We are considering the use of 1Password for Business, and are trying to understand how to address the following scenario/concern relative to a terminated employee (can also apply to a lost device scenario). I have been using the personal and family editions for many years, so some of this is assuming that the Business edition works similar to those.
User has devices (work laptop with desktop app, personal mobile device with mobile app) that the user has been assigned or is using. The user of those devices has access to a shared vault of critical passwords which are rotated regularly (every 90 days let's say). The user has their personal and shared vaults sync'd to the device(s), so they have a local copy of the vault on the device. They also have their valid master password that allows them access to vaults.
1) We now terminate the user's access (either terminating the employee, their device is lost/stolen so we disable, etc.) The first question is what happens with vault access when the user access is terminated (e.g. does the 1Password service push out a message disabling the user's access on the devices; or every time the user tries to access a 1Password for Business vault then the app on the device checks in with the server to see if the user should still have access; or some other alternative scenario I am not clear on)?
2) The next question is what if the device (laptop or phone) does not have network access? For example, take the following sequence of events:
Can they can access the local copy of the vaults until the device is reconnected to a network? If not, why?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided