While AssetView continues to bring value to our organization, we have some general concerns about access controls. Primarily, users with "Reader" access to Vulnerability Management have the ability to modify and\or delete widgets and dashboards. As much as we would like to promote the use of AssetView, we do not present it as an option and hope that our more curious users don't discover it on their own.
We have explored the Administration module to see if it is possible to create a more restrictive role, but the options do not appear to address dashboards and widgets.
Are we missing something?
Any advice or success stories would be greatly appreciated.