1Password for Teams

1Password for Teams is a the best solution for securely managing shared secrets in a corporate setting.

The 1Password for Teams product by AgileBits is argubably the most popular SaaS-based password management tool. In our opinion, it offers a better user experience over apps like LastPass as well as provides integration with Duo and Slack for real-time activity notifications.

Best Practices

Here are some of our recommended practices for working with 1Password. If your organization choses an alternative password management solution, we recommend implementing compensating controls.

Enable Real-time Slack Notifications

With real-time slack notifications, you’ll be able to monitor logins for anomalies.

Real-time Slack Notifications

Duo Integration for MFA

Leverage Duo push notifications for MFA. With Duo, you can do full-on geofencing to ensure logins do not come from untrusted locations.

Duo Push Notifications

Create Role-based Teams

Define teams in terms of roles (E.g. production-admin, staging-admin, dns, finance, etc).

AWS Master Credentials

We use 1Password to store the AWS Master Account “root” credentials. Share OTP (MFA) codes with trusted admins.

1Password MFA Tokens