Larger projects with many users require effective management at scale in tiCrypt. In a scaling scenario, both admins and super-admins must know how to:

• Manage multiple users simultaneously in a large number of projects.
• Make bulk changes in the user's status.
• Adopt global changes in the system when needed.
• Manage bulk changes in the tiCrypt backend.
• Proactively make use of bulk VM actions.

In this blog, we provide a set of tiCrypt features that allow you to streamline the process to maintain a significant number of projects at scale.

---

Global Management at Scale

Most of the time, the System Admins and Project Investigators take over the extensive project responsibilities. The scope of global management is to perform bulk actions with less effort and to enhance data consistency, avoiding human error.

The tab allows admins and project managers to be creative about their projects. Many of the tiCrypt features were designed to leverage power to the management teams allowing various bulk actions to occur.

Make Global Announcements

Before deploying large projects to all admins or sub-admins may be required to set up a management infrastructure. The global announcement feature allows Project Managers and Admins to send secured global messages within the system.

To make a global announcement to all users or admins navigate to the tab in the Users section.

• Click the Make announcement button in the top left corner.
• Follow the instructions from Make Global Announcement section.

Management User Profiles

The User Profiles in tab is a powerful tool for creating personas. They are a way to tag users without altering their default permissions settings.

Scenario: Suppose you manage a large project with 1000+ users.

You must organize the users in categories based on your management requirements, project compliance and level of access. It is tedious and time-consuming to organize 1000+ users manually.

As a result, tiCrypt allows you to use the User Profiles feature to create your own user/admin avatar. Each user profile includes custom roles and permissions to allow unique actions and events during the project deployment.

Once the user profiles are created, they can be applied in bulk to project or team members, whichever is the case.

caution

Use this feature with high caution only if necessary. Hazardous use of permissions can block certain unpredicted actions for users assigned the user profile.

info

Learn more about User Profiles in the User profiles example section.

To create a user profile navigate to tab in the User Profiles section.

• Click the Create new user role button in the top right.
• Follow the instructions from Create User Profile section.

Apply Profiles in Bulk

Once you built your desired user profiles in management, you can apply them to users in bulk.

To apply profiles to users navigate to tab in the Users section.

• Select the users you would like to apply profiles to.
• Click the Apply profile button in the top right.
• Follow the instructions from Apply Profile section.

Bulk Email

In a large project, communication is crucial. tiCrypt offers alternative ways to communicate via email, allowing admins to all project member emails or them at a click of a button.

To bulk email users navigate to the tab in the Users section.

• Select the users you would like to bulk email.
• Click the Bulk-email button in the top right.
• Follow the instructions from Bulk Email section.

Bulk Refresh Users Information

If a large number of Users is updated at different times and you want to build a report of them for audit purposes. You can use this option to bulk refresh all user data.

To bulk refresh users information navigate to tab in the Users section.

• Select the users you would like to refresh information for.
• Click the Refresh user(s) info button in the top right.
• Follow the instructions from Refresh User Info section.

Add Multiple Certifications

Adding multiple certifications at once can automate management efforts. This feature allows admins and project managers to certify multiple users for a security requirement within a security level of a tagged (classified) project.

To add multiple user certifications to users navigate to tab in the Users section.

• Select the users you want to add the certifications to.
• Click the Add certification button in the top right.
• Follow the instructions from Add Certification section.

Bulk Mark Certifications as Expired

Whenever a project requirement changes or is updated, admins and project managers can turn off the access for all project members to a security level by marking their certifications as expired.

To mark multiple user certifications as expired navigate to tab in User Certifications section.

• Select the user certifications you want to mark as expired.
• Click Mark as expired in the top right.
• Follow the instructions from Mark Certification As Expired section.

Add Multiple Users to a Project

Significant project processes may require adding many users to a project; this can be achieved using the bulk Add to project option.

To add multiple users to a project navigate to tab in the Users section.

• Select the users you want to add to a project.
• Click the Add to project(s) button in the top right.
• Follow the instructions from Add to Project section.

Add Users to Multiple Projects

Large projects with multiple subprojects may require admins and project managers to add many users with similar roles in the projects. This action can be sped up using the Add members to projects option.

To add multiple users to many projects navigate to tab in the Projects section.

