To protect your privacy: email us with billing or account questions instead of posting here.

Ransomware and 1Password

tomrehor
tomrehor
Community Member

I have 1Password 6 stand-alone and am very satisfied with it. 1Password, like many software development firms, is moving to a subscription model; for customers, this has advantages and disadvantages.

One advantage to stand-alone is that the possibility of ransomware is remote. I have my data on my own server which is behind a firewall and is backed up to a separate drive and to a cloud service (iDrive). In addition, there is little incentive to attempt to control and ransom my personal computer.

This is not true with a subscription model where the data are stored in 1Password's cloud; Quickbooks and iNSYNQ can attest to that.

The subscription model is probably inevitable. However, before I relinquish my almost-irreplaceable data to the friendly folks at 1Password, can you please enumerate the security measures taken by your company to protect against such threats?

Thank you.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @tomrehor!

    Ransomware can hit a server the same way it can attack your personal computer, so if you are afraid of this type of attack, where the data is stored does not make a big difference. In addition to this, all 1Password data is end-to-end encrypted, and if you store it on 1Password.com, the encryption is stronger than if you store it on your own computer, since the data is encrypted with your Secret Key and not just with your Master Password.

    Indeed, the Secret Key is there to protect you from the case where our servers are compromised: all an attacker would have would be your encrypted blob, which makes it pretty useless to the attacker.

    But you can see all our security measures on our Security page or, if you want the technical details, in our Security white paper.

    I hope this helps!

  • XIII
    XIII
    Community Member

    Maybe @tomrehor is more afraid of losing access to his data than criminals getting his data? (In the case of ransomware)

    The local cache on his PC/Mac/phone/tablet might help then.

    Still, I’m (also?) curious about what AgileBits does to prevent data loss (access).

  • DanielP
    DanielP
    1Password Alumni
    edited July 2019

    @XIII: if data loss is the concern, perhaps our article about automatic backups might help then.

    Still, I’m (also?) curious about what AgileBits does to prevent data loss (access).

    Are you interested in knowing about what we do to prevent data loss, or unauthorized access?

    To prevent data loss specifically, we have automatic backups in place. We use AWS, like most online services, which has a redundant network of servers. Even if an AWS server were to become suddenly unavailable, chances are you would not even notice ;)

  • XIII
    XIII
    Community Member

    Are those backups on- or offline? With version history?

    Online backups are nice, but if ransomware hits a computer (/server), it might also affect online (reachable) backups.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @XIII: I haven't heard of any cases of AWS itself being taken down by ransomware, and I expect everyone would notice if something like that happened due to its ubiquity on the internet. As Daniel mentioned above, we have many layers of security in 1Password to prevent, identify, and notify of potential threats. And apart from our own efforts, we participate in external audits and cooperate with independent security researchers to find any potential issues so we can fix them. On top of that (or, perhaps more accurately, underneath), AWS has their own security measures in place. Practically speaking, if an attacker broke in and re-encrypted (using their own encryption keys) the data on the server, we'd know right away, because it would break things. We'd need to restore from a backup (which could take some time), but users could continue to access their data on their devices anyway, which keep a local cache. A DDoS attack would likely be "easier", but it's hard to knock AWS off the internet given its load balancing and redundancies. AWS has a ton of information available on both of these topics -- security and availability:

    Cloud Security (AWS)

    Backup & Restore (AWS)

    I hope this helps! :)

  • XIII
    XIII
    Community Member

    Yes, thank you for confirming that the local cache indeed helps in this case.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Any time! :chuffed: And that's just one of many measures in place to keep things running smoothly. Cheers!

This discussion has been closed.