Re: [External] Re: [SECURITY] Password Management

["Gregg, Christopher S." <csgregg () STTHOMAS EDU>]

We signed up with LastPass Enterprise last year, and included licensing for anyone on campus to use it.  It cost us 
less to do this than to sign up again with Thychotic for just the portion of IT who were using the service.  
Admittedly, LastPass doesn’t have some of the PAM features that Thychotic does, but as a password manager (store and 
share passwords and secrets) the usability and the fact that many of our folks were already using personal LastPass 
accounts made adoption much easier.

With the Lastpass licensing we have been able to make using a password manager mandatory for all of IT.  We have also 
been able to offer it as an optional service for campus users, which was a nice thing on the heels of several recent 
mandatory policy changes such as MFA and longer passwords.

Chris


Chris Gregg
Associate Vice President of Information Security & Risk Management, CISO
Information Technology Services (ITS)
csgregg () stthomas edu<mailto:csgregg () stthomas edu>
p 1 (651) 962-6265
University of St. Thomas | stthomas.edu<https://www.stthomas.edu>



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Chad Tracy
Sent: Monday, February 25, 2019 10:08 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [External] Re: [SECURITY] Password Management

Unverified external sender.

Greg,

We are paying only $14 per... and have been at that price for a number of years. We have Enterprise licensing for less 
than 50 users.

Chad

On Mon, Feb 25, 2019 at 10:54 AM Greg Williams <gwillia5 () uccs edu<mailto:gwillia5 () uccs edu>> wrote:
Looks like this topic hasn’t been discussed in a while (~2 years).  We *have* had around 100 users in LastPass 
Enterprise for our IT department for the past 4 years.  This is the 4th year in a row that the price has increased 100% 
year over year.  It was $8/year/user 4 years ago.  So over 4 years $8*2*2*2 = ~62/year/user today.  What is everyone 
else using these days?  Are you using DUO with it as well?  Thanks!

Greg Williams, ME
Director of Operations
Office of Information Technology
Lecturer
Department of Computer Science

University of Colorado Colorado Springs
1420 Austin Bluffs Parkway, (EPC 136A)
Colorado Springs, CO 80918
Phone: (719) 255-3292
Connect: Skype | 
WebEx<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuccs.webex.com%2Fmeet%2Fgregwilliams&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C2a7f743a8f334287a98d08d69b3b8169%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636867077245446771&sdata=AgWhFnKSIKo1f6znHcBUXlrm6q0rFch4QTj7QNhgpRQ%3D&reserved=0>
www.uccs.edu<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.uccs.edu%2F&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C2a7f743a8f334287a98d08d69b3b8169%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636867077245446771&sdata=hYlbQL2b5R8E2eEl1ayjtB6cTLguEwTAJO8LJqzZO8M%3D&reserved=0>



--
Chad Tracy
Director of Information Security, Policy and Compliance
Bates College
207 786-6491