User governance

From shared passwords to governed access

In many lighting systems, access still relies on a single shared password and a laptop that “everyone uses”. There is no visibility of who changed what, and removing access when staff or contractors leave is difficult.

zencontrol replaces this with individual user accounts and a permissions model that reflects how real buildings are run. Each user signs in with their own account; access is granted to specific sites, tenancies and control systems, and every change is linked to an identifiable person.

The result is a lighting platform that aligns with IT and security policies, supports compliance, and gives building owners confidence that only the right people can see or change their systems.

Designed around real roles

  • Building owners and asset managers: define who owns each site and how access is delegated.
  • Facility managers: manage day-to-day access, permissions and feature visibility across sites.
  • Tenants: see and control only the spaces they lease – not the whole building.
  • Integrators and contractors: receive scoped access for commissioning, maintenance and projects.
  • Home and commercial end users: control only the fittings and areas intended for them.
building control
zencontrol cloud and accounts vector

User accounts

Individual accounts – never shared logins

Every person who uses the zencontrol cloud or apps has their own user account. Accounts are not shared between people. This allows zencontrol to verify identity, apply the correct permissions, and maintain an audit trail of all user actions across your portfolio.

A user account enables zencontrol to:

  • Authenticate each user before they can access a site or control system.
  • Apply permissions granted by site or tenancy owners, so users see only the areas and features they need.
  • Record a traceable history of changes and actions for security and compliance reviews.
  • Link configuration changes, test results and commissioning actions to a known user.
  • Manage licences and access to cloud apps, mobile apps and APIs consistently.

Without an active, authorised user account, access to zencontrol software, apps and connected sites cannot be granted, helping to protect both data and configuration.

Account types

Account types tuned to different use cases

zencontrol supports different user account types so that integrators, facility managers and end users can each work with the tools they need and nothing more.

zencontrol comparison table

Account type defines what tools and applications a user can access. Site and tenancy permissions then define which buildings, tenancies and control systems they can actually control.

Roles & permissions

Control which users can see and change what

Site owners
Site owners have full administrative access to a site. They can view and modify all settings, access every page in the cloud UI and use all zencontrol mobile applications associated with that site. Because this is unrestricted access, it should be granted only to a small number of trusted users.

Site members
Site members are users who need access to a site but do not require full owner privileges. When adding a site member, you can:

  • Select a permission level such as view only, lighting control, modify and control, or limited access.
  • Configure feature visibility, controlling which pages and tools appear in the UI.
  • Grant explicit access to specific control systems, device locations or other scoped objects.

Permissions and feature visibility can be adjusted at any time, so access can evolve as the user’s role changes.

Tenancy owners and members
Tenancy owners and members are managed via a dedicated tenancy management interface. Tenancy owners have full access to their tenancy, while tenancy members have configurable permissions and feature visibilities for the areas they occupy.

This lets a building manager keep control over the complete site while each tenant manages their own lighting and emergency systems within their leased spaces.

types of users illustration
access patterns illustration

Typical access patterns

National facilities team: integrator or manager accounts with owner or high-level access to key sites and read access across the portfolio.
On-site facility manager: manager account as a site owner, with the ability to manage tenancy members and external contractors.

Tenant facilities manager: tenancy owner with full access to their tenancy but no access to base-build areas or other tenants.

Maintenance contractor: integrator or manager account with modify and control access to a specific site or control system for the duration of a contract.

End users: personal accounts with limited control (for example, a meeting room or open plan area) and no access to configuration or other tenants’ spaces.

Feature visibility

Show each user only the tools they need

Feature visibility controls which pages and tools a user can see in the zencontrol cloud and, in some cases, which features are available in the mobile apps. Each visibility flag maps to a sidebar tab or capability, such as grid view, plan view, plan-view commissioning, emergency reports or tenancy management.

This means you can:

  • Give a tenant access to plan view and issues, but hide power dashboards and site settings.
  • Allow a contractor to use grid view for configuration without exposing tenancy management.
  • Restrict a user to emergency reports only, for audit and compliance roles.
  • At the same time, user permissions define what changes a user can make.

Common presets include:

  • View access – read-only access to the selected scope.
  • Lighting control access – control lighting while hiding user access settings.
  • Limited tenancy access – the minimum useful permissions for working within a tenancy.
  • Modify and control access – broad write access for trusted commissioning agents.
  • View and modify access – manage other users’ permissions at a given level.

Together, feature visibility and permissions allow you to implement a “least privilege” model where each user can only see and change what they genuinely need.

feature visibility tool checkboxes

Tenancies

Map access to how your building is leased

Tenancies provide a way to divide a building into physical spaces that can be sub-leased and controlled independently – for example, floors, suites, departments or shared areas such as base build and common spaces.

A tenancy allows you to:

  • Limit who can view, change or interact with devices in that tenancy.
  • Filter devices, faults, tests and dashboards to the tenancy’s assets.
  • Generate reports – including emergency reports – specifically for that tenancy.
  • View only that tenancy in plan view for clearer day-to-day operation.

Tenancies are configured and managed through a grid-style tenancy management page. Owners or authorised site members can create new tenancies, add or remove users, and update their feature visibility from a single interface.

In multi-tenant buildings, this means each customer can have their own controlled environment while the building manager still has full visibility and control over the entire site.

an illustration of a building with different tenancies highlighted
illustration of zencontrol onboarding process

Ownership & onboarding

Clear site ownership and controlled onboarding

Every site in zencontrol has an owner, typically the integrator, installer, site manager or physical building owner. If a control system has already been claimed, new users must obtain access from the current site owner, ensuring that ownership and access changes are deliberate and recorded.

When ownership needs to change – for example, after a building sale or contract change – zencontrol provides a structured process that can include mediated contact with the current owner and, where necessary, an ownership dispute workflow. This protects both the outgoing and incoming parties and ensures that control systems cannot be taken over without proper authorisation.

Combined with the device-level chain-of-proof mechanisms used when adding controllers to a site, this gives a strong assurance that only authorised stakeholders can claim or re-provision equipment.

Benefits

Why user access control matters

shield icon

Stronger security posture
Replace shared passwords and unmanaged PCs with individual accounts, MFA and auditable roles that align with your organisation’s security policies.

eye icon

Operational clarity
Know exactly who can see and change each site, tenancy and device. Remove access in seconds when staff or contractors leave, and avoid surprise changes.

compliance icon

Compliance and traceability
Support safety, ESG and governance requirements with a complete trail of user actions and access changes – particularly when combined with zencontrol’s emergency testing and reporting.

building icon

Aligned with real buildings
Model the structure of your portfolio with sites, floors and tenancies, then apply permissions that match leases, departments and operational responsibilities.

scalable icon

Scalable across portfolios
Use the same access model for a single small tenancy or a global portfolio with thousands of controllers, ensuring consistent governance at every scale.

user icon

Better user experience
Give each user only the tools and pages they need to do their job. Reduce training time and prevent errors by hiding complexity from users who do not need it.

Are you ready to be part of our revolution?

Find a local supplier