diff --git a/client/views/account/accountFlex.coffee b/client/views/account/accountFlex.coffee
index 99875905bb4..1e04bc7ce91 100644
--- a/client/views/account/accountFlex.coffee
+++ b/client/views/account/accountFlex.coffee
@@ -13,3 +13,9 @@ Template.accountFlex.events
 
 	'click .account-link': ->
 		menu.close()
+
+Template.accountFlex.helpers
+	allowUserProfileChange: ->
+		return RocketChat.settings.get("Accounts_AllowUserProfileChange")
+	allowUserAvatarChange: ->
+		return RocketChat.settings.get("Accounts_AllowUserAvatarChange")
\ No newline at end of file
diff --git a/client/views/account/accountFlex.html b/client/views/account/accountFlex.html
index 86777dafe91..8a41d5b26e2 100644
--- a/client/views/account/accountFlex.html
+++ b/client/views/account/accountFlex.html
@@ -9,10 +9,15 @@
 			<ul>
 				<li>
 					<a href="{{pathFor 'account' group='preferences'}}" class="account-link">{{_ "Preferences"}}</a>
-					<a href="{{pathFor 'account' group='profile'}}" class="account-link">{{_ "Profile"}}</a>
+					{{#if allowUserProfileChange}}
+						<a href="{{pathFor 'account' group='profile'}}" class="account-link">{{_ "Profile"}}</a>
+					{{/if}}
 					{{!-- <a href="{{pathFor 'account' group='account'}}" class="account-link">{{_ "Account_Settings"}}</a> --}}
 					{{!-- <a href="{{pathFor 'account' group='notification'}}" class="account-link">{{_ "Notification"}}</a> --}}
-					<a href="{{pathFor 'changeAvatar'}}" class="account-link">{{_ "Change_avatar"}}</a> {{!-- move this to profile --}}
+					{{#if allowUserProfileChange}}
+						<a href="{{pathFor 'changeAvatar'}}" class="account-link">{{_ "Change_avatar"}}</a>
+					{{/if}}
+					{{!-- move this to profile --}}
 				</li>
 			</ul>
 		</div>
diff --git a/client/views/account/accountProfile.coffee b/client/views/account/accountProfile.coffee
index 03425e6f7eb..2da61911ef9 100644
--- a/client/views/account/accountProfile.coffee
+++ b/client/views/account/accountProfile.coffee
@@ -98,6 +98,8 @@ Template.accountProfile.onCreated ->
 
 Template.accountProfile.onRendered ->
 	Tracker.afterFlush ->
+		# this should throw an error-template
+		window.location.href = "/" if !RocketChat.settings.get("Accounts_AllowUserAvatarChange")
 		SideNav.setFlex "accountFlex"
 		SideNav.openFlex()
 
diff --git a/client/views/account/avatar/prompt.coffee b/client/views/account/avatar/prompt.coffee
index 2d52531560d..270c8cb34d9 100644
--- a/client/views/account/avatar/prompt.coffee
+++ b/client/views/account/avatar/prompt.coffee
@@ -14,6 +14,8 @@ Template.avatarPrompt.onCreated ->
 
 Template.avatarPrompt.onRendered ->
 	Tracker.afterFlush ->
+		# this should throw an error-template
+		# window.location.href = "/" if !RocketChat.settings.get("Accounts_AllowUserProfileChange")
 		SideNav.setFlex "accountFlex"
 		SideNav.openFlex()
 
diff --git a/packages/rocketchat-lib/settings/server/startup.coffee b/packages/rocketchat-lib/settings/server/startup.coffee
index 3a61e1e10a5..bb753133174 100644
--- a/packages/rocketchat-lib/settings/server/startup.coffee
+++ b/packages/rocketchat-lib/settings/server/startup.coffee
@@ -35,6 +35,8 @@ RocketChat.settings.add 'Accounts_OAuth_Twitter', false, { type: 'boolean', grou
 RocketChat.settings.add 'Accounts_OAuth_Twitter_id', '', { type: 'string', group: 'Accounts', section: 'Twitter' }
 RocketChat.settings.add 'Accounts_OAuth_Twitter_secret', '', { type: 'string', group: 'Accounts', section: 'Twitter' }
 
+RocketChat.settings.add 'Accounts_AllowUserProfileChange', false, { type: 'boolean', group: 'Accounts', section: 'General', public: true }
+RocketChat.settings.add 'Accounts_AllowUserAvatarChange', false, { type: 'boolean', group: 'Accounts', section: 'General', public: true }
 RocketChat.settings.add 'Accounts_AllowUsernameChange', true, { type: 'boolean', group: 'Accounts', section: 'General', public: true }
 RocketChat.settings.add 'Accounts_AllowPasswordChange', true, { type: 'boolean', group: 'Accounts', section: 'General', public: true }
 
diff --git a/server/methods/resetAvatar.coffee b/server/methods/resetAvatar.coffee
index 2e30ef85391..0bb66f0d140 100644
--- a/server/methods/resetAvatar.coffee
+++ b/server/methods/resetAvatar.coffee
@@ -3,6 +3,9 @@ Meteor.methods
 		unless Meteor.userId()
 			throw new Meteor.Error(403, "[methods] resetAvatar -> Invalid user")
 
+		unless RocketChat.settings.get("Accounts_AllowUserAvatarChange")
+			throw new Meteor.Error(403, "[methods] resetAvatar -> Invalid access")
+
 		console.log '[methods] resetAvatar -> '.green, 'userId:', Meteor.userId(), 'arguments:', arguments
 
 		user = Meteor.user()
diff --git a/server/methods/saveUserProfile.coffee b/server/methods/saveUserProfile.coffee
index 2103016f1a1..46b39972fba 100644
--- a/server/methods/saveUserProfile.coffee
+++ b/server/methods/saveUserProfile.coffee
@@ -1,5 +1,8 @@
 Meteor.methods
 	saveUserProfile: (settings) ->
+		unless RocketChat.settings.get("Accounts_AllowUserProfileChange")
+			throw new Meteor.Error(403, "[methods] resetAvatar -> Invalid access")
+
 		if Meteor.userId()
 			if settings.language?
 				RocketChat.models.Users.setLanguage Meteor.userId(), settings.language
diff --git a/server/methods/setAvatarFromService.coffee b/server/methods/setAvatarFromService.coffee
index c65162af35f..c27f698a40c 100644
--- a/server/methods/setAvatarFromService.coffee
+++ b/server/methods/setAvatarFromService.coffee
@@ -1,8 +1,11 @@
 Meteor.methods
 	setAvatarFromService: (dataURI, contentType, service) ->
-		if not Meteor.userId()
+		unless Meteor.userId()
 			throw new Meteor.Error('invalid-user', "[methods] setAvatarFromService -> Invalid user")
 
+		unless RocketChat.settings.get("Accounts_AllowUserAvatarChange")
+			throw new Meteor.Error(403, "[methods] resetAvatar -> Invalid access")
+
 		console.log '[methods] setAvatarFromService -> '.green, 'userId:', Meteor.userId(), 'contentType:', contentType, 'service:', service
 
 		user = Meteor.user()