Understanding Access Permissions in Digital Asset Management (DAM)

Digital asset management software is very complex and requires a large number of features and capabilities. These include advanced search, workflow, custom data layouts, custom fields, advanced reporting, activity logging, and many others. Most of these become important once using a DAM system. But interestingly, the largest reason clients have initially moved to DBGallery is to control access permissions. Unlike Box, Google Photos, or simple folders, DBGallery helps clients, like Susan and her team in sales, see only published and approved images, while Max and the creative team can upload and tag images across all folders. A wide open system where anyone can do anything with an important digital asset collection isn't acceptable. Appropriate user access management is critical. This allows opening the system to the right individiuals while reducing the risk that the wrong people delete or upload inappropriately.

Simple Scenario

The following hierarchy diagram demonstrates a really simple move into setting permissions.



Administrators have full access, of course. Contributors, such as photographers, video producers, or folks from the creative team, should be able to upload files and tag them with data, as well as delete them when necessary. Image consumers, those working on marketing or some other campaign/project, need only to be able to search, download, and possibly share images with their clients or colleagues. Finally, those who have had images shared to will only have the view option. This simple approach is often enough as a foundation. With only a few minor changes, it can be adapted to fit any small company’s access permissions requirements.

Complex Scenario

Often a company’s photo assets are sensitive across departments and need to be protected from inappropriate viewing, or perhaps just controlled to prevent accidental deletion of images or their data tags. This is when each department requires special access.  



The diagram above shows a very complex scenario where each team has specific access rights to only the appropriate folders. A Digital Access Management (DAM) system should be able to support fine grained permissions across areas of a large and complex digital asset collection.

Simplify with Roles

A key advantage of DAM systems is permissions. By adding users to specific roles, you can simplify a complex scenario, as in the diagram above. For example, there is an Engineering role that is assigned full access to the Architectural Drawings folders. While this position can’t view anything in the Legal folders, they can still do a simple search and view other shared areas of the collection. As engineering personnel are on-boarded, or leave the company, those users are added and removed from that role. This saves the trouble of setting up those permissions for each new engineer joining the company. In another use case, a large number of users from one of your largest clients is to be provided access to a specific set of folders. The permissions are set up just for them, where the role is set up only once and users are easily added and removed. If that role is no longer needed or if that client is lost, simply delete that role and all access is removed in one action. DBGallery is here to support your requirements, regardless of the complexity and scenario.


There are many reasons to move to a Digital Asset Management system from a simple file system or a product like Google Photos, Amazon Photos, and Piwigo. But the driving forces behind the switch are often access permissions and image security. By simplifying and securing your digital assets, DBGallery is here to solve problems so you don’t have to.  

"The deeper you get into it [DBGallery], and the broader your needs become, you discover that it can handle nearly everything you need it to do and more." - Bruce Nuffer, The Foundry Publishing

Related posts: