Account, access, and governance

The Account, access, and governance section explains how Kaseya MDR is governed and controlled at an administrative level. The articles in this section focus on structure, access, configuration scope, defaults, overrides, and managed‑service boundaries, not on alert investigation, triage, or response execution.

Use this section when you need to understand how administrative and governance decisions affect platform behavior across organizations, how access and responsibilities are defined, and how configuration choices determine your organization’s interaction with the Kaseya MDR Security Operations Center (SOC).

The articles in this section explain:

How accounts and organizations define configuration and data boundaries
How user access, roles, and permission scope are managed
How global defaults and organization‑level overrides affect behavior
How visibility, noise reduction, and routing controls are governed
How configuration defines managed‑service responsibilities between administrators and the SOC
How data retention, governance limits, and compliance considerations are handled

These topics describe governance and configuration models, not how alerts are generated, investigated, or responded to.

Intended audience

This section is intended for users responsible for administering and governing Kaseya MDR environments, including:

MSP Admins who manage account structure, global settings, and access boundaries
Administrators with responsibility for individual organizations or scoped configuration
Security and operations leads who oversee managed‑service behavior, access control, and compliance alignment

Some articles describe settings that only administrators can modify, while others apply to users managing organization‑level configuration within defined boundaries.

Articles in this section

The articles in this section are organized to reflect a typical administrative and governance flow, from platform structure through managed‑service and compliance‑related controls:

Governance and access control

Managing organizations: Explains how organizations are created and managed, and how they define security, data, and configuration boundaries in Kaseya MDR

User roles and permission boundaries: Describes how access is controlled, including organization visibility, role-based privileges, and delegated administrative capabilities
Setting up automatic user creation: Explains how user accounts are provisioned automatically through KaseyaOne authentication, and what this feature does—and does not—control

Scope, inheritance, and behavior model

Global defaults and organization overrides: Covers how configuration scope works across Kaseya MDR, including inheritance, global defaults, and organization‑specific overrides

Detection and visibility tuning

Application Configurations: Describes how application‑level settings influence telemetry ingestion, detection context, and tuning, without replacing SOC‑managed logic
- Datto Ransomware Detection: Explains how Datto Ransomware Detection is configured in Kaseya MDR to apply automated containment actions—such as device isolation and process termination—after ransomware activity is detected
- Defender Manager: Describes how Microsoft Defender endpoint protection settings are configured and governed in Kaseya MDR, and what those settings affect—and do not affect—within the MDR service

Power Filters and allowlisting logic: Explains how visibility controls are used to reduce noise and focus investigations without stopping ingestion or disabling detection

Delivery, integrations, and automations

Notification, PSA, and external communications: Explains how alerts generated by Kaseya MDR are delivered to external systems and recipients, including PSA ticket creation and email notifications
- Integrating Autotask with Kaseya MDR: Explains how to configure Autotask as a PSA integration so alerts generated in Kaseya MDR are delivered as tickets

Configuring SOC settings: Describes how SOC communication preferences, organization‑specific context, maintenance windows, and authorization boundaries are defined

API access and webhook governance: Explains how Kaseya MDR governs API access and outbound webhook communication through policy acceptance, credential management, and approved destination domains.

Unify configuration and context association: Explains how Unify enriches investigations in Kaseya MDR by correlating user, device, and organization context across integrated platforms.

Operations, agents, billing, and compliance

Network and environment requirements

Allowlist requirements: Summarizes the network, port, and endpoint allowlisting requirements needed for Kaseya MDR agents and services to communicate reliably with the platform
Supported operating systems: Lists the operating systems supported by the Kaseya MDR agent across Windows, Linux, and macOS platforms. This article defines platform compatibility and limitations—such as unsupported architectures and syslog server constraints—to help ensure reliable agent deployment and data collection

Agent deployment and behavior

Deploying agents: Explains how agents are deployed to endpoints, including supported deployment methods, prerequisites, and platform consistency
Deploying the agent via Datto RMM: Explains how to deploy the agent to Windows endpoints using Datto RMM, including component‑based and PowerShell‑based deployment options

Advanced agent settings and organization overrides: Explains how agent behavior is governed through global defaults and organization‑specific overrides, including resource usage limits and logging behavior
Configuring the agent for VDI environments: Explains how to prepare and configure the RocketCyber agent for non‑persistent or image‑based VDI deployments in Kaseya MDR
Tamper protection and agent uninstallation: Describes how Kaseya MDR relies on OS‑level permissions to control agent removal and tampering
Uninstalling the agent: Describes how to safely and intentionally remove the Kaseya MDR agent from supported systems

Billing and data governance

How billing and monitoring apply to accounts: Explains how billing classification and monitoring behavior are represented in Kaseya MDR, including the difference between billable and monitored accounts, how usage appears at the organization and account levels, and how billing classification does not affect detection, investigation, or response behavior. This article helps administrators interpret account‑level context and usage discrepancies for governance, review, and compliance purposes.

Understanding license type selection and product association: Explains how license type selection at the organization level determines which products an organization is associated with and how billing context is applied. This article helps partners understand when and why organizations may appear in multiple products and how to avoid unintended multi‑product billing.

Data retention and governance: Explains how Kaseya MDR retains and manages data from a governance and compliance perspective, including retention periods and searchable data availability

Relationship to the rest of the documentation

The Account, access, and governance section provides the governance layer for all other Kaseya MDR workflows.

Other sections document how alerts are detected, analyzed, and acted upon. This section explains the administrative decisions and configuration boundaries that shape how those workflows behave, even though the operational steps themselves are documented elsewhere.

Configuration and access choices made here directly influence alert visibility, routing, SOC interaction, and managed‑service boundaries throughout the platform.

Intended use cases

Use the Account, access, and governance section:

During initial administrative setup

When reviewing or changing access, roles, or configuration scope
When troubleshooting behavior differences between organizations
When defining or reviewing managed‑service boundaries with the SOC
When preparing for audits, reviews, or compliance discussions
As a reference when coordinating with Support, Product Management, or the SOC

These articles are designed to support informed, deliberate configuration, not rapid operational decision‑making.

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.