• Select the projects you would like to add users to.
• Click the Add memeber(s) button in the top right.
• In the prompt, type the name of the members you want to add to the selected projects.
• Click the button on the right.
• Scroll down then optionally, type an expiration date for the users in the project.
• Next, select user roles in the projects.
  • Select user restrictions in the projects.
  • Select whether you want to skip or update their expiration in the projects.
• Click .

Assign Subadmins to Multiple Projects

Successful project managers and admins are often supported by successful sub-admins. tiCrypt allows admins to assign projects in bulk to sub-admins.

To assign a projects to subadmins navigate to the tab in the Projects section.

• Select the projects you want to assign to the sub-admins.
• Click the Assign project to Sub-admin(s) button in the top right.
• Follow the instructions from Assign Projects to Subadmins via Projects section.

Change Roles in Bulk

Changing roles to multiple users may be a rare scenario. However, tiCrypt allows admins and super-admins roles to change other users' roles simultaneously.

To change the users roles navigate to tab in the Users section.

• Select the users you would like to change the roles of.
• Click the Change role button in the top right.
• Follow the instructions from Change Role section.

Change States in Bulk

In the case when users leave the organization indefinitely, you can change their states to inactive in bulk. This option also helps you to onboard new users by setting in bulk their states to active and escrow on the next login.

To change state of users navigate to tab in the Users section.

• Select the user(s) you would like to change state of.
• Click the Change state button in the top right.
• Follow the instructions from Change State section.

Disable Multiple Accounts Until

When multiple users have gone on holiday or overseas, certain compliance factors may require you to prevent their access to the project. You can use the Disable account until option to pause their access for a limited time and automatically resume it later.

To disable users account until a specified date navigate to tab in the Users section.

• Select the user(s) you want to disable the account of.
• Click the Disable account until button in the top right.
• Follow the instructions from Disable Account Until section.

note

The practical difference between Change state of users to inactive and using the feature Disable account until is the inactivity period. If users leave for a short time, you should use the Disable account until feature if they are likely to never come back you can Change state of users to inactive and eventually delete them.

Bulk Delete Objects

As a super-admin, you can bulk delete the majority of the objects in tiCrypt; however, you cannot delete anything that is cryptographically enhanced (i.e., Groups, VMs, Drives, Etc.) unless you are the owner of them.

To bulk delete any objects navigate to any of the following tabs ,, in any section or sub-tab.

• Select the object you would like to delete.
• Click the Delete button usually in the top right.
• In the prompt, click .
• Alternatively, click to confirm the deletion.

info

View a specific example to Bulk delete VM configurations.

Bulk Export in JSON or CSV

Admins and project managers can bulk export data in JSON or CSV format in the and tabs. The export options are globally displayed for most tiCrypt objects.

To bulk export in JSON or CSV any objects navigate to any of the following tabs , in any section or sub-tab.

• Select the object you would like to export.
• Click either the CSV Export option or the JSON Export option.
• Finally, click one of the following export quantities:
  • All items.
  • Visible items.
  • Selected items.

Bulk Change Host States

Changing host states in bulk is to manage how extensive VMs infrastructure would connect to them. When hosts may need maintenance or updates that require all VMs to be disconnected from them, super-admins can use this option.

To change the state of a host navigate to the tab in the Hosts section.

• Select the host you would like to change the state of.
• Click the Change state button in the top right.
• Follow the instructions from Change Host State section.

Bulk Check Host Utilizations

The Check host utilization option is bulk by default. This checks all hosts of the system, allowing super-admins to verify the flow of resources in the host.

To check utilization of a host navigate to the tab in the Hosts section.

• Select the host where you would like to check the utilization.
• Click the Check utilization button in the top right.
• Follow the instructions from Check Host Utilization section.

Bulk Shutdown VMs by Hosts

Similarly to admins changing host states to inactive, you can bulk shut down VMs by hosts. This action allows for a complete shutdown of all VMs of a host in urgent situations.

caution

Please be aware that using this option will turn off all VMs of the host; all unsaved work in the VMs may be lost.

To shutdown all VMs of a host navigate to the tab in the Hosts section.

• Select the hosts where you would like to shut the VMs down.
• Click the Shutdown all VMs button in the top right.
• Follow the instructions from Shut Down All VMs in Host section.

