended permissions. Usually assigned with power DAM user rights, the team both uploads and downloads files, creates new collections, and manages metadata. For example, a content writer uploads a new article. They also attach its name, description, different keywords to make access to this file easier, etc.

You may also want to assign different permissions within a single department. For example, your team works on two different product lines. And so you make sure that users have access only to the collection with the materials they’re working on.

A few takeaways

Different employees use the company's DAM account in different ways. Allowing everyone to do anything they want leads to never-ending inconsistencies, unnecessary changes to files, and occasional removing. You’ve probably experienced this chaos before you chose DAM, haven’t you?

And so your users don’t need to see every single feature in DAM. If you access the storage once or twice a week only to download some report, you don’t have to be able to upload the assets or change their metadata. To some extent, this wide range of options may even feel intimidating for not a regular DAM user.

Luckily, modern DAM solutions like Pics.io allow us to differentiate user roles. And so a person could see and do precisely what they need in their job. For this very reason, your DAM library gets more secure, and there is no need to worry about the safety of your sensitive data.

And how do you distribute user roles in your DAM storage? You’re welcomed to share your experience in the comment section. And don’t forget to check our Pics.io product in case you’re still in search of your ideal DAM.

Pics.io Team
Welcome to Pics.io blog, where you'll get useful tips, resources & best practices on how digital asset management can help your business to manage & distribute digital content on top of cloud storage.