guides / G-07 · updated Jul 5, 2026

Roles, permissions & security

Access control in PMOlikePRO is not a set of hidden buttons — it is enforced where the data lives, at the database layer, for every read and every write.

The four roles

Role Sees Changes
Admin Everything Everything, including settings & security
Manager Everything operational & financial Projects, tasks, schedules, budgets
Member Only their assigned projects Their tasks, their hours
Viewer Only what they are given, read-only Nothing

Two consequences of the member model are worth spelling out:

  • Privacy — a member cannot browse other teams’ projects, other people’s workloads, or anyone’s rates. Not “the menu is hidden” — the data is never delivered to their session.
  • Scale — because each account loads only its own slice of the organization, the app stays fast as the organization grows.

Enforceable two-factor authentication

Any account can enroll in TOTP two-factor authentication (authenticator apps). Admins can go further and require MFA for the whole organization — accounts without a second factor are held at the door until they enroll. Security policy stops being a memo and becomes a property of the system.

The audit trail

Actions that matter — sign-ins, permission changes, destructive operations — are recorded in an audit log, so “who did that, and when?” has an answer. Business-tier organizations can export audit history for compliance workflows.

The quiet layers

Underneath, the platform runs the defenses you would expect of infrastructure: strict tenant isolation between organizations, rate-limited APIs, bot-challenged sign-in, and encrypted transport everywhere. The security page documents the full posture.

Where to go next

Back to the guide index — or request a demo and see the access model live with your own scenarios.