Business security features
Data backup and recovery
Centralized backup of data from from the team profile of all user’s accounts ensures that sensitive data is not lots if team members leave or if a user forgets their master password. The data users save in their personal profile in Password Boss is excluded from backups to ensures team members private data remains private. Backup data is encrypted with RSA 2048-bit keys and only the administrators for the team can access the backup data. This feature is available to all teams on the Advanced plan.
There are two roles for accessing the team account in Password Boss Business. User and Admin. Administrators have access to admin console in the Password Boss portal to manage user, groups, shares and security policies. Administrators also have access to billing information. Administrators can also promote others users to the admin role. Users without the admin role have access to the portal where they can manage their devices.
Organization level security reports
Password Boss Business maintains a read-only audit log of all changes made on your account. Administrators on your account can access the data via the reports section of the portal. Report data includes all user and group add/change/delete activity, password resets, individual security scores, and user activity.
User and group management
A Password Boss Business admin has access to setup and manage all current users and groups, as well as pending user invitations. On-boarding and off-boarding of all users is done via the portal.
When a user joins your team we send an email notification to all active administrators.
Groups are used to enable users to easily share saved items with multiple people at once. Team admins create groups and all users can then send shares to a group. As group’s membership changes, any shares sent to that group are automatically updated with the new membership. For example this makes it easy to send a share to the marketing department, and when a new user is added or removed from the marketing group their access is updated automatically.
Group membership is managed on the portal by administrators. Users cannot change group membership.
Administrators can revoke a users access to Password Boss account. When this happens an administrator can choose the following options:
- Delete the user’s account. When the user attempts to login to the client app, all locally saved data on the users device will be deleted.
- Convert a user’s account to an individual account that is no longer part of the team. Security Policies also allow an administrator to have any data stored in the users team profile to be automatically deleted.
When an administrator removes a user from your team, we send an email notification to all active administrators.
Custom security policies
Built in templates allow administrators to quickly and easily implement security best practices for your team. Security policies are available from simple best practices to more secure, and can be tailored to fit the needs of your team. Examples of security policies include:
- Requiring user to change their master password after a given interval.
- Automatically moving your team items into a team profile with automatic backups.
- Restricting sharing of items to only members of your team.
Shared item management
Shares are created by users in the Password Boss app. Administrators can make the following changes to shares from the portal:
- Add or remove users or groups with access to a share.
- Add or remove owners to a share.
- Change permissions for recipients of a share.
- Delete a share.
Administrators do not have access to the contents of the share unless the administrator is also a recipient of a share. All access to items contained in a share is via the Password Boss app.