diff --git a/core/users/app_defaults.php b/core/users/app_defaults.php
index 629404a4ed..df93a7006d 100644
--- a/core/users/app_defaults.php
+++ b/core/users/app_defaults.php
@@ -36,18 +36,23 @@
 			$x = 0;
 			$tmp[$x]['group_name'] = 'superadmin';
 			$tmp[$x]['group_description'] = 'Super Administrator Group';
+			$tmp[$x]['group_protected'] = 'false';
 			$x++;
 			$tmp[$x]['group_name'] = 'admin';
 			$tmp[$x]['group_description'] = 'Administrator Group';
+			$tmp[$x]['group_protected'] = 'false';
 			$x++;
 			$tmp[$x]['group_name'] = 'user';
 			$tmp[$x]['group_description'] = 'User Group';
+			$tmp[$x]['group_protected'] = 'false';
 			$x++;
 			$tmp[$x]['group_name'] = 'public';
 			$tmp[$x]['group_description'] = 'Public Group';
+			$tmp[$x]['group_protected'] = 'false';
 			$x++;
 			$tmp[$x]['group_name'] = 'agent';
 			$tmp[$x]['group_description'] = 'Call Center Agent Group';
+			$tmp[$x]['group_protected'] = 'false';
 			foreach($tmp as $row) {
 				if (strlen($row['group_name']) > 0) {
 					$sql = "insert into v_groups ";
@@ -55,14 +60,16 @@
 					$sql .= "domain_uuid, ";
 					$sql .= "group_uuid, ";
 					$sql .= "group_name, ";
-					$sql .= "group_description ";
+					$sql .= "group_description, ";
+					$sql .= "group_protected ";
 					$sql .= ")";
 					$sql .= "values ";
 					$sql .= "(";
 					$sql .= "'$domain_uuid', ";
 					$sql .= "'".uuid()."', ";
 					$sql .= "'".$row['group_name']."', ";
-					$sql .= "'".$row['group_description']."' ";
+					$sql .= "'".$row['group_description']."', ";
+					$sql .= "'".$row['group_protected']."' ";
 					$sql .= ")";
 					$db->exec(check_sql($sql));
 					unset($sql);
diff --git a/core/users/resources/classes/permission.php b/core/users/resources/classes/permission.php
index ac12f291ca..f10df4b837 100644
--- a/core/users/resources/classes/permission.php
+++ b/core/users/resources/classes/permission.php
@@ -43,42 +43,62 @@
 				//restore default permissions
 					foreach($apps as $row) {
 						foreach ($row['permissions'] as $permission) {
+
 							//set the variables
 							if ($permission['groups']) {
 								foreach ($permission['groups'] as $group) {
-									//if the item uuid is not currently in the db then add it
-									$sql = "select * from v_group_permissions ";
-									$sql .= "where permission_name = '".$permission['name']."' ";
-									$sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' ";
-									$sql .= "and group_name = '$group' ";
+
+									//check group protection
+									$sql = "select * from v_groups where group_name = '".$group."' and group_protected = 'true'";
 									$prep_statement = $db->prepare(check_sql($sql));
 									if ($prep_statement) {
 										$prep_statement->execute();
 										$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
 										unset ($prep_statement);
 										if (count($result) == 0) {
-											//insert the default permissions into the database
-											$sql = "insert into v_group_permissions ";
-											$sql .= "(";
-											$sql .= "group_permission_uuid, ";
-											$sql .= "domain_uuid, ";
-											$sql .= "permission_name, ";
-											$sql .= "group_name ";
-											$sql .= ") ";
-											$sql .= "values ";
-											$sql .= "(";
-											$sql .= "'".uuid()."', ";
-											$sql .= "'".$_SESSION["domain_uuid"]."', ";
-											$sql .= "'".$permission['name']."', ";
-											$sql .= "'".$group."' ";
-											$sql .= ");";
-											$db->exec(check_sql($sql));
-											unset($sql);
-										}
-									}
-								}
-							}
-						}
-					}
-			}
-	}
\ No newline at end of file
+
+											//if the item uuid is not currently in the db then add it
+											$sql = "select * from v_group_permissions ";
+											$sql .= "where permission_name = '".$permission['name']."' ";
+											$sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' ";
+											$sql .= "and group_name = '$group' ";
+											$prep_statement = $db->prepare(check_sql($sql));
+											if ($prep_statement) {
+												$prep_statement->execute();
+												$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
+												unset ($prep_statement);
+												if (count($result) == 0) {
+
+													//insert the default permissions into the database
+													$sql = "insert into v_group_permissions ";
+													$sql .= "(";
+													$sql .= "group_permission_uuid, ";
+													$sql .= "domain_uuid, ";
+													$sql .= "permission_name, ";
+													$sql .= "group_name ";
+													$sql .= ") ";
+													$sql .= "values ";
+													$sql .= "(";
+													$sql .= "'".uuid()."', ";
+													$sql .= "'".$_SESSION["domain_uuid"]."', ";
+													$sql .= "'".$permission['name']."', ";
+													$sql .= "'".$group."' ";
+													$sql .= ");";
+													$db->exec(check_sql($sql));
+													unset($sql);
+
+												} // if
+											} // if
+
+										} // if
+									} // if
+
+								} // foreach
+							} // if
+
+						} // foreach
+					} // foreach
+
+			} // function
+
+	} // class
\ No newline at end of file