Vaults

Vaults provide an efficient and convenient way to share critical data with your suppliers. Vaults provide access control, MD5 checksums, access logs, and notifications so that any changes are automatically communicated with interested parties.

The Vaults feature is presently in (beta) form. Vaults are only available in the PLM Pro and MRP Pro subscription plans.

Introduction

A vault is a named, managed collection of attachments that disallows changes when locked and carefully notifies “observers” whenever the vault is unlocked or locked. A vault is attached to a Part (and, optionally, a specific Revision). That is, the user creates the vault on the Part pages. A vault may be referenced by an RFQ or Purchase to provide managed handoff of design assets to suppliers.

The purpose of the vault is to provide a single container for multiple attachments and to reference that container when communicating with suppliers in the context of quotes and purchases. Aligni ensures that suppliers that are granted access to the vault are notified if the vault is unlocked and relocked. This can help reduce the likelihood that changes are miscommunicated with your supplier. Through logging facilities, you can also be confident that your supplier has downloaded the new contents and has the most recent vault package.

Example Use Case

You design a new mechanical widget and create the part in Aligni as a record of that item. You create a vault for that widget to contain the design drawings and specifications. When you place an order for the widget through your contract manufacturer, you can attach the vault associated with that widget that contains design drawings and specifications. Your supplier is now connected to your design through the data vault associated with the part. They can download the vault contents and be assured that their copy of the data is the same as the one you intend them to use. If you need to make any changes to the data, the vault must be unlocked, modified, and locked again. At each step, your supplier will be notified so that the changes do not go unnoticed.

Vault Contents

When the vault is unlocked, users with deposit access may add files to the vault but may not remove or modify files.

Access Logs

Aligni maintains a complete audit log for each vault. For each event, the time, user (if applicable), event description, and IP address. The following are logged:

  • Lock and unlock events
  • Additions and removals from the vault
  • Downloads

These access logs are subject to record removal per the policies outlined in our Data Retention documentation.

Notifications and Observers

Notification of vault events are sent via email to account holders as well as external “observers” that have access to the vault contents.

Observers (typically vendor contacts) become subscribed to a vault when a quote or purchase order that refers to the vault is sent to them. An observer remains subscribed to the vault until the quote or purchase order is closed. Note that an observer may end up being subscribed multiple times to a vault if the vault is attached to multiple quotes or purchase orders.

Creating a Vault

Vaults are created on the Part → Vaults page. Like attachments, vaults may be associated with parts or individual part revisions. This distinction exists to allow you to attach vaults to the record that makes the most sense in the context of your workflow and organization practices.

Once the vault is created, you will be taken to the vault management view which shows the details of the vault, the contents, and the audit log for the vault. Initially, the vault is in the unlocked state so you are free to add attachments. You can also assign additional users to manage the vault.

Locking the Vault

When the vault is locked, Aligni will generate a zip file (called the “vault package”) containing all of the vault attachments. During this process, Aligni verifies the MD5 sum of each attachment to make sure that the file has not been corrupted in storage. Aligni also computes and stores the MD5 sum of the vault package. Vault visitors can use the MD5 sums to verify that any local copies of the package they have are consistent with the ones in the vault.

If the vault has any active observers, they are notified of the lock event via email.

When the vault is locked, no changes to the contents are allowed. The vault package may be downloaded by site users or by supplier contacts that have access to the vault through an RFQ or purchase.

SHA-256 hash is a so-called “hash function” that is used to validate the integrity of a vault’s contents. Rather than comparing the contents of two files directly, one can compute the SHA-256 hash of each of these files, then compare the results. This comparison is much easier to perform and, with extremely high confidence, implies the result of the direct comparison.

Unlocking the Vault

When a vault is unlocked, there are three direct results:

  • Active observers are notified – this notification helps observers understand that the vault contents are likely going to change and that any work dependent on the vault contents should be put on hold.
  • Vault package is destroyed – this assures that the existing form of the vault package may not be accessed again.
  • Access to the vault is denied to any supplier contacts (RFQ / Purchase) – this sends a clear message to suppliers that visit a page referencing a vault that the vault is presently unlocked and in transition.

These results are important to making sure that you and your supplier are in sync with regards to the vault and its contents.

Purchase Order and ActiveQuote Attachment

One of the primary benefits to vaults is that they may be attached to a quote or purchase order as part of your communication with vendors. This allows you to deliver the vaulted digital assets along with the quote or purchase. Your vendor will be able access the contents of these digital assets in a managed way. In particular:

  • All accesses are logged by accessor and IP address.
  • Notifications to your vendor will be sent if the vault is unlocked or locked.
  • Unlock and lock events are also logged in the vault timeline.
  • Vendors are not allowed to access vault contents when the vault is unlocked.

Attaching Vaults

Vaults are attached to specific line items on the quote or purchase by clicking on the vault icon at the right side of the line item. Available vaults are those attached to the line item part and any vault references that may be available as well. Multiple vaults may be attached to each line item.

Subscribed Contacts

When a contact is sent a quote or a purchase order containing a vault attachment, the contact becomes a subscribed contact to that vault. As a subscribed contact, they will receive notifications of vault unlock / lock events. They remain subscribed to the vault as long as the quote or purchase order is active. When the quote or purchase order is closed, the contacts are unsubscribed.

Note that it is possible for a contact to be subscribed as a result of two (or more) separate vault instances on different POs. Each subscription operates independently, so the contact is only unsubscribed when all associated documents (quotes / purchase orders) are closed.

Supplier Visibility

Suppliers are informed about quotes and purchase orders via email. The email includes a notice that vaults are associated with the quote or purchase order and those vaults are available through Aligni when the user clicks through to the quote or purchase order. On the Aligni page, the vendor can view the vaults and download their contents.

Vault References

Vault contents are shared with suppliers through quotes and purchases. Often, the item quoted or purchased through the vendor is not the logical “owner” of the vault contents. For example, you may have a labor item that is quoted and purchased from your contract manufacturer (PCBA_EMS_LABOR) but you want to share your PCB fabrication data with them when you purchase this item. Vault references provide a solution to this problem.

A vault reference is a logical association to a vault on a different record. Using vault references allows you to reference vaults on a different part without duplicating the effort of vault maintenance on both records.

To address the problem mentioned above, you could create a “vault reference” on the PCB_EMS_LABOR item to the vault on the PCB item. When you place an order for the EMS item, you’ll have the option to select any of the vaults on the referenced item to share with your supplier.

Recommended Practices

  • Vaults are intended to be rather static and should be locked and unlocked judiciously. Excessive event notifications to suppliers can be annoying and deteriorate the confidence a supplier has in the expected static nature of the vault.
  • Since vault event notifications are transmitted via email, it’s a good idea to confirm email delivery with suppliers. Especially in the early stages of a supplier’s interaction with Aligni, it is important to talk with your supplier to make sure that Aligni event notifications are getting through. Aggressive anti-spam policies can be retrained through diligence. Ask your suppliers to check their SPAM / junk folders and re-categorize Aligni emails if they are mistakenly flagged. For more information about email use with Aligni, please visit our Email Fundamentals page.
  • Try to arrange vaults to contain logical collections of files associated with a part and reduce redundancy between separate vaults. Adding the same files to multiple vaults means more vaults that need to be unlocked / locked if things change.
  • Above all, we highly recommend getting familiar with the vaults arrangement then discuss with your team to establish conventions that you will follow. A lot depends on how your team operates, the types of products you build, and the way you communicate with suppliers.