Where is the 1Password for teams data stored?
Following the Safe Harbour case in the EU regarding the transfer of data to the US, we're assessing where all our data is stored.
Can you advise, if we start using 1Password for Teams, where our password data will be stored?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hello @Toby G,
We use Amazon Web Services to host 1Password for Teams and are using the us-east-1 region, which is located in N. Virginia within the US.
The Safe Harbour case creates a lot of interesting questions, particularly for 1Password for Teams. If you and your company decide that all data must be hosted in the EU, we'll have to find a way to make that happen. One option is for us to host multiple regions as AWS does have data centers available in Frankfurt and Ireland, albeit this option comes with some technical challenges. Another option is to provide self-hosted versions of 1Password for Teams that you can run on your own severs, but this option has a few technical challenges of its own as well.
Our current focus is to complete the 1Password for Teams beta. Once we've finished, we will be investigating self-hosting further and evaluating if multiple data centers would work for us.
I hope that helps,
++dave;
0 -
Self hosting sounds mandatory for several companies willing to keep their sensitive data under control. Not to mention, department without Internet access.
Btw, You might consider providing a virtual appliance for on premise deployment.
Regards,
0 -
Hi @thsuw,
Amazon has some neat virtual appliance possibilities, and that's one of the areas that we've been keeping an eye on for when we look at this more seriously. Right now our priority is to get things working as well as we'd like, which requires being able to push updates frequently. Pushing updates out becomes much more challenging once you have multiple deployments. Once we're out of beta we'll be in a better position to decide how best to tackle these issues.
Cheers.
Rick
0 -
Take your time! That's what betas are for :)
Thanks!
0 -
Don't hesitate to reach out if you have any additional questions. We're happy to help.
Rick
0 -
From https://blogs.aws.amazon.com/security/post/Tx3QAALRNBIK9K1/Customer-Update-AWS-and-EU-Safe-Harbor
Today, we’d like to confirm for customers and partners that they can continue to use AWS to transfer their customer content from the EEA to the US, without altering workloads, and in compliance with EU law. This is possible because AWS has already obtained approval from EU data protection authorities (known as the Article 29 Working Party) of the AWS Data Processing Addendum and Model Clauses to enable transfer of personal data outside Europe, including to the US with our EU-approved Data Processing Addendum and Model Clauses. AWS customers can continue to run their global operations using AWS in full compliance with the EU Data Protection Directive (Directive 95/46/EC).
0 -
I understand that you focus to complete the beta. Just to note, the options to select the AWS datacenter zone or an on-premise hosting are interesting for us too.
0 -
Server location is important to us as we are outside of the US.
Is there the possibility of government requests for information?
If such a request was to happen, what sort of data would be provided?
Are there options to have the data stored in Canada?1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Teams Beta
Referrer: forum-search:password teams location0 -
Hi, @adamp_uwo, and welcome to our forum! I've moved your question to this thread which discusses the same kind of question.
Dave gave a great answer above about the location of our servers and the ability for us to expand to new locations.
Regarding your other two questions:
Is there the possibility of government requests for information?
If such a request was to happen, what sort of data would be provided?We address this in our white paper on the security design of 1Password for Teams, and I'll quote that piece here:
It should be assumed that governments, whether through law enforcement demands or other means, may gain access to all of the data that we have or that our data hosting provider has. This may happen with or without our knowledge or consent. The same is true for non-governmental entities which may somehow obtain server data. Your protection is to have a good Master Password and to keep your Account Key secure. Although we may resist LE requests, we will obey the laws of the jurisdictions in which we are obliged to do so.
You can read more from our white paper if you're interested in the fine grained details, but even if we had to hand over data to law enforcement, it's going to be encrypted with your Master Password and Account Key. So as the white paper notes, keeping those secure is your best defense. There are some unencrypted things that we store on our server, such as names and email addresses, but anything you type inside a vault is fully encrypted so that neither we nor a government can access that information.
I hope that is helpful!
0 -
You're more than welcome, @adamp_uwo! Glad that helped. :)
0
