Why can Team Members see all the users in a 1Password Business Account? How can this be turned off?
Basically the title.
Why can Team Members see all the users in a 1Password Business Account? How can this be turned off?
I don't want the entire team to be exposed to the entire team: is there a way to manage this?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:users visibility
Comments
-
Are you logged into an account that only has the "Team Member" role? By default people with that role alone and no management permissions cannot see the rest of the team. If someone has the 'manage' permission on a vault they'll have a greater level of access.
Ben
0 -
Thanks for the reply. I see what you mean in that if I deny the user the rights to "manage the vault" they can't invite anyone and therefore can't see the users. Though as soon as I give them ANY vault management access they can see everyone?
0 -
I'm not sure how else they'd be able to select which people should be able to view/edit the vault they are responsible for managing? :) Would you mind clarifying how you'd like for that to work? I'm happy to suggest improvements to the team, but I'm having a difficult time envisioning how else that might work.
Ben
0 -
I guess what I’m looking for is an opportunity to leverage the business tools for individual users and since they would all be part of the same team but technically not know each other i was trying to decide how to insulate them from information that would disclose their identities to each other. Actually a few different use-cases to discuss: does 1Password have phone support? Or perhaps I should do this over email?
0 -
@ObjectConsulting: Thanks for clarifying. If you're trying to share a membership with random people, that's not something that's supported, as there's got to be some inherent level of trust within any group (team, family) membership, as any Owner/Organizer can literally suspend or delete anyone else's account, and therefore their data.
Put another way, 1Password Teams/Business is for people who work together to manage and securely share company data; 1Password Families is for family members to manage and securely share data amongst themselves; an individual user not belonging to such a group or with a reason/imperative to distrust their group can and should use an individual 1Password membership, as then they have complete control over the account and there is no way to share data with people they do not (or cannot) trust and have that negatively impact them later on. That's the way to "insulate them from information that would disclose their identities to each other".
That said, depending on the situation, guests could also be a good option to some extent, as they have access to only a single vault shared with them. However, they can (and, I'd argue, should be able to) see others who have access to that same vault. And again, they're at the mercy of the Owner (who's paying for the membership after all) as far as their account remaining active. But again, any time you're giving someone admin privileges to manage others as Ben mentioned above (with a regular user account; not possible with a guest account) they inherently will know about those users who they are managing directly, or indirectly by virtue of changing permissions that affect them.
However, while we do not have a call center, I am curious about the specific use cases you have in mind, and would be happy to discuss it via email at support+forum@1password.com -- bearing in mind everything I mentioned above. :)
0 -
Thanks for the really specific reply! I'll get into things a bit more over email in the next days and weeks!
0 -
Sounds like a plan. :+1:
Ben
0