SafeInsights Member Enclave Onboarding Checklist

Document Context Note: This checklist is designed to highlight stages, steps and potential snags for the SI Admin to use as guideposts when onboarding a member, rather than as a take-home assignment to be given to the member.

Onboarding

Before any onboarding work can be done, the member must:

  • Review the SafeInsights Implementation Guide in the Knowledge Base

  • Make all necessary decisions and plans to complete work on WBS 1.10x.2 (Data Access).

  • Work on 1.10x.3 (Base Enclave) to the point of having an on-paper architecture for their enclave that they can discuss with the Technical Director.

  • Set up a meeting with the Technical Director to go review the on-paper architecture.

    • As part of this meeting, the member will specify the org name they want to appear to researchers and their team, which can be changed.
    • They will also set the URL slug which will show in SI, and cannot be changed.

  • Generate a Member Enclave Management Key Pair following the instructions in the “Create Key Pairs” guide in the Knowledge Base.

  • Ask them for their public key so we can set them up in the BMA and have the member securely store their private key, as it cannot be recovered.

  • Deploy their enclave based on the approved paper architecture.

Connection

Once the member’s enclave is built, The member will reach back out to us to start the onboarding process. Account creation is still locked, a SafeInsights Admin will work with the member to get them set up.

  • Member: Reach out to SafeInsights to begin the enclave connection process.

  • Member: Define Organization display name and slug (a-z, hyphens for slug).

  • SafeInsights Admin: Set up a new organization using the “Add New Organization” button on the admin control panel.

    • SafeInsights Admin will need to get the public key from the Member in order to complete this step.
    • Remind the Member to make sure that they have their private key securely stored.

  • Member: Share email address and role(s) of the person they’d wish to be the org admin

  • SafeInsights Admin: Create the first user for the Member’s organization and assign it roles.

  • Member: Follow the instructions in the email to set up your user account.

  • Member: Follow the prompts to create a results decryption key, and store it securely.

  • Member: Use the switcher to switch to their researcher account and propose a test study using the main.r file from the management app.

    • This main.r file is designed to act as a smoke test for any enclave to ensure that the plumbing is hooked up properly. If it fails, the member will make adjustments until it passes.