diff --git a/CHANGELOG.md b/CHANGELOG.md
index 76f84faa..e948172c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 20190508
+- **Add tsec / install user to tpot group**
+  - For users being able to easily download logs from the /data folder the installer now adds the `tpot` or the logged in user (`who am i`) via `usermod -a -G tpot <user>` to the tpot group. Also /data permissions will now be enforced to `770`, which is necessary for directory listings.
+
 ## 20190502
 - **Fix KVPs**
   - Some KVPs for Cowrie changed and the tagcloud was not showing any values in the Cowrie dashboard.
diff --git a/bin/clean.sh b/bin/clean.sh
index 3b7e8c42..85f0fe5a 100755
--- a/bin/clean.sh
+++ b/bin/clean.sh
@@ -37,7 +37,7 @@ fuLOGROTATE () {
   local myTANNERFTGZ="/data/tanner/files.tgz"
 
 # Ensure correct permissions and ownerships for logrotate to run without issues
-chmod 760 /data/ -R
+chmod 770 /data/ -R
 chown tpot:tpot /data -R
 chmod 644 /data/nginx/conf -R
 chmod 644 /data/nginx/cert -R
@@ -56,7 +56,7 @@ if [ "$(fuEMPTY $myHONEYTRAPDL)" != "0" ]; then tar cvfz $myHONEYTRAPDLTGZ $myHO
 if [ "$(fuEMPTY $myTANNERF)" != "0" ]; then tar cvfz $myTANNERFTGZ $myTANNERF; fi
 
 # Ensure correct permissions and ownership for previously created archives
-chmod 760 $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
+chmod 770 $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
 chown tpot:tpot $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
 
 # Need to remove subfolders since too many files cause rm to exit with errors
@@ -64,7 +64,7 @@ rm -rf $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $my
 
 # Recreate subfolders with correct permissions and ownership
 mkdir -p $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
-chmod 760 $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
+chmod 770 $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
 chown tpot:tpot $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
 
 # Run logrotate again to account for previously created archives - DO NOT FORCE HERE!
@@ -75,7 +75,7 @@ logrotate -s $mySTATUS $myCONF
 fuADBHONEY () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/adbhoney/*; fi
   mkdir -p /data/adbhoney/log/ /data/adbhoney/downloads/
-  chmod 760 /data/adbhoney/ -R
+  chmod 770 /data/adbhoney/ -R
   chown tpot:tpot /data/adbhoney/ -R
 }
 
@@ -83,7 +83,7 @@ fuADBHONEY () {
 fuCISCOASA () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/ciscoasa/*; fi
   mkdir -p /data/ciscoasa/log
-  chmod 760 /data/ciscoasa -R
+  chmod 770 /data/ciscoasa -R
   chown tpot:tpot /data/ciscoasa -R
 }
 
@@ -91,7 +91,7 @@ fuCISCOASA () {
 fuCONPOT () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot/*; fi
   mkdir -p /data/conpot/log
-  chmod 760 /data/conpot -R
+  chmod 770 /data/conpot -R
   chown tpot:tpot /data/conpot -R
 }
 
@@ -99,7 +99,7 @@ fuCONPOT () {
 fuCOWRIE () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/cowrie/*; fi
   mkdir -p /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/
-  chmod 760 /data/cowrie -R
+  chmod 770 /data/cowrie -R
   chown tpot:tpot /data/cowrie -R
 }
 
@@ -107,7 +107,7 @@ fuCOWRIE () {
 fuDIONAEA () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/dionaea/*; fi
   mkdir -p /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/roots/ftp /data/dionaea/roots/tftp /data/dionaea/roots/www /data/dionaea/roots/upnp
-  chmod 760 /data/dionaea -R
+  chmod 770 /data/dionaea -R
   chown tpot:tpot /data/dionaea -R
 }
 
@@ -115,7 +115,7 @@ fuDIONAEA () {
 fuELASTICPOT () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/elasticpot/*; fi
   mkdir -p /data/elasticpot/log
-  chmod 760 /data/elasticpot -R
+  chmod 770 /data/elasticpot -R
   chown tpot:tpot /data/elasticpot -R
 }
 
@@ -125,7 +125,7 @@ fuELK () {
   # ELK daemon log files will be removed
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/elk/log/*; fi
   mkdir -p /data/elk
-  chmod 760 /data/elk -R
+  chmod 770 /data/elk -R
   chown tpot:tpot /data/elk -R
 }
 
@@ -133,7 +133,7 @@ fuELK () {
 fuGLASTOPF () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/glastopf/*; fi
   mkdir -p /data/glastopf/db /data/glastopf/log
-  chmod 760 /data/glastopf -R
+  chmod 770 /data/glastopf -R
   chown tpot:tpot /data/glastopf -R
 }
 
@@ -141,7 +141,7 @@ fuGLASTOPF () {
 fuGLUTTON () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/glutton/*; fi
   mkdir -p /data/glutton/log
-  chmod 760 /data/glutton -R
+  chmod 770 /data/glutton -R
   chown tpot:tpot /data/glutton -R
 }
 