Bulk Manage Hardware Setups Access

To bulk manage access in VM Hardware Setups navigate to the tab in the Hardware Setups section.

• Select the VM Hardware Setups you would like to manage the access of.
• Click the Manage Access button in the top right.
• Follow the instructions from Manage Hardware Setups Access section.

Bulk Change Hardware Setups Images

To bulk change the image in VM Hardware Setups navigate to the tab in the Hardware Setups section.

• Select the VM Hardware Setups you would like to change the image of.
• Click the Change Image button in the top right.
• Follow the instructions from Change Hardware Setups Images section.

Bulk Replace Hardware Setups Instructions

To bulk replace instructions in VM Hardware Setups navigate to the tab in the Hardware Setups section.

• Select the VM Hardware Setups you would like to replace the instructions for.
• Click the Replace Instructions button in the top right.
• Follow the instructions from Replace Hardware Setups Instructions section.

Bulk Set Projects in Running VMs

Some significant projects demand multiple VMs to be connected to them. You can bulk tag numerous VMs to a project simultaneously.

To set projects in running VMs navigate to the tab in the Running VMs section.

• Select the running VMs to which you would like to set the projects.
• Click the Set Project button in the top right.
• Follow the instructions from Set Projects in Running VMs section.

Bulk Shut Down Running VMs

When a project is complete and data is saved on drives, the VMs are no longer in use hence you can bulk shut down them.

To shut down running VMs navigate to the tab in the Running VMs section.

• Select the connected VMs you want to shut down.
• Click the Shut down button in the top right.
• Follow the instructions from Shut Down Running VMs section.

Bulk Power Up Service VMs

When starting a large project, VMs in place for service may be powered up simultaneously.

To bulk power up Service VMs navigate to the tab in the Service VMs section.

• Select the service VMs you would like to power up.
• Click the Power Up button in the top right.
• Follow the instructions from Power Up Service VMs section.

Bulk Fetch Libvirt XML description of Service VMs

Super-admins can view the difference between each Service VMs's XML description.

To bulk fetch the Libvirt XML description navigate to tab, in the Virtual Machines section.

• Select the connected VMs you want to view the Libvirt XML description of.
• Click the Three dots button in the top right.
• In the prompt, click the Libvirt XML Description option.
• Follow the instructions from View Libvirt XML Description of Running VMs section.

Bulk Restart Controllers of Service VMs

Service VMs controllers may be restarted in bulk to fix errors or update changes in the VM controllers.

To restart controller in Service VMs navigate to the tab in the Service VMs section.

• Select the service VMs you would like to restart the controllers of.
• Click the Restart button in the top right.
• Follow the instructions from Restart Controller section.

Bulk Create Deletion Request of Escrow Users

In the case when an entire group of escrow users is changed, you can bulk-create deletion requests and follow the process from Delete Escrow Users section to execute the deletion appropriately.

To delete an escrow user from the system navigate to the tab in the Escrow Users section.

• Select the escrow user you would like to delete.
• Click the Create deletion request button in the top right.
• Follow the instructions from Delete Escrow Users section.

Bulk Execute Signed Certificates

A similar situation applies to bulk-executing signed certificates. Super-admins have permission to bulk upload the site-key admin-signed certificates into tiCrypt.

To bulk upload a signed certificate navigate to tab in the Escrow Certificates section.

• Click the Execute Signed Certificates button in the top right.
• Follow the instructions from Upload Escrow Certificates section.

Bulk Attach & Mount Drives to VM

tiCrypt allows users to bulk attach and mount unlimited drives to a VM. This action is possible due to flexible infrastructure and functionality.

You can attach either read-only or read-write drives.

caution

If you attach multiple drives to a VM, consider the amount of resource utilization and VM architecture best practices.

To attach a drive in read-only or read-write mode navigate to the tab in the section.

• Select the Virtual machine you want to attach the drives to.
• Scroll down and click the Drive Management card.
• Click the Attach drive(s) button in the top center.
• Follow the read-only or read-write mode instructions from Attach more drives in a Running VM section.

note

The following example is for a read-only drive.

Bulk Change Project Tag in Drives

To change project in a drive navigate to the tab in the Drives section.

