Offboarding workflow for team members?

Are there any resources for advising on offboarding of 1Password team members?

Our policy here is to transition the accounts on third-party resources of employees on their final day, and operations staff are responsible for ensuring accounts have passwords changed, are deleted (if possible) or made dormant, and any process or resource ownership is transitioned to another team member.

An administrative user

  • creates a new temporary vault that can be written to by the departing user and the admin user

then, sitting with the departing team member, an administrative user

  • ensures the user removes any personal/non-business entries stored in the "Private" vault
  • moves all other entries into the temporary vault
  • goes through the entries in the vault and checking that the user does not have 2FA enabled with personal phone/apps - and switching if so

then the administrative user

  • removes the departing member's access to the temporary vault
  • suspends the user
  • moves the content of the temporary vault to a "Former Team Members" vault available to appropriate admins
  • deletes the temporary vault
  • generates a usage report
  • goes through the usage report to identify shared passwords that should be changed.
    (for this purpose it would be good if the usage reports indicated if the password had changed since the last time a user accessed it.)

This is then followed by the long process of going through each account and ensuring it can be closed without business disruption.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AG_PikeAG_Pike

    Team Member

    Hey @leedxw,

    Thanks for reaching out to us, and thanks for sharing this to the forum! :)

    We don't have an offboarding guide for 1Password, as every business handles these sorts of things differently. That said, you've clearly given this some thought, and what you're proposing here looks like a great model for how to handle an outgoing employee.

    Depending on the plan you have for your business, you may also be able to avail of a free 1Password Families account for each user, so they have an easy way to securely move any personal items they want to keep, as well as a safe and secure place to keep their personal data in the first place. When someone leaves your organization, they can then keep their personal account by continuing the subscription on their own.

    Since we might want to discuss your private account details with you to help you finalize this policy, I'll follow up with you directly via email.

    Cheers,

    Adam

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file