Backing up Teams data?

We're starting to experiment with Teams in my company, and I'm wondering how we ensure data is backed up. With an individual vault, 1Password backs up the data locally which makes restoration in the event of a loss very easy.

My primary concern is a data loss on the 1Password server side; what's in place to prevent that? Given that the service is in beta, is there any risk of data loss or reset (thinking back to the iCloud beta days, where data was wiped periodically)?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Teams

«1

Comments

  • weppos
    weppos
    Community Member

    I have the same question. I store my primary vault in Dropbox and I also have local backups.

    I'm currently experimenting with 1password for Teams and I can't see any way to configure backups (only export items). Are the Team vaults stored in the same daily local backup?

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited November 2015

    @johnclay, @weppos: Sorry for the confusion! Your 1Password for Teams data is not included in local backups, and is backed up automatically on the server. So while you need to backup your personal vaults as you are accustomed to doing, this isn't necessary with Teams vaults. We've built not only backups but also redundancy into the 1Password for Teams infrastructure. And while AgileBits staff had to cope with 'data resets' during development (pre-beta), we don't plan on doing this going forward. :)

  • tmchow
    tmchow
    Community Member

    @brenty so that means we just need to trust that the server is backing up the data?

    That worries me.

  • johnclay
    johnclay
    Community Member

    @brenty @tmchow Yup, that worries me too. It's not that I don't trust AgileBits with my data, but shit happens from time to time. I'd rather not be left holding the bag when our company loses critical information.

    There needs to be an automated local backup system. Rolling it into the existing backups would be perfectly fine, IMO.

  • Thanks for sharing your concerns. Let me start by talking about backups on the server side and then talk about the client side.

    We need backups happening on the server side as we plan on adding the ability to restore previous versions of an Item from within the web app. We also have backups of the entire database for Disaster Recovery type of scenarios.

    As for the client side, the process of creating a backup is straightforward, but restoring a backup locally is not a trivial matter as it will need to reconnect with the server and update to the latest information. This can be tricky for a few reasons. For example, if there was a local edit that needed to be pushed, the server would already have that change and that would cause complications. We actually coded for this already, but it's just one example of how things can get messy once clients are allowed to jump back in time.

    In many ways, your current database on your machine is your local backup since each device stores an local cache of the data that's on the server. If our server goes offline, you'll still have your local copy. With that said, I see where you're coming from and you can backup your 1Password 4 > Data folder in Application Support manually. There is a trick to it, though: to ensure you get a good copy of the database, you need to quit 1Password and 1Password mini before creating your backup.

  • AGAlumB
    AGAlumB
    1Password Alumni

    I also wanted to point out that 1Password for Teams is effectively backing up to an offsite location, which is an important part of any backup strategy — in case your local equipment bites the dust. It's definitely different than what we're used to from using 1Password over the past decade, since historically if you lose your data and you don't have a backup you've made yourself you're out of luck.

    So, as dteare mentioned, with the 1Password for Teams server being the canonical database, your local copy is essentially a backup copy already. And on the server, we can build in a great deal more redundancy that most of us can afford to do at home. So while it's not what we're used to (or perhaps comfortable with) yet, with 1Password for Teams your data is actually safer than it's ever been. :pirate:

  • tmchow
    tmchow
    Community Member
    edited November 2015

    I can understand the technical merit of the explanation for why the data is safe, but there is just a peace of mind aspect that I'm sure all your customers of "Team" would appreciate. Even if we could do something manually triggered through preferences, it makes sense for us to be able to automate this, or have hooks into your service to "pull" a backup on a periodic basis for storage in a place of our choosing. (e.g. have a method to give you an S3 storage container to write a backup to)

    I get that there could be integrity issues with making sure the latest changes are there, but I'd rather have a backup of my vaults, even if it meant that a few entries were out of data in some rare case.

  • AGAlumB
    AGAlumB
    1Password Alumni

    I get that there could be integrity issues with making sure the latest changes are there, but I'd rather have a backup of my vaults, even if it meant that a few entries were out of data in some rare case.

