Home Software Review - LastPass Enterprise password management

A secure password manager is a necessity in today’s online world and really ought to be part of each person’s basic “cyber hygiene” routine. This is especially so for business.

The advantages of a secure password management tool are plentiful: you can have a complex password that is unique for every web site and application you use. You minimise the risk any individual one will be breached, and should that happen, your credentials will only work for that one site or application and do not compromise you anywhere else.

For IT departments the problem is compounded. You’re not only worried about your own password and personal security; you’re worried about all your users and their security, you’re worried about the company’s data and reputation in the event of a breach, and you’re worried about how to influence change and positive disciplines in a way that doesn’t cause users to revolt lamenting how IT is a hindrance, writing passwords down on post-its stuck to their monitor, with the company owner complaining how hard you are making life. Oh, the struggle is real … which led me to taking LastPass Enterprise for a try.

LastPass is the combination of apps and browser plug-ins coupled with cloud-hosting using secure encryption. Unlike KeePass, say, which stores your data locally, LastPass has the advantage of making your latest information available across all your devices with no manual synchronisation effort. By using encryption you can be confident your data is not exposed should LastPass itself be breached.

Individual plans begin at $0/month - that is, free, meaning there is no barrier to entry and really no reason why you shouldn’t be using a password manager like LastPass. From here you can move up to premium individual accounts, family, business and enterprise accounts with varying feature enhancements, shared user access, and other items.

Creating an account is easy enough - just click to sign up and enter your email address, though the next steps from here seemed mildly repetitive: I received an email asking me to verify my email address - as I should. Clicking this caused LastPass to ask me to enter a master password - again, as it should. However, the page warned me I would lose all my existing (encrypted) data if I changed my password. Yet, I wasn’t changing my password, I was setting it for the first time. Then, after setting my password, I logged in for the first time - and was then asked to change my password. I couldn’t set it to be the same as my last password, that is, the one I had only just set right then and there. It was a curious, and mildly frustrating, first experience.

Still, that’s a one-off event. Once logged into LastPass its power and functionality becomes evident. This includes a vast range of multi factor authentication options, including biometrics, applications, even a Salesforce connector for the enterprise. You can specify trusted devices, sites you never wish LastPass to offer to save or fill-in password details for, to specify domains which are functionally equivalent and LastPass can apply the same credentials between, and other actions.
You can store your passwords, and generate new passwords, for any website or application - of course, and while there, you can add secure notes relating to any web site or application you use.

For enterprise users, LastPass brings a vast array of features like Azure Active Directory and Okta integration, company-wide policy and password compliance rules, reports, user groups and roles and an API to allow automated user setup and provisioning.

Security is comprehensive, with SOC 2 Type 1 compliance and AES-256 encryption over TLS, and the system operates out of multiple geo-distributed facilities to handle load and redundancy.

Administrators can push sites to user’s LastPass accounts with pre-filled in details, meaning you can set credentials in advance to help users out, even where they do not know the credentials themselves. Of course, they can log in to LastPass and review their credentials, but it does mean administrators can create highly-secure, rather than simple but easily remembered, passwords for new starters from the onset.

LastPass provides an online manual you can read even before signing up and provides an extensive range of browser plugins and apps to cover Windows, OS X, Linux, Android, iOS and Windows Phone.

Rolling out LastPass in your organisation, coupled with desktop, smartphone and browser integration, and with single sign-on whether through Active Directory or other, and with policies, administrator tools and user groups and roles are all tremendous things to set your users on a secure path without the typical hassles of remembering and writing-down passwords; this is the opportunity to make complex password management non-complex in its achievement and execution, letting IT departments sleep at night - and the board also, providing a great deal of risk mitigation around the very vital area of security.

If your company is seeking a password management solution or is experiencing resistance in implementing a password policy, you’d do well to give LastPass’s enterprise features a trial.

LastPass2

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

10 SIMPLE TIPS TO PROTECT YOUR ORGANISATION FROM RANSOMWARE

Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.

DOWNLOAD NOW!

David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect