Employee data access (with manager), recovery (if sabotaged), and lockout (if terminated)?
The title of this post should be clear for the possible scenarios I'm interested in. Basically the management would like to have access to employee password entries (eg, like when the employee is on vacation and we need access to a vendor website), we'd like to recover any sabotage done to the data due to a potentially disgruntled employee (better safe), and lock them out quickly and efficiently if it becomes necessary.
It sounds horrible. This is a great company and this situation has only really bitten them one time in 15+ years.
We're in the purchasing stage for 1P. One user has it installed and loves it. The plan is to order the standlone version (64.99) for each of them (even though I see the teams model is now available, the corporate accountant prefers the one-time fee). I'd just like to make sure that using this version/pricing model, those three scenarios can be addressed effectively.
Additional setup criteria on my end isn't a problem for me. I've seen the suggestion of additional vaults for similar situations, but nothing precisely in the same context.
I have everything I need to start making those purchases, except for that information. If anyone could pitch in so I don't have to install and fumble through it on my own it would save me a considerable amount of time.
Thank you,
Patrick.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Employee data
Comments
-
Hi @niftygeek,
1Password Teams really is the best solution for your needs with the tight control over your data, the difference isn't in the price but in the total control to your data.
With 1Password Teams, you have a central admin console that you can use to manage all of your data, teammates and permissions to your data.
With 1Password standalone, you don't have any control over your data once you give up your vault password to the vault. You can change the password to the specific vaults but it doesn't lock anyone out because they can just stop the change from happening and they'd keep unlocking with the previous password.
Here's an example: if you create a separate vault for your sales department to use, you have to give them the vault file and its password to unlock, all of them will have full access to it and if someone leave, they'd still have access to the file locally even if you stop sharing the vault with them and change the password. What they won't have is new updated data because you're no longer syncing these changes to their copy of the file. Again, you don't have control over their copy of your vault file.
With 1Password Teams, you're not sharing any vault files or passwords. Instead, you invite your department into the vault and give each one permission to view only, block the reveal of the passwords if you want and prevent them from exporting the data. If someone leaves, you close their account and they won't be able to pull the data anymore. Their local cache will expire as long as they don't have permission to view them.
In summary, 1Password Teams gives you the ownership and control of your company data that 1Password standalone cannot.
0 -
By the way, you can see more details about how access control works with 1Password Teams here: https://support.1password.com/teams-admin-access-control/
0 -
Thanks Mike. Very informative. I'll review with the powers that be.
0 -
You're welcome and you can reach out anytime to us at support@1Password.com if you have any questions regarding 1Password Teams or the standalone versions as well.
0