Transfer ownership of secrets; Forcefully acquire secrets
In instances where users leave the organization, Zoho Vault offers a provision for securely transferring secrets to other users and administrators.
There are two ways to transfer ownership of secrets:
- Users voluntarily transferring the secrets owned by them to any other user or administrator
- Super-admin forcefully acquiring 'Enterprise' type secrets
When you create a new secret, you automatically become the owner of the secret. Transfer of ownership can be done by the owner - any user, administrator or super-admin as long as they are owners of the secret. Before transferring ownership of secrets, sharing has to be initiated on both sides.
To transfer ownership -
- Go to 'Secrets', click on 'All Secrets' tab.
- Select the secrets whose ownership is to be transferred.
- Click 'More Actions'. Select 'Transfer Ownership' from the drop-down.
- Select the user you want to transfer ownership to from the drop-down. Hit 'Transfer'.
- You will get a confirmation dialog. Click 'OK' to start the process.
If the attachments for the shared secret are huge in size, it can take a while to complete the process. Once the ownership of the secret is transferred to another user, he/she will have concurrent access to the password from then on.
Supposing someone leaves your organization on bad terms/unexpected circumstances, transferring ownership is not plausible. In such instances, the super-admin has privileges to forcefully acquire all 'Enterprise' level secrets owned by the user (personal secrets cannot be acquired). This feature can be used to acquire secrets from any user role (administrator/ super-admin/ user) and is exclusive only to the super-admin.
To acquire a user's secrets -
- Go to 'Admin' tab, click 'User management' panel.
- Under the 'Users' category, select the user you want to acquire the secrets from.
- Click the 'More Actions' button and select 'Acquire secrets' from the drop down.
All acquired secrets will be automatically added to the super-admin's account. Since all data has to be decrypted and encrypted again, the process can take a few minutes if the amount of data is large.