When The Network Is A Coffee Shop: 1Password's Place In A Post-Pandemic World
Amid a new announcement to further expand into the midmarket and enterprise segments, a 1Password executive talks about how its technology can help secure the hybrid work scenario.
There may be an inclination to think of 1Password as a consumer, end-user tool for managing the infernal number of passwords we need to log into the seemingly endless personal and business apps we use daily. Yet, 1Password has made headway in the business space over the last several years.
Those consumer clients "brought us to work," said Melton Littlepage, chief marketing officer at 1Password.
The 18-year-old Canadian company began delivering its B2B offering about six years ago, Littlepage said.
"As our consumers were bringing us to work, they were using our feature request process to say, ‘Hey, it'd be great to be able to roll this out to my team or my entire company, but to do that I need policy control, the ability to audit group management,'" he said.
Addressing the New Work Normal
Most recently, 1Password — which last September announced that it's seeing more than $250 million in annual recurring revenue, boosted by business segment growth — said it has helped some of its customers bolster business security against the potential dangers of the now-common hybrid work scenario, according to Littlepage.
"One of the things we've seen in the last five years is a really radical change in how we work and where we work - and what devices we work from," he said. "[CIOs] locked down the business in terms of securing people's access to applications. They used tools like single sign-on where all the applications and business are plugged in, and you authenticate once in the single sign-on and click through a tile where you want to go."
That process, Littlepage said, allowed businesses to control access for employees and manage privileges.
A process that worked "great," he said, until COVID hit.
As people are now working from just about anywhere, securing the network "doesn't work anymore," Littlepage said. The network can now be "the coffee shop."
Employees have also brought SaaS applications into the mix for their productivity and convenience, Littlepage said. These applications, plus end users working from anywhere, can create an access management nightmare for IT.
"The role 1Password plays is we secure the access to the shadow IT applications that are not supported by the single sign-on security solutions that enterprise businesses have relied on for years. And that's a huge windfall. We don't replace the single sign-on solution or what the industry calls identity access management … we complement those. And when you have an identity access management (IAM) system, like an Okta for instance, and 1Password you have complete coverage of all your applications, which is a huge win as more and more SaaS applications come into the business. So that's one value. The second value is you're a personal user --- you know that people love having one password on their personal devices. But people hate having security tools, the business security tools on their personal devices," he said.
The Security Behind 1Password
Last fall, Okta, the identity management service that works with 1Password's products, suffered a breach that affected its support system and allowed an attacker to view some of its customers' data.
While 1Password said at the time, "that no 1Password user data was accessed," it's fair to believe that the incident may give IT decision-makers pause in considering 1Password as its enterprise-wide passwords management solution.
Littlepage addressed those security concerns.
"The level of authentication is the strongest available," he said. "If you directly access the 1Password app, you do it biometrically … and then the encrypted pipe into the password vault is the strongest degree of encryption in the market," he added.
He called Okta's multi-factor authentication "robust" and that it is security that creates "hardened targets" in enterprises.
"If you think about what the threat actors are going to do, they're going to spend very little time trying to crack through that hardened target; they're going to spend almost all of their time going after softer targets … credential stuffing, stolen username and password combinations to see if someone was foolish enough to reuse the same password on multiple apps," he said.
Now, 1Password's executives say they are making plans to expand the company's footprint into the midmarket segment.
"We are number one in our category as a consumer password manager. We're also number one in our category as an enterprise password management solution. And we sell to all segments; we sell to SMB, which is as you can tell from having more than 100,000 customers, that's where they come from. We are the strongest player in the midmarket and we are moving up into the enterprise where we have 25 percent of the Fortune 500 as customers," Littlepage said.
This week, 1Password announced it had launched a new global partner program with the goal of expanding further into the small business and midmarket segments, as well as enterprises in new geographical regions.