Hyland 160x1200 



Hyland 160x1200



 Hyland 705x108



Sunday, 17 December 2017 22:05

Review - LastPass Enterprise password management


A secure password manager is a necessity in today’s online world and really ought to be part of each person’s basic “cyber hygiene” routine. This is especially so for business.

The advantages of a secure password management tool are plentiful: you can have a complex password that is unique for every web site and application you use. You minimise the risk any individual one will be breached, and should that happen, your credentials will only work for that one site or application and do not compromise you anywhere else.

For IT departments the problem is compounded. You’re not only worried about your own password and personal security; you’re worried about all your users and their security, you’re worried about the company’s data and reputation in the event of a breach, and you’re worried about how to influence change and positive disciplines in a way that doesn’t cause users to revolt lamenting how IT is a hindrance, writing passwords down on post-its stuck to their monitor, with the company owner complaining how hard you are making life. Oh, the struggle is real … which led me to taking LastPass Enterprise for a try.

LastPass is the combination of apps and browser plug-ins coupled with cloud-hosting using secure encryption. Unlike KeePass, say, which stores your data locally, LastPass has the advantage of making your latest information available across all your devices with no manual synchronisation effort. By using encryption you can be confident your data is not exposed should LastPass itself be breached.

Individual plans begin at $0/month - that is, free, meaning there is no barrier to entry and really no reason why you shouldn’t be using a password manager like LastPass. From here you can move up to premium individual accounts, family, business and enterprise accounts with varying feature enhancements, shared user access, and other items.

Creating an account is easy enough - just click to sign up and enter your email address, though the next steps from here seemed mildly repetitive: I received an email asking me to verify my email address - as I should. Clicking this caused LastPass to ask me to enter a master password - again, as it should. However, the page warned me I would lose all my existing (encrypted) data if I changed my password. Yet, I wasn’t changing my password, I was setting it for the first time. Then, after setting my password, I logged in for the first time - and was then asked to change my password. I couldn’t set it to be the same as my last password, that is, the one I had only just set right then and there. It was a curious, and mildly frustrating, first experience.

Still, that’s a one-off event. Once logged into LastPass its power and functionality becomes evident. This includes a vast range of multi factor authentication options, including biometrics, applications, even a Salesforce connector for the enterprise. You can specify trusted devices, sites you never wish LastPass to offer to save or fill-in password details for, to specify domains which are functionally equivalent and LastPass can apply the same credentials between, and other actions.
You can store your passwords, and generate new passwords, for any website or application - of course, and while there, you can add secure notes relating to any web site or application you use.

For enterprise users, LastPass brings a vast array of features like Azure Active Directory and Okta integration, company-wide policy and password compliance rules, reports, user groups and roles and an API to allow automated user setup and provisioning.

Security is comprehensive, with SOC 2 Type 1 compliance and AES-256 encryption over TLS, and the system operates out of multiple geo-distributed facilities to handle load and redundancy.

Administrators can push sites to user’s LastPass accounts with pre-filled in details, meaning you can set credentials in advance to help users out, even where they do not know the credentials themselves. Of course, they can log in to LastPass and review their credentials, but it does mean administrators can create highly-secure, rather than simple but easily remembered, passwords for new starters from the onset.

LastPass provides an online manual you can read even before signing up and provides an extensive range of browser plugins and apps to cover Windows, OS X, Linux, Android, iOS and Windows Phone.

Rolling out LastPass in your organisation, coupled with desktop, smartphone and browser integration, and with single sign-on whether through Active Directory or other, and with policies, administrator tools and user groups and roles are all tremendous things to set your users on a secure path without the typical hassles of remembering and writing-down passwords; this is the opportunity to make complex password management non-complex in its achievement and execution, letting IT departments sleep at night - and the board also, providing a great deal of risk mitigation around the very vital area of security.

If your company is seeking a password management solution or is experiencing resistance in implementing a password policy, you’d do well to give LastPass’s enterprise features a trial.


Read 14111 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News