Provider User Management

Provider User Management

There are 2 levels of user in Safe4:

• Provider users: typically employees or agents of the provider, or members of external organisations that the provider wishes to treat as users at this level.
• Client vault users: the client or party for whom information is being provided. This may be a single individual, in which case there will be just a single user for the client, or it may be a family or business, in which case multiple users can be granted access to the client account.

Users are given access to the Safe4 system through a process of invitation. The system administrator determines whether they are to be invited as provider users or vault users. There are no restrictions on the number of users that can be added to Safe4, at either provider or client level, subject to appropriate commercial and licencing arrangements having been made with Safe4 Information Management.

All invitations to become users of Safe4 are made by email. For this reason it is only possible to invite users who are able to provide an email address.

This section of the guide deals with the management of provider users.

User Invitations

The invitation process is initiated from the Users button within the provider account home screen:

Inviting a New Provider User

In order to invite a new provider user to join the system, select the Invite User button on the Provider Users page. After doing so, the following screen will appear:

Enter the first name, last name and email address of the user who is being invited. Multiple users can be invited in the same action. If more than 3 users are to be invited at a time the “+” icon can be clicked to provide extra rows.

After completing these details, click the “Next” button. This will display the Permissions tab:

It is possible at this stage to grant a new user the ability to:

• Manage Provider Users: this will permit the invited users to invite other users into the system at provider level, and will give them the ability to edit users with respect to security groups, and to grant or deny the functions described within this section of the guide. For this reason, this facility should be granted to provider users with care.
• Manage Vault Users: this will permit the invited users to invite other users into the system at client vault level, and will give them the ability to edit users with respect to security groups.
• Manage Groups: this will permit the invited users to create, edit and delete security groups. It will also enable users to assign security groups to folders and users. This facility should be granted to users with care.
• Manage Branding: this will enable the invited users to upload a logo to be displayed on all of the user interface screens within the system, and also to add welcome and disclaimer messages, and set up email signatures. This permission also gives the designated user the ability to use the Edit Details function, which will give access to the Configuration options described in the Provider Management section of the guide.
• Manage Web Link: this will enable the invited users to activate the web link button shown on the Files and Folders page within the client vault, and to edit the URL of the external site that is being linked.
• Manage Protective Markings: this will enable the invited users to activate and edit the ability for uploaded files to be scanned for protective markings, passwords, and altered extensions as described in the section above on Managing Provider Accounts.
• Manage Download Archives: this will enable the invited users to carry out the Archive function described in the section above on Managing Client Vaults.
• View Audit Trail:  The Safe4 reporting function allows the audit trail to be queried.  If this option is selected, the user will be able to utilise the reporting function within the provider account in question.

Because these capabilities will permit the new user to carry out a level of system administration, such rights should be granted very carefully. It is good practice to err on the side of caution when allocating this type of control. Never grant rights that you believe might exceed the level of control that a user requires. If a higher level of access is needed, it can always be given later.

After determining the permission settings for the invited user(s), click the Next button again. This will open the Groups tab:

After determining which groups the invited users should be allocated, click the Next button again. This will open the Message tab:

A message may be added here, to be included in the invitation email. When this has been done, click OK to send the emails and issue the invitations.

Up to 100 new invitations can be issued at a time. An invitation will remain valid for up to 21 days, after which time the user’s option to respond will expire. It can be re-issued or deleted if required.

After the invitation has been sent, it will appear as Pending on the provider user list:

The invitation will remain in a Pending state until the user has responded by either creating a new account, or adding this account to others which they already have in Safe4.

Editing Provider Users

It is possible to edit the information stored by Safe4 against each provider user account:

The icons shown to the right of the screen allow each user account to be edited, or for the user to be removed from the provider account in question by clicking the red cross. Please note that if a user is removed from the account, they cannot be reinstated through the Safe4 administration functions. User accounts that have been removed can be reinstated by Safe4 Information Management upon request. Users can be re-invited if necessary.

If the Edit User icon is clicked, the following screen will be displayed:

From this screen it is possible to change the permissions and groups which have been assigned to the user.

After making any changes, click OK to save the changes or Cancel to discard any alterations.