How do organization permissions work in Vyvern?
Vyvern uses role-based permissions to control who can access and manage the platform within an organization.
In most cases, only organization administrators directly interact with the Vyvern platform itself.
Standard employees do not typically access the platform and instead interact with Vyvern through:
Security awareness workflows
Simulated attacks
Follow-up training
Workflow-driven communication and testing
This helps organizations maintain controlled administration and testing environments.
Organization Administrators
Administrators are responsible for managing the organization’s Vyvern environment.
Administrative capabilities may include:
Reviewing and approving workflows
Managing employees and teams
Configuring organization settings
Managing branding and AI settings
Configuring Autopilot behavior
Reviewing analytics and workflow results
Managing compliance and workflow restrictions
Administrators are the primary users responsible for deployment and oversight.
Workflow Approval Rights
Depending on organization settings, administrators may:
Approve or reject workflows
Pause workflows
Configure Autopilot approval thresholds
Require compliance review before execution
Restrict certain workflow categories
This allows organizations to maintain oversight over workflow execution and automation.
Employee Interaction Model
Employees generally interact with Vyvern indirectly through:
Simulated phishing campaigns
Social engineering workflows
Awareness training
Persona-based interactions
Follow-up education after testing
Employees are not expected to manage workflows or configure platform settings directly.
Team Management Permissions
Administrators can:
Create and manage teams
Assign employees to departments or groups
Organize workflow targeting structures
Segment awareness testing across teams
This helps organizations build more targeted and realistic workflow deployments.
Why is access restricted?
Limiting platform access helps:
Reduce accidental workflow modification
Maintain workflow confidentiality
Preserve realistic testing conditions
Ensure administrative oversight
Improve organizational safety and compliance control
This structure also helps maintain separation between testing operations and employee awareness activities.
MSP and Multi-Organization Management
For MSP deployments, permissions may also control:
Organization switching
Multi-client management
MSP employee access
Cross-organization workflow oversight
This allows MSPs to safely manage multiple organizations from a centralized environment.
