I would recommend creating a user that only has read-only permissions to all the files you want to scan.
This is not because DROID does anything other than read the files - it is engineered to only read the files it scans. This is because it is common that there is no single user which *can* read all the files across a large shared drive, other than Administrator, and I don't recommend running any software as Admin.
It also protects you if some unforeseen bug in DROID deletes or changes a file. I should stress that this is not part of DROID's design, and no such bug has ever been found, but still, it's good to be safe when managing your information.
DROID itself requires write access to a temporary folder, as it processes those files, but it does not need write access to the files it scans.
Note: I don't work for the National Archives any more, but I did technically manage the DROID 5 and 6 projects.
Regards,
Matt