A couple questions

corvock
corvock
Community Member
edited December 2015 in Business and Teams

I recognize some of the lower ones effect user experience, but i am trying to get answers for questions i may be asked about when i send out invites.

  • So as a member of a team (when this goes to paid) i get use of the mobile and desktop apps for use with the team data by virtue of the subscription?

  • Would i be able to create a personal non-teams vault, sync via dropbox and such just like someone who has a license to the software?

  • When that subscription for my user ends, the software reverts to a non-paid status and i would then have the option to just buy licenses and i can pick up using my personal non-teams vault as any other non-teams person?

  • If my teams account is locked, can an administrator access my personal-teams vault?

  • In the case of a termination, is there any way to verify that there is nothing in the personal vault that isn't "property" of the organization?

  • Can personal-teams vaults be disabled?

  • Can access be limited to particular IP addresses? so we can say the information can be accessed from our IP range at work, but at home i would not be able to connect? So i can sync the vault while at work to my mobile, or across VPN, but not just from anywhere that has internet.

Comments

  • Hi @corvock,

    Let's see if I can answer all of these questions..

    So as a member of a team (when this goes to paid) i get use of the mobile and desktop apps for use with the team data by virtue of the subscription?

    That's correct. Even while it's in beta, as soon as you add a Team, all trial (or non-premium in the case of iOS) restrictions should be removed from the apps.

    Would i be able to create a personal non-teams vault, sync via dropbox and such just like someone who has a license to the software?

    Absolutely. To help simplify things for those that don't necessarily want that, we'll be allowing a new user to start the app in a "Teams-only" mode where we hide things (sync settings, wifi server settings, etc...). But there should be a button that allows a user to create their first personal/non-teams vault which will re-enable all of those things.

    When that subscription for my user ends, the software reverts to a non-paid status and i would then have the option to just buy licenses and i can pick up using my personal non-teams vault as any other non-teams person?

    That's correct.

    If my teams account is locked, can an administrator access my personal-teams vault?

    I wish there was a simple 'yes' or 'no' answer to this. It really depends on what you mean by 'access'. I have to be careful about how I answer this one. The personal Teams vaults belong to the Team, and not to the user. The Teams server has policies in place such that personal Teams vault contents are not returned to any user but the user whose vault this is. The ability to recover the account requires that all encryption keys be shared with members of the Recovery group.

    In the case of a termination, is there any way to verify that there is nothing in the personal vault that isn't "property" of the organization?

    We have an AgileBits Team (obviously). The only things I put into the Personal vault on our AgileBits team are things that belong to the company (i.e. the logins I need to do my job). This is how we recommend people use the Personal vault. It's not where I store all of my personal-use logins, those are still stored in another vault outside of Teams (for now).

    In that sense, you should assume that everything in the personal Teams vault is property of the organization.

    Can personal-teams vaults be disabled?

    Not currently. The only way to not have a personal Teams vault is to be a Guest user. We're still getting a feel for what people think of both the Personal vault and the Everyone vault.

    Can access be limited to particular IP addresses? so we can say the information can be accessed from our IP range at work, but at home i would not be able to connect? So i can sync the vault while at work to my mobile, or across VPN, but not just from anywhere that has internet.

    This isn't currently a feature. Can you elaborate on this one? Can you tell me why you'd want to be able to sync while at work but not while at home? It seems to me like it's less sync that I'd want to block and more like having access to the data at all.

    I hope this answers your questions.

    Rick

  • corvock
    corvock
    Community Member

    I wish there was a simple 'yes' or 'no' answer to this. It really depends on what you mean by 'access'. I have to be careful about how I answer this one. The personal Teams vaults belong to the Team, and not to the user. The Teams server has policies in place such that personal Teams vault contents are not returned to any user but the user whose vault this is. The ability to recover the account requires that all encryption keys be shared with members of the Recovery group.

    I think this is what i am looking for. So if i get separated and it turns out that i had a personal-teams password that they need, they can recover it from my account? I see having the personal-teams vault as encouraging me to use that to store, say, my personal login to the work web server backend there so that it doesn't clutter up the everyone vault. I just want to make sure that if i make the call to store information there, then separate and it turns out that they need that password that it is recoverable to them.

    This isn't currently a feature. Can you elaborate on this one? Can you tell me why you'd want to be able to sync while at work but not while at home? It seems to me like it's less sync that I'd want to block and more like having access to the data at all.

    I'm not sure if it solves anything or would just be annoying, was just a thought i had. I could see that as a way of a poor man's integration with our active directory. If we restrict syncing to the IP's our desktops and VPN use, then you have to access a computer, wifi, or the vpn. All of which you need valid AD credentials for. If we terminate someone the AD account is locked down first, then the rest of the accounts fall in line after. Maybe not a great solution, but just what popped into my head, i can be a pain like that ... lol

  • @corvock :

    So if i get separated and it turns out that i had a personal-teams password that they need, they can recover it from my account?

    Yes. Account Recovery would get them that data assuming they had access to your email account as well.

    If we restrict syncing to the IP's our desktops and VPN use, then you have to access a computer, wifi, or the vpn. All of which you need valid AD credentials for. If we terminate someone the AD account is locked down first, then the rest of the accounts fall in line after.

    Ah... ok that makes sense. It's an interesting idea. Certainly something to keep in mind.

    Cheers.

    Rick

This discussion has been closed.