    @tmchow: Absolutely! When you backup your system (which I'd hope you're doing anyway), so long as you don't exclude 1Password's support files, the vault database is being backed up already. :chuffed:

  • tmchow
    tmchow
    Community Member

    @brenty My entire HD isn't backed up, only certain folders as I don't care about a full metal restore. For example, I have my dropbox and onedrive folders backing up, but not any of my app files.

    1. What folders should I be including to catch 1password? (both mac and PC since my wife uses a PC and I use a Mac)
    2. If I backup on one of my Mac machines, I can safely not worry about backing up the instance on my windows machine, right?
  • @brenty

    Your explaination is good and I will trust in the solution for this first release.
    But I have the requirement to backup all Vaults (including all personal) to a 3
    'rd place. In best additional encrpted with an extra backuppassword to ensure 4 eyes principle.

  • AGAlumB
    AGAlumB
    1Password Alumni

    What folders should I be including to catch 1password? (both mac and PC since my wife uses a PC and I use a Mac)

    @tmchow: As dteare mentioned earlier,

    you can backup your 1Password 4 > Data folder in Application Support manually. There is a trick to it, though: to ensure you get a good copy of the database, you need to quit 1Password and 1Password mini before creating your backup.

    :) :+1:

    If I backup on one of my Mac machines, I can safely not worry about backing up the instance on my windows machine, right?

    Correct! You should only need to backup from one, since they're just copies of the same data — the only caveat being that 'modern' filesystems still don't have proper integrity checks, so if there's data corruption on your local drive, you'll be backing up rubbish. And of course that's where the 1Password for Teams server comes in handy. ;)

    Your explaination is good and I will trust in the solution for this first release. But I have the requirement to backup all Vaults (including all personal) to a 3 'rd place. In best additional encrpted with an extra backuppassword to ensure 4 eyes principle.

    @random_31731ec7aea: Indeed. There is no such thing as too many backups! :pirate:

  • jebr
    jebr
    Community Member

    Hello

    I assume (form looking at the number of items count) that the Mac 1P client Backup feature is only backing up my Primary Local vault?

    It would be good to have the optional ability to backup Teams / Families vaults. I realize that you are using AWS and will have redundant storage etc. However in the unlikely event that you suffered form a massive data corruption problem that propagated to all my client apps I would have no access to my data until you had sorted out your backup restoration. However if I had a local backup on my mac I could quickly select an older version to recovery from and be up and running very quickly.

    Are Teams vaults sorted on my local filesystem as individual .opvaults that I could backup myself?

    Thanks


    1Password Version: Not Provided
    Extension Version: Not Provided
    OS Version: Not Provided
    Sync Type: Not Provided

  • Woodrel
    Woodrel
    Community Member

    I'm thinking of moving to Teams/Families but the backup thing bugs me too. If there was a problem with AgileBits servers and (for whatever reason) we cannot access remote data how would we recover a teams vault from say a TimeMachine backup? Run us through the steps from The 1Password 4 > Data folder in Application Support. I have over 1000 bits of information in 1Password and I need to know that I will never lose access before I commit to Teams.

  • rob
    rob
    edited February 2016

    Hi, @jebr. I've merged your thread with another one that answers the same question.

    To answer your last question, no, team vaults are not saved as .opvault files locally. They are only stored in an SQLite database in 1Password's folder in Application Support:

    ~/Library/Application Support/1Password 4/Data

  • Hi, @Woodrel, and welcome to our forum! :)

    1Password is able to function offline for a certain period of time, so even if our server was down for a while, you would not be locked out of your data. On top of that, we make backups of our backups, so your data is safe once it hits the remote servers.

    Making local backups is going to be a much less reliable solution. As Dave explained, you could restore a local backup from Time Machine, but as soon as it syncs with the server, it will pull down the new information from the server, so that's not what you want.

