File security and lifecycle management

NEWS

The 2010 Vault Family of Products – Highlights

Vault Workgroup helps designs teams easily create and share digital prototyping information by securely organizing, managing, and tracking data from a central location. Team-based collaboration helps users gain productivity without disruption to their natural design workflows. In addition, Vault Workgroup delivers revision and lifecycle control processes directly in the design application, which results in faster cycle times and better quality engineering data.

Vault Collaboration has all of the functionality in Vault Workgroup and includes an advanced toolset providing scalability to manage large workgroups. Share engineering design data with the shop floor with the included web client and expose design related information to the extended enterprise by publishing to Microsoft SharePoint. Multi-Site functionality enables companies to synchronize design data among distributed workgroups, extending the reach of the digital prototype to the entire organization.

Vault Manufacturing, previously known as Productstream, has all of the functionality in Vault Collaboration plus other advanced capabilities. Give design departments the tools they need to track engineering change orders, manage bills of materials (BOMs) and promote earlier collaboration through integration to manufacturing business systems.

SALES

File security and lifecycle management

We have discussed in previous newsletters how the new features in the Vault product line enable your customers to easily control the state and revision of any document in the Vault. The lifecycle state of a document is obviously useful information for anybody using the system. This becomes incredibly powerful when the system controls access based on this status. And Vault lets you do that – for each status the administrator can determine who has read, modify and delete permissions. This allows you to let the Engineering group, for example, have full control over its documents whilst in the ‘Work in Progress’ state and only make documents visible to users on the shop floor when they are ‘Released’. The illustration below shows the Sales group does not have any access to documents whilst they are ‘Work in Progress’ thus ensuring, only released drawings are used by the sales department.

SALES

In addition you can set up permissions for individual folders (and all subfolders if desired). This allows you to control access to certain subfolders for a project, e.g. hiding sales quotes from users who should not see them, or only expose that folder for a top secret project to the project members working on it. The following pictures are from the same Vault, showing the different level of access per user type.

Engineering user	Shop floor user

Combining folder level security and lifecycle security, you can ensure your customer’s users get the right access to the right data at the right time!

TECHNICAL

How does it work?

It is an industry best practice to set up and define anything related to security using groups wherever possible. This is also true for Autodesk Vault. So go ahead and create groups for the different teams or whenever you need different access rights. It is much easier to maintain and manage security within a Vault using groups than granting or denying access for individual users! Of course you can also grant or deny for individuals when required.

Folder based security

Once you’re done setting up your Groups, you can start using them to define your folder level security. Simply select the folder for which you want to define security, right click and select Properties… (You need to be logged in as Administrator or as a user that has the Administrator role assigned). Then you can start adding Groups (and Users) to the access control list (ACL) and allowing or denying them certain permissions.

If you do this for a folder containing subfolders, you may have different intentions on what should happen to the access control list of the subfolders. The following dialog will help you affect your desired change on the system.

· Do not propagate to child folders - the security settings are used for the current folder only. Changes are not propagated to subfolders.

· Propagate only changes (append permissions) - any users or groups that have been added to or removed from the Access Control List on the current folder are added to or removed from the subfolders. Any changes to users or groups assigned to the current folder are propagated to any subfolders that also have those users and groups assigned. This is the default setting.

· Propagate entirely (replace permissions) - the Access Control List and the permissions are used for the current folder and all subfolders contained in the current folder.

TECHNICAL

Lifecycle state based security

Once you’ve configured your folder level security, you can configure security for individual lifecycle states, through the ‘Behaviors’ tab in your Vault ‘Administration’.

There you have to ‘Edit…’ the process that you are using (as configured for your Categories – see our previous newsletter ‘Unleashing the Power of Categories’).

This in turn lets you access the individual lifecycle states, where you can control the Security definition through the tab. Note that the default is set to ‘No state-based security’ so you’ll need to deactivate this check-box to add group and users to the list.

TECHNICAL

Hot tip

When configuring a system it’s always important to test the workflows to ensure you’ve set up a complete and working configuration for your customer. You can always check the effective permissions on a folder, but since files are also affected by the lifecycle state you will also want to check individual files. You can do this by simply selecting any file and selecting ‘Properties…’ from the ‘File’ menu.