Enforcing 1Password Device Trust Checks

Objective: Begin enforcing device health checks, requiring employees to address and resolve security issues before accessing work apps.

People

☐ Prepare for support needs:
☐ Anticipate that employees may need extra help during this phase, especially those unfamiliar with resolving device health issues

☐ Continue reinforcing privacy standards:
☐ Reiterate that Device Trust only monitors essential security data, and remind employees to consult the Privacy Center if they have questions about what is being checked.

Process

☐ Notify employees of enforcement date:
☐ Send reminders about the enforcement of health checks, explaining that security  issues must now be resolved in order to access work apps. We recommend using our employee communications templates as a starting point.

☐ Offer support: Anticipate increased support needs during the enforcement phase.

Technology

☐ Add New Device Trust checks: view the checks catalog to review all available pre-built Checks or build your own.

• NOTE: when first deploying, we recommend starting with "report only" or "warn only" before turning on enforcement, so as to minimize disruption.

☐ Add Checks for 1Password Enterprise Password Manager (EPM): Consider adding the following checks to your instance if you’re already an EPM customer.

☐ Require 1Password to be logged into a work account
☐ Disallow 1Password Emergency Kits stored in plaintext
☐ Require 1Password 8 meets minimum version
☐ Require SSH keys to be encrypted and stored in 1Password