Pro Plan: Exporting data not flagged in Activity Log
Hello,
I was disappointed to discover that Exporting data from the 1Password6 app on Windows does not get listed in the Activity Log.
I know, we could turn this feature off for certain users in certain vaults. This is beside the point.
Implied trust means nothing in a company if you have no ability to audit and verify it in some way.
Is it terribly complicated to have something as important as data being exported be a logged event in the Activity Log?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @DariusR,
The Activity Log is more about administrative changes to 1Password than about the contents of a vault.
I assume that what you're after isn't so much knowing that someone literally used the export function, but more about knowing that they've taken data that's in the vault and has put you in a position where should they leave the organization, they could potentially leave with this data. We do have a solution for the latter.
With the Pro plan for 1Password Teams, if you have the Beta features enabled, there's an additional button that shows up in a person's detail page that allows you to run a report and it will give you a complete listing of items that the user has used. "Usage" in this case is any action that has caused the sensitive information within that item to be put into the user's hands. This could be by copying the password, or filling the item, or exporting the vault. Should you need to remove someone from your Team, our recommendation is to first Suspend the user, then generate the report for them. This will give you a list of items that you should consider changing the passwords for.
You should take a look at the report feature. So far people have really liked it and it has met their needs. I'd be curious to know if it works out for you as well.
Rick
0