    I can't walk you through any reliable steps for local backups because there aren't any, but if you would like to back up your data locally anyway, you can. It's the ~/Library/Application Support/1Password 4/Data folder, and you can restore the whole folder if you'd like, but again, as soon as it connects to the server, it's going to think it is out of date and pull the latest information from the server.

  • pquimo
    pquimo
    Community Member

    I wanted to verify that all 1password for teams data is 100% available offline, indefinitely. It seems crazy to me that it would be otherwise, but this comment: https://discussions.agilebits.com/discussion/comment/281541/#Comment_281541 made me concerned. Specifically this phrase "1Password is able to function offline for a certain period of time". That sounds very much like a limited period of time. If I am without internet for days, I want to be sure none of my 1password data is going away. It should be just like with my Dropbox solution now, where the 1password for teams provides a sync service, and offsite backup, but doesn't affect local behavior or performance or availability.

    Please confirm that my analysis and expectations are correct, or where I am off. Thanks for this new service, I am excited to get started using it!


    1Password Version: Not Provided
    Extension Version: Not Provided
    OS Version: Not Provided
    Sync Type: Not Provided

  • Woodrel
    Woodrel
    Community Member

    Thanks.

  • [Deleted User]
    [Deleted User]
    Community Member

    Colour me concerned as well about the lack of local backups for 1Password for Teams… :(

    I am sure AgileBits' servers and processes are infinitely better than mine but, should the unthinkable happen, we could all be left responsible from a regulatory standpoint. (Enterprises are often run on outdated principles and answerable to outdated regulations. Ergo, even if it makes no real technical sense to offer local backups of Teams vaults, it makes plenty of legal sense for administrators.)

    It's the ~/Library/Application Support/1Password 4/Data folder, and you can restore the whole folder if you'd like […]

    Would you be kind enough to provide updated information? How should we back up 1Password for Teams data when using an instance of 1Password 6 that has been purchased on the Mac App Store?

    I know you can neither promise nor commit to anything, but I do beg of you to reconsider your position. If clean local backups through the 1Password apps are not possible, maybe we could download a flat encrypted "snapshot" file from the admin console on the web? Anything that would enable recovery in the worst possible case and also cover our derrières as far as our job descriptions are concerned.

  • rob
    rob
    edited February 2016

    Hey @pquimo and @Deleted User, good questions! I'm sorry my response caused more confusion than it answered. Let me try again. :)

    Offline access

    1Password is able to function offline for a certain period of time

    This was somewhat of a forward-looking statement. A little background is in order.

    The way we've designed 1Password for Teams is that the server is the authoritative source of data. Each client downloads data from the server and may keep its own local copy, but it relies on the server to provide accurate records of updates. If the client is offline too long, changes on multiple clients could cause conflicts on the server.

    In addition, 1Password for Teams is for groups of people who need managed access to credentials. If someone leaves the team, they should no longer have team data, but the only way the clients will know that is if they can communicate with the server.

    As a safety net for these two problems, we came up with the idea of a "lease access timeout" or something significantly better named. This would be a team setting that would control how long team members would be able to use 1Password without connecting to the server. This is something that would be set by team administrators, not by us. However, it's not been implemented yet, so at this point there is no restriction (or way to set a restriction) on offline access.

    All of that said, even when the feature is available, it will never be fool-proof. If the timeout has expired (when these things exist), the data will remain on your computer and 1Password simply won't let you open it. A crypto-savvy person could certainly decrypt the information themselves without using 1Password, and then there's always the chance that you've exported the data previously.

    Which brings us to backups.

    Offline backups

    There is not currently a supported way to do encrypted, local backups of 1Password for Teams data. Each of those words is important, so here's a quick summary to illustrate:

    1. We do supported, encrypted backups on our servers, but those are obviously not local.
    2. You can export your data as a 1Password Interchange File, and that is supported and local, but not encrypted (though if you exported to an encrypted disk, you should be fine).
    3. You can do encrypted, local backups by backing up the data folder as explained previously, but that is not supported by the 1Password for Teams system.

    Now for the details. Option 1 is pretty self-explanatory. I'll skip option 2 for now and come back to it. Option 3 needs some more background.

