Balanced pattern (features / acces / security) for a jr sysadmin

Hello, I am trying to to integrate our new junior sysadmin into Simplehelp tool and I hesitate to hive him all access and full power permissions first moths / weeks. Any suggestions on a good balance between features, access and and security? Experienced Simplehelp people, what are your patterns for entry level admins and technicians.

It really depends on their responsibilities.

Never make them an admin.
Heck I never make anyone an admin. Not even myself. I keep that user seperate.
Always use 2fa. That way if they access something they shouldnt, they cant blame it on someone else.

Create a group with limited access.
And then determine what they need.
Do they need present?
Do they need Remote access machines?
Do they need access to all machines? ( usually no. use tags or groups to limit them to a subset of machines )
Do they need only remote support?
Do they only need remote support for certain clients that join the que?

Everyone’s needs are different, but simplehelp is super flexible in giving them access to only what they need.

I second what Darrell said. Way too often, security problems arise from people giving access to people that don’t need it. Customers regularly complain (we just had this last week) that locking people out causes problems, but they are significantly easier to deal with than a compromised system that a new person unknowingly opened up. So, use tags, identify access machines they don’t need access to, etc…