Access to "Your Vault"

Each user that joins the team is given access to "Your Vault" and "Everyone". There's some confusion about what the intended use case for "Your Vault" is.

It seems like a truly personal vault would be better outside of the structure of the team. If I am removed from a team, I don't want to also lose access to any personal information that is stored in my personal vault on that team. Is the intention for "Your Vault" to be a store for your personal, team-related logins that are never shared? I worry that there may be some confusion here.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • nathanvf
    nathanvf
    1Password Alumni

    Hello dprior,

    That is correct. "Your Vault" is for the user's information and is not accessible to other team-mates. It is true they would lose access to that vault if they were removed from the team. In some ways it could considered work-related information that is unshared. For example, maybe that user's particular login for a server appliance or work email address.

    Users still have the ability to make their own old-style vaults in 1Password which can used along side their 1Password for Teams vaults and can be synced over things like Dropbox for things that are actually personal.

  • dprior
    dprior
    Community Member

    Thanks for the clarification. This makes sense and I'll add it to our internal documentation for 1Password.

  • nathanvf
    nathanvf
    1Password Alumni
    edited November 2015

    No problem, we'll try to make that clearer in our documentation as well.

    Let us know if you have more questions!

  • Hi nathanvf,

    would be cool to have policies in place to disallow old style Vaults. Cause if the company removes access to Team Account, the staff member should not have access to any confidential information anymore.

  • Hi @random_31731ec7aea,

    While I can see why you might want such a policy to exist, I don't see us adding such a thing. A user could be a part of multiple teams, and even then, a user might want to have their own personal (non-teams) vaults for data that doesn't belong to any teams that they're a part of. It would be up to the companies to ask that employees not copy company credentials to their personal vaults, which is the same policies that have to exist currently in any company. It's not something you can really make a technical policy out of, I could write the company server password on a napkin if I really wanted to.

    Rick

  • It would be up to the companies to ask that employees not copy company credentials to their personal vaults...

    I think the issue here is when employees are making their own accounts for stuff related to the company (an account on Amazon.com for purchasing stuff for the company) and there is user confusion on what the difference is between their personal vault tied to the company, and their personal vault not tied to it.

    I also deeply would like the ability to restrict vaults outside of the Teams product, as there is no reason an employee should be using their work computer for enough personal business that they are keeping their personal passwords on it. That's also opening us up to some sort of liability I believe, having current and former employee personal passwords on their computers and inside our backup system for months/years after their departure.

    The success of this Teams project is dependent on its ability to fit the needs of a business.

  • @dtemp_jg I understand that companies could have different requirements and we discussed this internally in the past.

    It seems that we might be able to implement it as a Team setting that would prevent the members from combining this Team account with any other accounts or vaults.

    It is certainly our goal to make 1Password for Teams work well in different environments.

This discussion has been closed.