When a Tag is set to read only, a Lock icon is displayed next to the Tag in the Tag Browser.
Instead of making a tag Read Only for all users, you can conditionally provide read and write access based on Security Levels. Doing so involves a adjusting the security settings on the tag in question. The checkbox tree you are presented with will show you all of the security levels configured in the Gateway Config > Security > Security Levels page.
Read permissions define the security levels required in order to read values from a Tag. By default, Tags have Read Permissions set to "Public". You can change the Read security using the Tag Browser in the Designer.
Write permissions define the security levels required in order to write values a Tag. By default, Tags have Write Permissions set to "Public". You can change the Write security using the Tag Browser in the Designer.
Select the Security section.
In addition to setting up security on individual Tags, you can set up security policies specific to each Security Zone. This is useful in cases where you wanted to make all tags in a provider read only from network locations. Tag Access is one of the options for a Security Zones page for more details.