    It goes back to what I was saying above about offline access. The copy of your data on the server is the authority for all the clients that access it. Each client simply stores a snapshot of the server data. While it's offline, you can update information, but once it connects to the server, it will attempt to upload its changes and download new information.

    Each item has a version number that goes with it. If the client has an item with version 5, and the server says it has the same item at version 7, the client will download the server's copy. When you back up your local database, it has all the version numbers still in it. If you were to restore an older snapshot of your database that you had backed up, when the client connects to the server, it will simply look like the client hasn't been updated in a while, so rather than the backup overwriting the server data, the client will just update itself with the latest changes from the server.

    That explains why you can't restore an older snapshot of your local database if you're connected to the server or planning to connect to the server, and that's one reason we don't have a local backup system for 1Password for Teams. Now if you're concerned about 1Password for Teams being down, then having information overwritten by the server probably isn't a concern, so restoring that database should work fine. Just know that as soon as you connect to the server it will update itself.

    That brings us to option 2. When you export a 1Password Interchange File (1PIF), it does not save version information, so if you were to export it as a backup and import it again two months later, it would completely overwrite changes to existing items that were made in those two months. (It wouldn't overwrite new items since it had no record of them.) Those changes would be marked as new item versions, not old item versions, so the changes would be pushed to the server and then other clients.

    The downside is that 1PIFs were not meant to be used as backups. They are not encrypted, they can't be automated, and they can only be used to export the data in one vault at a time. They don't save any information about what vault they are from or anything like that, only the item data itself, so you can export them from one vault and import into another on a different (or the same) computer. But, they are usable.

    Summary

    If it's the middle of the apocalypse and our servers our gone and you just want your current data, you don't need to do anything different. Unless your account has an offline lease timeout by now (in which case, skip to step 5 in the steps below), 1Password will not self-destruct if it can't connect to the server, so you'll be able to continue unlocking your data long after the zombies have taken out Amazon Web Services.

    If it's the middle... yada yada... and you want an older copy of your data, you'll want to do this:

    1. You would have already been backing up the 1Password data folder using Time Machine, some other automated system, or manually. (For Mac App Store users, the folder is ~/Library/Containers/2BUA8C4S2C.com.agilebits.onepassword-osx-helper/Data, by the way).
    2. Quit 1Password and 1Password mini
    3. Restore your Data folder backup in place of the existing one.
    4. Unlock 1Password. As long as it can't connect to our server, you're fine and you can stop here. If you're worried our servers might be resurrected, or if we have by now implemented the lease timeout and you're not sure much time you have offline, continue.
    5. By now any thought of using 1Password for Teams is gone, so just create a new standalone vault for each of your current Team vaults.
    6. Select all the items in a Team vault and copy them to the corresponding standalone vault.
    7. You should now have local vaults containing all your 1Password for Teams data, which you can continue to access offline indefinitely and can move back into 1Password for Teams if the situation calls for it.

    My description of this scenario was somewhat tongue-in-cheek, but these would be the steps I would take if the truly unthinkable were to happen.

    I hope that helps! At 1200 words, it had better, or I need to go back to school. ;)

  • [Deleted User]
    [Deleted User]
    Community Member
    edited February 2016

    Thank you for your kind reply, @Rob! :) At 1200 words, it is a masterpiece of support and clarity. Thanks for all your help, and for these extra details.

    The limitations of backing up the Container folder make perfect sense, and I agree this is not something one would want to restore on a regular basis, especially with the restore needing to happen on an offline machine. Nevertheless, it is a good safety net to have in the worst possible case, and I am glad to report that it works perfectly: I spent a cosy afternoon writing a script that quits both 1Password and 1Password Mini before backing up the files, and the database restores perfectly.

    By the way, if your fingers are not too tired, why the "2BUA8C4S2C" at the beginning of the container? 1Password is the only app I know whose container uses such a naming scheme… (I assume it is an Apple-assigned Team ID or something…)

  • pquimo
    pquimo
    Community Member

    I completely agree with @Deleted User - thank you for the fabulous response. It is all exactly what I would have expected/hoped from this new service. Thanks.

