Provider Management

As a user who has some degree of administration rights for Safe4, you have the ability to create and manage vaults for internal or external use by your organisation and its clients, partners, associates, suppliers or employees. In the context of the design of Safe4, a client is an organisation for which the provider carries out services. It does not therefore need to be a client in the strict commercial sense, but could be any organisational structure for whom services are being provided, including a department of your own organisation if appropriate. Throughout these guides, the terms Client and Vault are used interchangeably.

The provider account can be accessed by clicking on the provider name on the Safe4 home page. In this example the provider user has access to more than one provider account:

If you have access to more than one provider account, you can select the appropriate account from the options on your home page, as shown above. After selecting the provider account you wish to enter, or if you have access to a single provider account, you will be presented with the provider home screen, which defaults to the Manage Clients / Vaults view:

Note that the screen reflects the branding of Alpha and Omega. This is the provider organisation that has been used in the context of this manual, and will be reflected throughout the document.

From this screen the Safe4 administrator is able to manage the provider settings that control the way in which users interact with the system, and the way in which client vaults are set up and managed. The Edit Details function can be accessed by selecting the icon in the panel to the left of the screen.

When you click the Edit Details link, the available options will be presented as follows:

This dialog box is organised into tabs:

Basic Details
Address
Security
Configuration
Web Link

Each one of these tabs allows a different series of settings to be applied to the way that the provider account will function.

Basic Details

As shown above, the provider account name is recorded here. There are 2 other fields available, both of which can be re-labelled (see below) in accordance with the business needs of the provider.

Address

This section records the address details of the provider organisation.

Security

The settings in this section allow controls to be applied to the way in which the account will be used, and also to the way in which the vaults within the account will function:

2-Factor Authentication Required (2FA): If this option is enabled, all provider users who enter the provider account will have to register a mobile phone number, to which a one-time code will be sent by text message when they login or access their My Account settings. This option should be selected when heightened security is appropriate. Once the user has logged into Safe4 and enabled 2FA they will be permitted to access any 2FA-controlled provider accounts or vaults without re-entering their authentication code. Each authentication code will have a life of 24 hours.

Whitelist Extensions: A “Whitelist” is an optional list of file extensions that are allowed to be uploaded. If the vault is intended only for the management of presentations, for example, the whitelist field can contain the extensions .PPT and .PPTX. Files with any other extension will be rejected. When listing the extension types, these should be entered without dots or spaces, using a semi-colon as separator, for example ppt;pptx to allow the file types shown above to be uploaded. If this field is left blank, files of any type can be uploaded to Safe4 .

Blacklist Extensions: The Blacklist functions in the opposite way to the Whitelist – files with extensions shown in the list will be rejected if a user attempts to upload them. This also an optional setting.

Scan for protectively marked files: Under certain circumstances, the provider organisation may wish to prevent the upload of any documents which contain a specific security setting in their metadata. This is typically used in the case of files of a Secret or Highly Confidential nature. The text string that is used in the file metadata can be entered into the box shown on the screen above. Any files which contain the string in their metadata will be rejected.

In addition to files containing protective markings, if this option is enabled Safe4 will also reject the upload of password-protected files, and any files which have had their extension altered. This is to prevent the upload of restricted files which have been packed into a ZIP file for instance, and the extension changed to .PDF. Safe4 will detect that the file is not a genuine .PDF, and will reject the upload. Safe4 will also scan ZIP files that have been placed inside other ZIP files.

Protective markings Email Address: In the event of a file upload being rejected for any of the reasons described above, the user who has attempted the upload will receive an email informing them that the upload was not in accordance with the provider’s policy. In addition, an admin user will also be notified of the failed attempt. The email address of the designated administrator should be entered into this field.

Configuration

Options are available to alter some of the terms used in the description of Safe4 fields, and also to determine behaviour of the account when certain functions are being performed:

Config Client: in many situations the Safe4 term “client” will not be appropriate. Altering the text in this field will allow a “client” to be referred to as a case, matter, customer, partner, boat, house, staff member, or indeed any other suitable term. The screenshots in these guides are based on the designation of “Vaults”. The chosen term will be applied in each part of the system where the text is used.

Config Account No: this allows the label for this field in the client details to be changed to the chosen text.

Config Units: this allows the label for this field in the client details to be changed to the chosen text.

Config My Folder Tree: this allows the label for the name of the root folder in the client vault’s Files and Folders screen to be changed to the chosen text.

Config Common Folders: this allows the label for the Common Folders area in the client’s Files and Folders screen to be changed to the chosen text. This facility is typically used for distributing selected documents to the users all of the vaults within a provider’s account.

Show Common Folders: It is not always appropriate for Common Folders to be available for use across all vaults within a provider account. This facility can be disabled by leaving this box unticked.

Send email default value: selecting True for this option will mean that an email notification will be sent to authorised users when a file is uploaded. It may be over-ridden for each individual upload by the user performing the upload by selecting the users to be notified in the Notify Users tab in the Upload dialog box. It is also possible for the filename of the file being uploaded to be suppressed if the appropriate option is selected in this tab.

Force to send email: selecting this option will allow the provider administrator to override individual user settings, and force the sending of email notifications. This will be helpful for global distribution of important information, such as contractual changes.

Enable email for client users: selecting this option will allow client users to email other users with reference to a specific file held within Safe4 (please refer to the Safe4 User Guide and the Folder Management section of this guide for further information on this function).

Weblink

It is possible for the files and folders page within each vault in the provider account to feature a link to an external website of the provider administrator’s choosing:

Enable web page connection: Safe4 allows the inclusion of a link to an external web page within the client’s Files and Folders screen, to provide an immediate link to an external site.

Connection box visible title: This is the text that will be shown on the button that links to the website as described above.

Web-page URL to link to: The URL for the external website should be entered into this field.

Take account number across: If Safe4 has been integrated with another business application, it is possible for the information held in Safe4 to be exchanged with the other system.