Any backup or is all data on 1PW servers?

jason_ferguson
jason_ferguson
Community Member
edited February 2016 in Families

Want to try 1PW for Families, but I'm concerned about how the data is stored/accessed. A few questions:

  • Is all data kept on Agilebits' servers?
  • Can I use 1PW if I don't have a data connection?
  • Can the database be backed up locally?

Also, after reading through the forums, am I correct in the assessment that the Families vault is an ADDITIONAL vault kept on 1PW servers, while other (Dropbox, for instance) vaults could be kept in their original locations? So you'd want this Families vault to be the one that shared stuff is in, while non-shared stuff could/should stay in other, local vaults?

I currently use 1PW via Dropbox and have two main vaults (work, personal), plus an vault for archived items.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Aleen
    Aleen
    1Password Alumni

    Hi @jason_ferguson,

    Good questions! I'll take them one by one.

    Is all data kept on Agilebits' servers?

    It is! Having the data on our servers makes it easier for us to make sure it's available to you wherever you are, on any of your devices.

    Can I use 1PW if I don't have a data connection?

    As long as you've set up 1Password on one of your devices, you can get to your data. The only potential hiccup is that information updated in 1Password while a specific device is offline won't sync to the offline device. For example, I use 1Password on my Mac and Wi-Fi only iPad. Sometimes I work from coffee shops and only connect my Mac to the Wi-Fi and make changes in 1Password. On my iPad, my data will update as soon as I connect the device to the Internet and launch 1Password.

    Does that make sense? I can't tell if I've helped or muddied the water :)

    Can the database be backed up locally?

    No, there's no way to locally back up data. We have lots and lots of server backups, though, so your data's safe :)

    am I correct in the assessment that the Families vault is an ADDITIONAL vault kept on 1PW servers, while other (Dropbox, for instance) vaults could be kept in their original locations?

    You've mostly got it! 1Password Families is more than just a single vault. From the beginning, all team members have access to both a Personal vault (where they can save the information only they need) and a Shared vault (where they can save the information everyone might need). Account Owners can create additional vaults with more nuanced permissions. For example: my husband and I share a vault our parents can't access, while my mom and I share a vault my husband and his mom can't get to for estate planning information.

    You can use 1Password Families and 1Password vaults synced with Dropbox or over Wi-Fi at the same time, if you'd like.

    I hope this helps! Please let us know if you have more questions :)

  • zendnez
    zendnez
    Community Member

    This is an interesting question from @jason_ferguson.

    @Aleen - I appreciate that redundant copies of data are maintained. I don't think that's the only issue, though. What about scenarios in which someone with our without intended access to a vault deletes items and empties the trash? There are cases where this will be intentional and accidental as well as cases in which the actor is intended to have authorization and cases in which he or she isn't. Could be a pissed off teenager, a disgruntled former employee whose access hasn't yet been revoked, someone who managed to hack into a team site, or just a person accidentally deleting something by mistake and then emptying the trash before realizing the error.

    I actually don't want local backups. Instead, I would hope that you guys could consider making all deletes into soft deletes for at least a month during which time an administrator is provided an ability to restore them individually. Personally, I would build this such that empty the trash removes them from that view and causes them to appear in an admin console view until the 30 day period elapses. Or something like that.

    If you really, really need a "I need you to remove all traces of this event from the earth right now at this instant" feature, then you should probably put that behind multi-multi-factor auth or put it behind a 24 hour hold window which begins with an email notification to admins (admins have 24 hours to cancel the request). Or something like that.

    Thanks for considering this idea. :)

  • Hi, @zendnez.

    Thanks for your comments! We actually don't permanently delete any items as it stands right now, but we don't yet have an interface that allows restoring them. We plan to provide that interface, though, and we're currently figuring out how it would look and work. Thanks for sharing your ideas there!

This discussion has been closed.