Client Vault Management
As a user who has some degree of administration rights for Safe4, you have the ability to create and manage client vaults for your organisation. In the context of the design of Safe4, a client is an organisation for which the provider carries out services. It does not therefore need to be a client in the strict commercial sense, but could be any organisational structure for whom services are being provided, including a department of your own organisation if appropriate.
After selecting the provider account you wish to enter, or if you have access to a single provider account, you will be presented with the provider home screen:
This screen indicates that Alpha and Omega has created 6 client vaults: Anderson Brothers, Internal Training Projects, International Distribution Services Limited, Magnetic Resonance Services Limited, Restructuring Project, and Risk Management Associates. This manual will concentrate on the management of the Anderson Brothers vault.
In order to select a client vault, click on the appropriate name in the list:
The list of vaults above shows that the Anderson Brothers vault is Permanent, and the padlock icon shows that this vault is 2-Factor Authentication protected. This means that only users who have registered the number for a mobile device on which they can receive authentication codes by text message in their own account settings will be able to enter this vault. Risk Management Services is Temporary, and will expire after the indicated number of days. The other columns above show the number of users in the vault (active / pending), the amount of data that the vault contains, and the number of files in the vault.
Vaults that have been designated as temporary and have expired after the number of days shown will remain visible and accessible to provider users, but will be unavailable to vault users.
The Actions column gives access to a number of functions that relate to the management of vaults, and is dealt with in detail below.
The screen also shows an option to display clients that are Active or Inactive. The drop-down menu allows this selection to be made; the Search Client button will list vaults of the chosen category. Inactive vaults will not be accessible by vault users. They can be made active again by altering the appropriate setting, as described below, in which case vault users will again be able to gain access.
For provider accounts that contain a large number of client vaults, a Search facility is provided. Clicking on the Contains drop-down list will offer a number of Boolean search operators; the appropriate search string can be entered into the box shown.
A rapid alpha-search option is available. Clicking on the character in the alpha list will perform a search for clients whose name begins with the chosen character.
The Actions Box
This offers 6 different options, depending on the permission settings that have been given for the system:
Action Box Edit Details: This will open the client vault details screen:
As shown, this screen is organised into 3 tabs:
- Basic Details
- Address
- Security
Basic Details: the minimum information required to set up and manage a client vault is the name, which is the only mandatory field. This screen also allows the vault to be designated as Active or Inactive. Inactive vaults will not be shown by default in the provider home screen, but can be viewed by selecting the Active / Inactive option from the drop-down list on the provider home screen.
Address: It is not mandatory to enter address details for a client vault. In situations where the vault is being used to represent an internal project, for example, address information of this type is not required. For external clients, the information may be necessary:
Security: A number of options relating to access and content control are available:
2-Factor Authentication Required (2FA): If this option is enabled, all users who enter the vault will have to register a mobile phone number, to which a one-time code will be sent by text message when they login or access their My Account settings. This option should be selected when heightened security is appropriate. Once the user has logged into Safe4 and enabled 2FA they will be permitted to access any 2FA-controlled vaults without re-entering their authentication code. Each authentication code will have a life of 24 hours.
Permanent: Selection of this option will mean that the client vault does not expire. Choosing Expires After will mean that client user access will expire on a given date. The specific date may be entered in the box below this option; if no specific date is chosen, the expiry date will be set at the current date plus the number of days specified in the provider Security setup tab. If Expires After is selected, the required expiry date can be entered:
When the chosen expiry date is reached, client users will no longer be able to gain access to the vault since it will disappear from their list of available vaults. Provider users will still be able to see the vault, and use it as normal. Non-permanent vaults may be reset as Permanent if required, in which case client users will have their access restored. Access will also be restored if the expiry date is changed to a future date, as opposed to an elapsed date.
Extension Whitelist: A “Whitelist” is an optional list of file extensions that are allowed to be uploaded. If the vault is intended only for the management of presentations, for example, the whitelist field can contain the extensions .PPT and .PPTX. Files with any other extension will be rejected. This option can be specified at provider level, as described in the Provider Management section of the guide, or at individual client vault level. If this field is left blank, files of any type can be uploaded to Safe4.
Extension Blacklist: This is essentially the opposite of the Whitelist. Any files with extensions listed here will be rejected on upload. This setting is also optional.
Actions Box Users: This is dealt with in the section describing how vault users may be managed.
Actions Box File Index: Safe4 allows a summary of all of the files and folders within a vault to be displayed, and opened in MS Excel if required. It shows when each stored file was uploaded to the vault, by whom, and the date it was last accessed, and by whom:
Actions Box Copy: This function allows a copy of the chosen client vault to be created:
Copying a client vault is a rapid and efficient way of adding new vaults, and at the same time applying a standardised folder and access control structure to the new vault. Once a preferred structure has been established, a template vault can be set up to allow replication to be achieved very quickly. This function is very similar to the addition of new client vaults, described below.
As with the provider and client vault setup screens, the copy function is organised into tabs, shown above:
Details: The basic information required to describe the client vault.
Address: This section records the address details of the client vault.
Security: A number of security-related settings are available for client vaults, as shown below:
The 2FA? and Permanent? settings are applied in the same way as described above. The option to copy the folder structure and folder permissions allow the new vault to inherit the same structure as the original vault. Whilst folders and their permission settings will be copied, the files contained in them will not.
Users: Users of the newly copied vault can be invited as part of the copying process. The email addresses of the users to be invited may be entered into the box below, with a message if appropriate:
If required, users of the original vault can be copied, with their permission groups being retained, and will be able to access the new client vault through their existing login.
Action Box Archive: When it is no longer necessary to maintain a client vault within the Safe4 system, or if an external client requests the information contained within the vault to be made available to them outside Safe4, the archive option may be utilised:
The Archive facility will generate a ZIP file containing all of the folders and files that exist inside the vault, and create an exact replica of Windows folders and files within the ZIP file. This will be placed in the Downloads folder of the computer from which the instruction is given, or alternatively in another location of the user’s choice.
Before starting this process, it is wise to ensure that the folders in Safe4 only contain files that are appropriate for the recipient in question, and that none of the Safe4 access restrictions are being breached. It is also important to be aware that the zip file created for download may be very large, and consequently the process may take some time.
Action Box Delete: In the event that a vault needs to be deleted, the Actions Box menu can be used to achieve this. Please note that this will result in permanent removal of the vault and all of its contents from the system. This data will not be recoverable. Please refer to the page in the GDPR extensions section of the guide for further information on this function.
Creating a New Client Vault
To add a new client vault for the provider organisation, select the Create Vault button on the Manage Vaults screen as follows:
The Create Vault screen will be displayed:
The Details, Address, Security and Users information is entered in the same way as described for the Copy Client Vault function above. The newly-created client vault will appear in the list displayed in the Manage Vaults window on the provider home screen.