  • @Deleted User and @pquimo, you are both very welcome. I'm glad it was helpful. :)

    As for the 2BUA8C4S2C in our container identifier, you are correct that it is our Apple-assigned Team ID. I'm not sure why we use it and other apps do not, but it may have something to do with the fact that 1Password for Mac is actually two apps (1Password and 1Password mini) that have to communicate with each other. I know Team IDs can allow apps from the same team to share certain things, so maybe that's it, but I'll have to defer to @rickfillion for confirmation or correction. :)

  • [Deleted User]
    [Deleted User]
    Community Member

    Thank you, @rob! :)

  • Hi @Deleted User and @pquimo,

    @rob is mostly correct about why mini's container identifier starts with our team id. The container identifier needs to match the bundle identifier. At one point Apple was recommending (if not enforcing) that helper apps within a main app have their bundle identifiers prefixed with the team identifier. I think they've since changed their minds about this, but changing a bundle identifier of an app is a painful process so we've not yet done the change.

    Rick

  • anselmdk
    anselmdk
    Community Member

    Hi guys,
    I've just read most of this thread, and understand 1Password's stance on this, but for me it's just a no-go that I can't have a versioned backup of my vaults on Dropbox like I used to.
    I'll probably keep using 1Password for Teams, but only when I really need to share data with clients. For anything mission critical I'll stay with shared vaults on Dropbox, as I - for peace of mind - just want to know that my vaults are backed up in my own system, which beyond Dropbox includes several off-site locations.
    I really hope there'll come a solution for this at some point. Please keep on posting if you agree with me.

  • AGAlumB
    AGAlumB
    1Password Alumni

    We don't have any updates for you, but it's something we discuss. Thanks for letting us know both how you use 1Password, and that a local backup feature is important to you! :)

  • jacobgraf
    jacobgraf
    Community Member

    I agree. I really don't like not having a local backup. Even if we don't have the ability to restore the database back to the Teams account, if we could open a copy locally in 1Password and then copy logins over to Teams if need be, that would ease my mind. Like others have said, it's not that I don't trust AgileBits, but I have a LOT of important data in 1Password and I feel like I need to do "my" part in periodically backing it up.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @jacobgraf: The formats (and data types) are completely different, so a local backup of 1Password Teams/Families data wouldn't do you any good. You can, however, export the data and store it securely, which would be both human readable and allow import in the event of disaster.

  • tfordmq
    tfordmq
    Community Member
    edited July 2016

    Perhaps for us "enterprise" clients you just need to offer an export option. I will express the same level of concern others have, and let me explain logically what is going on:

    1) Although I admire and am a big fan of Agilebits, it is very risky for us to simply trust that you will never permanently lose our data.
    2) You can mitigate that risk by explaining to us how you make multiple backups, store them in different geographic locations, etc
    3) One risk still remains though, if our data goes away completely, some of our most important data to access our most important systems is gone. The risk and impact here is severe.
    4) Ultimately, we need to mitigate that risk, and the best way I know how to do that is by "exporting" our encrypted data.

    If we were able to take an export of our encrypted data from the admin panel, and that export could be loaded and used offline in a local 1password application, then at any time, even if agilebits permanently lost our data, we could access our important passwords and continue to operate (albeit not as smoothly as with 1 password for teams). When the export is loaded and accessed in a local 1password application we might consider additional factors for authentication, like additional emergency keys maybe, something to think about ...

    If we could do that, I would be very comfortable. Also, would need to be able to automate the export through an API. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    Perhaps for us "enterprise" clients you just need to offer an export option. I will express the same level of concern others have, and let me explain logically what is going on: [...] If we could do that, I would be very comfortable. Also, would need to be able to automate the export through an API. :)

    @tfordmq: Excellent points! That would indeed be a powerful combination. It isn't something we're able to offer right now, but that's definitely on our radar. Thanks for the feedback! :)

This discussion has been closed.