• Select the drive you would like to change the project for.
• Click the Change project button in the top right.
• Follow the instructions from Change Project in Drive section.

caution

You cannot re-tag VMs with different projects simultaneously. Your VMs must be tagged to the same project to change the project in bulk.

Bulk Add Users to a VM

Adding multiple users to a VM is a frequent action in project management.

To bulk add users to a VM configuration navigate to tab, in the Virtual Machines section.

• Select the virtual machine you want to add users to.
• Click the User Management card on the right panel.
• Click the Add User(s) button at the top panel.
• Follow the instructions from Add Users to VM section.

Unshare Drives from Everyone Else

You can unshare drives from all users simultaneously. This action allows the owner of the drive to keep a drive private to themselves.

To unshare a drive with everyone navigate to the tab in the Drives section.

• Select the drive you would like to unshare.
• Click the Unshare from everyone else button in the top right.
• Follow the instructions from Unshare Drives with Everyone section.

Bulk Transfer via SFTP

Research data at scale is necessary for large projects. A simple way to transfer large amounts of data into the projects is via SFTP methods. Before you make a transfer, you must create an endpoint for your data to land on.

To create an SFTP endpoint navigate to the tab in the section.

• Select an existing directory you want to turn into an SFTP inbox.
• Click the Manage Inbox icon in the top right center.
• Follow the instructions from SFTP Overview section.

---

VM Management at Scale

The Virtual Machines can work in bulk to achieve complex tasks at scale. You can use the following features by accessing the Management tab or the Virtual Machine tab.

Virtual Machines User Profiles

The User Profiles in tab is a powerful tool to create personas within the virtual machines realm. They are a way to tag virtual machine users by changing their permissions in the VM.

Scenario: Suppose you manage an extensive VM infrastructure where you have a vast number of users. You are advised to leverage the VM profiles to organize the user's permission and level of control within the VMs and Drives.

• Despite the user roles in the system, you can flexibly create a VM user profile.
  • Eg1: super-admins of the system may be standard VM users if they belong to a VM User Profile designed for that purpose.
  • Eg2: standard users in the system may have VM manager roles if they belong to a VM User Profile designed for that purpose.
• Multiple users may have multiple VM user profiles.
• No matter the user role, each VM user can have a maximum of one VM user profile per virtual machine.

To create a VM User Profile navigate to tab section.

• Click the button to make sure your VM is connected.
• Next, navigate to the VM User Profiles card.
• Click the Add profile button in the top center.
• In the prompt, type the VM User profile name.
  • Select the profile role.
  • Tick the appropriate profile permissions.
• Click .

info

To learn more about VM User Profiles follow the instructions from VM User Profiles (in Virtual Machines) section.

Create Access Directory for Large VM Groups

Access directories play a significant role in the VM large group management. There are by default three groups for an access directory:

• Everybody: All VM users have access to the directory.
• Nobody: None of the VM users have access to the directory; except the owner of the VM.
• Managers: Only the users with manager roles in the VM have access to the directory.
• Custom: Users with custom permissions set by the VM owner or VM managers have access to the directory.

To create a new access directory navigate to tab in the section.

• Select the connected VM you want to create the access directory in.
• Click the Access Directory Management card.
• Click button in the top left.
• Follow the instructions from Create Access Directory section.

---

Miscellaneous Management at Scale

It is worth mentioning several complementary features that may be used as a tool to perform management at scale.

Global Login Message

In specific scenarios, you may need to conduct maintenance in the backend, which may require you to pause the system for a few days. Before starting the maintenance project, it is recommended to have at least one channel to contact all users about the maintenance work outside the system.

For good practice, you can use the global login message feature to inform everyone about a maintenance period or a significant project update that may affect all users. Optionally, you can set custom colors, symbols and display frequencies for your global message.

Global Terms of Services

As an alternative to global login messages, you can apply the same principle immediately after the users have logged in.

The Terms & Conditions prompt may be used for any relevant information or update users should know about. *, e.g., "The system will be down for 14 days due to a large project maintenance."

The Terminal Hub

The Terminal Hub helps you keep track of the running VMs when you deal with many terminals. It is a complimentary feature to large projects since it allows you to manage multiple VMs conveniently, at the same time.

info

To learn more about the Terminal Hub, navigate to Terminal Hub Overview section.