Health Library
Health Library
NEW Guided Journey on Flo️‍. Start your journey to sexual satisfaction under the expert guidance of sex therapist Casey Tanner. Get started
March 15, 2021

Building a secure space for millions of women worldwide through 1Password

Since 2015, Flo has been empowering women to put their health and well-being first. Our razor-sharp focus on women’s needs has led to over 160 million downloads and a consistent 4.8-star rating, making Flo the number one health app for women worldwide. As the company continues to grow, security and privacy remain a central pillar of our operations. Read how Flo provides a secure space for millions of women worldwide with the help of the automated security system 1Password.

Harnessing the power of automation to secure infrastructure

Among our top priorities is providing a safe, dependable, and secure space for millions of women. To support that goal, we knew we needed to find the most secure way to feed passwords for third-party services to our cloud service provider. With this in mind, our team selected Amazon Web Services (AWS) and embarked on an extensive upgrade of security systems in 2020. 

"From day one of Flo, we have been working to create a completely secure product for our users. 1Password helps us with that mission,”

says Leo Cunningham, chief information security officer (CISO).

Boosting Flo’s security infrastructure is an invaluable step toward better serving the entire Flo community.   

“The 1Password command-line tool proved to be the perfect solution. Using it as a secure interface, we could transfer data from specific folders directly to AWS. The data remains encrypted, helping us deliver end-to-end data protection. How does it work? First, we store all passwords for third-party services in 1Password. Then, using a dedicated Terraform script, we safely export them into our internal infrastructure,” says Dmitry Yackevich, infrastructure lead at Flo. The team uses AWS Parameter Store to store internally generated data, like database passwords. “Now, the process takes place with no human involvement — it’s fast and secure. Without 1Password, we would need to generate a ticket for the project listing all relevant passwords. And several people would need to see that ticket,” says Dmitry Yackevich. Thus, the power of the AWS command-line tool, in particular, enables Flo to automate security processes, removing people's need to access passwords during the project.

Empowering teams to work securely without stifling productivity

As Flo steadily expanded its reach and services, it only made sense to fortify and automate security systems as well. Finding a new password manager that everyone could — and would want to — use was a critical factor. Everyone needed to be on board. In 2019, Flo transitioned to 1Password. 

“Compared to the competition, the simplicity and clean design of the 1Password interface stood out for us. Most importantly, we could see that anyone could easily get the hang of it — not just technical specialists,”

says Dmitry Yackevich.

Initially, Flo rolled out 1Password to a small group of administrators and technical leaders. By the second half of 2019, everyone at the company was using 1Password. “We can simply give access to vaults on a need-to-know basis instead of relying on less secure methods to share passwords,” says Yackevich. Now everyone at Flo can generate strong, unique passwords for all of their accounts with a single click, empowering teams to work securely without compromising productivity.

Delivering a world-class, secure experience for customers

At Flo, fast growth isn’t just the enlargement of the company — it’s also a deepening of the high-quality services that we already offer to our customers. As Flo blooms, so too should the caliber of our platform. Our customers’ loyalty comes from the years we’ve invested in creating a personalized experience with the best technological resources available. We intend to keep reinforcing these positive customer experiences by enriching our content and fortifying our platform. To maintain this momentum, we have to move fast, seize technological innovations as they become accessible, and transition as smoothly as possible. Cumbersome security procedures and a steadfast focus on privacy can make speed difficult, but we’ve put our full efforts into bringing them to fruition.

The safety and security of our customers are worth these deliberate efforts. “Making the secure-by-design philosophy work can be labor-intensive,” Cunningham says. New security procedures often bring with them complex processes to implement, extensive documentation to draft, and an uphill struggle to adoption. Upfront, that all takes time. However, the end result should accelerate the workflow. 

With 1Password, our team can move faster and more efficiently, helping us deliver the best and most secure experience.

“1Password makes complex processes easier and integrates them seamlessly into practice and, as a result, helps us stay true to Flo’s security and privacy principles,”

says Cunningham.

Under the new system, team members can easily access website addresses, logins, passwords, and even generate one-time passwords — all in one secure place. This “facilitates quick and easy access to any service or tool, even when using 2FA,” according to Cunningham. 

By streamlining internal processes and procedures, 1Password has helped Flo stay true to our security principles. Flo now relies on 1Password as a cornerstone of our security stack, allowing our team to remain agile and secure and provide a safe space for millions of users.