How Flo uses 1Password CLI to automate security
Flo is an AI-powered health app that supports women during their entire reproductive lives – from first menstruation to early motherhood and menopause. Chosen by over 165 million women worldwide, Flo is the #1 mobile product for women's health. www.flo.health
Industry
- Healthcare
- Technology
Use Cases
- Fostering a culture of security
- Reducing IT burden
- Scaling security
PDF Version
Key results
100% adoption rate secures all entry points.
Automation has reduced project tasks timelines from weeks to hours.
Flo can move faster while staying true to their privacy and security principles.
Background
Since 2015, Flo has been empowering women to put their health and wellbeing first. Their app guides women throughout their lives, providing them with personalized and evidence-based health insights, helpful tools to address women’s needs, and support from peers and medical experts.
This razor-sharp focus on women’s needs has led to over 160 million downloads and a consistent 4.8-star rating, making Flo the number one health app for women worldwide. As the company continues to grow, security and privacy remain a central pillar of their operations.
"From day one of Flo, we have been working to create a completely secure product for our users. 1Password helps us with that mission,” Leo Cunningham, Сhief Information Security Officer (CISO) says.
Harnessing the power of automation to secure infrastructure
Among Flo’s top priorities is providing a safe, dependable, and secure space for millions of women. To support that goal, the team embarked on an extensive upgrade to their security systems in 2020.
For the project to succeed, the team needed a secure way to feed passwords for third-party services to the cloud service provider, Amazon Web Services (AWS).
“First, we store all passwords for the third-party services in 1Password. Then, using a dedicated Terraform script, we safely export them into our internal infrastructure,” says Dmitry Yackevich, Infrastructure Lead at Flo. The team uses AWS Parameter Store to store internally generated data, like database passwords.
Automating the process using Terraform and the 1Password command-line tool has removed the need for cloud engineers to manually access and import passwords.
Empowering teams to work securely without stifling productivity
Finding a new password manager that everyone could and would want to use was a critical factor in Flo switching to 1Password in 2019. “Compared to the competition, the simplicity and clean design of the 1Password interface stood out for us. Most importantly, we could see that anyone could easily get the hang of it – not just technical specialists.”
Initially, Flo rolled out 1Password to a small group of administrators and technical leaders. By the second half of 2019, everyone at the company was using 1Password. “We can simply give access to vaults on a need-to-know basis instead of relying on less secure methods to share passwords,” says Dmitry Yackevich.
Now everyone at Flo can generate strong, unique passwords for all of their accounts with a single click, empowering teams to work securely without compromising productivity.
Delivering a world-class, secure experience for customers
As Flo grows, the company needs to deliver the quality and experience their customers expect. To do so effectively, they have to move fast. But cumbersome security procedures and a steadfast focus on privacy can make speed difficult.
“Making the secure by design philosophy work can be labor-intensive,” Cunningham says. New security procedures often bring complex processes to implement, extensive documentation to draft, and an uphill struggle to adoption. That all takes time.
“1Password makes complex processes easier and integrates them seamlessly into practice. And, as a result, helps us stay true to Flo’s security and privacy principles.”
Team members can easily access website addresses, logins, passwords, and even generate one-time passwords – all in one secure place. “Which makes it quick and easy to access any tool or service using 2FA and a strong password,” Cunningham says.
With 1Password, Flo can move faster and more efficiently, helping them deliver the best and most secure experience.
By streamlining internal processes and procedures, 1Password has helped Flo stay true to their security principles. Flo now relies on 1Password as a cornerstone of their security stack that allows them to remain agile, secure, and ultimately provide a safe space for millions of women.
More stories from 1Password customers
1,300 employees. Zero passwords. Airwallex is preparing for a passwordless future with 1Password.
IT team of one? No sweat. FireHydrant uses SCIM bridge to streamline onboarding and simplify operations.
Secure your business with 1Password
Protect your business with the enterprise password manager trusted by more than 150,000 companies.