What happens to the private vault of someone who leaves our company?

We're just getting started (as a company) with 1Password for Teams. As I'm planning out the organization of how this will be managed for our staff, I was wondering about what guidelines I should create for accounts/credentials that are specific to an individual. The default action would be for the individual to create/store those accounts in their 'Private' vault, but I'm thinking that might be a bad idea for our company. The accounts an individual creates are still 'company' accounts for doing company business, they are just specific to that employee/user.

I need to have a plan for how to recover such accounts if/when an employee leaves the company. I do not want is a situation where those 'Private' vaults and the credentials they contain to be lost to our company when an employee leaves. I also do not want to have to rely on cooperation from the leaving employee about gaining access to 'their' Private vault upon termination.

Is the recommendation then to just have ALL employees create 'their' accounts in a vault other than the default 'Private' vault, to make sure I have access to move/copy accounts if the employee leaves?

What is the recommendation for this situation? Please advise. Thanks!


1Password Version: 6.8
Extension Version: Not Provided
OS Version: OS X 10.11
Sync Type: Not Provided
Referrer: forum-search:what happens to the private vault if someone leaves the company?

Comments

  • FrankFrank

    Team Member
    edited August 2017

    Hi @AjEG - Great question!!! We don't recommend employees adding "personal" data to their Private vaults. If they ever leave the company and are removed from the 1Password Teams account, they will lose access to anything within their Private vault. When a team member is deleted from the account, all access is revoked through the apps and via the web app. If employees want to start using 1Password for their personal items, they can sign up for an Individual account. They can add both accounts to their 1Password app which makes it easy and convenient to manage both accounts from the same location.

    Private vaults can only be accessed by that specific team member. You do have the ability to recover accounts if the employee leaves the company. You can also set up a permission on any Shared vault that would prevent the employee from moving items to the trash, importing or exporting data via the client apps. Team members should only be using the Shared vaults for any company related data.

    I hope this information helped a bit more. Keep us posted if you have any additional questions. We'll be more than happy to help out.

  • AjEGAjEG

    Thanks for the info Frank!

    I will plan on creating 'shared' vaults for each employee that only they (and 1PWT Admin) have access to. Then when an employee leaves the employee specific company accounts remain completely accessible to the manager of the company 1Password for Teams (1PWT) account.

    I will also advise employees to only use the Standalone 'Primary' account for any truly personal accounts and credentials.

    Thanks Frank!

  • FrankFrank

    Team Member

    Hi @AjEG - You're very welcome! You can create as many Shared vaults as you need to :smile: With your account, you also have the ability to create customized groups. You can read a bit more here about all the awesome benefits that are included with your specific plan. Please feel free to reach out to us anytime, we're always here for you if you need us.

    P.S. I totally dig the avatar :wink:

This discussion has been closed.