@@ -149,7 +149,7 @@ fuGLUTTON () {
 fuHERALDING () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/heralding/*; fi
   mkdir -p /data/heralding/log
-  chmod 760 /data/heralding -R
+  chmod 770 /data/heralding -R
   chown tpot:tpot /data/heralding -R
 }
 
@@ -157,7 +157,7 @@ fuHERALDING () {
 fuHONEYPY () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeypy/*; fi
   mkdir -p /data/honeypy/log
-  chmod 760 /data/honeypy -R
+  chmod 770 /data/honeypy -R
   chown tpot:tpot /data/honeypy -R
 }
 
@@ -165,7 +165,7 @@ fuHONEYPY () {
 fuHONEYTRAP () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeytrap/*; fi
   mkdir -p /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/
-  chmod 760 /data/honeytrap/ -R
+  chmod 770 /data/honeytrap/ -R
   chown tpot:tpot /data/honeytrap/ -R
 }
 
@@ -173,7 +173,7 @@ fuHONEYTRAP () {
 fuMAILONEY () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/mailoney/*; fi
   mkdir -p /data/mailoney/log/
-  chmod 760 /data/mailoney/ -R
+  chmod 770 /data/mailoney/ -R
   chown tpot:tpot /data/mailoney/ -R
 }
 
@@ -181,7 +181,7 @@ fuMAILONEY () {
 fuMEDPOT () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/medpot/*; fi
   mkdir -p /data/medpot/log/
-  chmod 760 /data/medpot/ -R
+  chmod 770 /data/medpot/ -R
   chown tpot:tpot /data/medpot/ -R
 }
 
@@ -197,7 +197,7 @@ fuNGINX () {
 fuRDPY () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/rdpy/*; fi
   mkdir -p /data/rdpy/log/
-  chmod 760 /data/rdpy/ -R
+  chmod 770 /data/rdpy/ -R
   chown tpot:tpot /data/rdpy/ -R
 }
 
@@ -205,7 +205,7 @@ fuRDPY () {
 fuSPIDERFOOT () {
   mkdir -p /data/spiderfoot
   touch /data/spiderfoot/spiderfoot.db
-  chmod 760 -R /data/spiderfoot
+  chmod 770 -R /data/spiderfoot
   chown tpot:tpot -R /data/spiderfoot
 }
 
@@ -213,7 +213,7 @@ fuSPIDERFOOT () {
 fuSURICATA () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/suricata/*; fi
   mkdir -p /data/suricata/log
-  chmod 760 -R /data/suricata
+  chmod 770 -R /data/suricata
   chown tpot:tpot -R /data/suricata
 }
 
@@ -221,7 +221,7 @@ fuSURICATA () {
 fuP0F () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/p0f/*; fi
   mkdir -p /data/p0f/log
-  chmod 760 -R /data/p0f
+  chmod 770 -R /data/p0f
   chown tpot:tpot -R /data/p0f
 }
 
@@ -229,7 +229,7 @@ fuP0F () {
 fuTANNER () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/tanner/*; fi
   mkdir -p /data/tanner/log /data/tanner/files
-  chmod 760 -R /data/tanner
+  chmod 770 -R /data/tanner
   chown tpot:tpot -R /data/tanner
 }
 
diff --git a/bin/updateip.sh b/bin/updateip.sh
index 87e454f3..050dccfa 100755
--- a/bin/updateip.sh
+++ b/bin/updateip.sh
@@ -31,4 +31,4 @@ MY_INTIP=$myLOCALIP
 MY_HOSTNAME=$HOSTNAME
 EOF
 chown tpot:tpot /data/ews/conf/ews.ip
-chmod 760 /data/ews/conf/ews.ip
+chmod 770 /data/ews/conf/ews.ip
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index f291a6dd..71ab322a 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -427,7 +427,7 @@ output {
 
   #if [type] == "Suricata" {
   #    file {
-  #      file_mode => 0760
+  #      file_mode => 0770
   #      path => "/data/suricata/log/suricata_ews.log"
   #    }
   #}
diff --git a/iso/installer/install.sh b/iso/installer/install.sh
index f6368996..dd501036 100755
--- a/iso/installer/install.sh
+++ b/iso/installer/install.sh
@@ -792,7 +792,13 @@ systemctl enable tpot
 
 # Let's take care of some files and permissions
 fuBANNER "Permissions"
-chmod 760 -R /data
+chmod 770 -R /data
+if [ "$myTPOT_DEPLOYMENT_TYPE" == "iso" ];
+  then
+    usermod -a -G tpot tsec
+  else
+    usermod -a -G tpot $(who am i | awk '{ print $1 }')
+fi
 chown tpot:tpot -R /data
 chown tsec:tsec -R /home/tsec/.ssh
 chmod 644 -R /data/nginx/conf
diff --git a/update.sh b/update.sh
index e5d68cb7..627e56bc 100755
--- a/update.sh
+++ b/update.sh
@@ -235,7 +235,7 @@ mkdir -p /data/adbhoney/downloads /data/adbhoney/log \
          /data/p0f/log
 
 ### Let's take care of some files and permissions
-chmod 760 -R /data
+chmod 770 -R /data
 chown tpot:tpot -R /data
 chmod 644 -R /data/nginx/conf
 chmod 644 -R /data/nginx/cert