Educause Security Discussion mailing list archives
Re: Password Management
From: Emily Harris <emharris () VASSAR EDU>
Date: Wed, 27 Feb 2019 13:04:38 -0500
$13K/year. We are still in our first year so hopefully we don't get any surprises in June! ---- Emily Harris, CISSP Information Security Officer, CIS Vassar College 845-437-7221 On Mon, Feb 25, 2019 at 2:08 PM Jackson Muhirwe <jmuhirwe () ucdavis edu> wrote:
Emily, How much did a full site LastPass Premium Internet2 license cost you if you don’t mind? I am considering a consolidation project. Jackson Muhirwe Deputy Chief Information Security Officer Information Security Office UC Davis Phone: (530)752-2726 Information Security Symposium @ UC Davis Save the Date: June 18 – 19, 2019 For more info: https://infosecsymposium.ucdavis.edu/ *From:* The EDUCAUSE Security Community Group Listserv < SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Emily Harris *Sent:* Monday, February 25, 2019 10:51 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* Re: [SECURITY] Password Management FWIW we did the full site license for LastPass Premium for everyone with a vassar.edu <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvassar.edu&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834411359&sdata=jv76uw196suk4kEk57nqqmX6I9uM9Og1yu5SS4DsN14%3D&reserved=0> email address and Enterprise for all of our employees through the Internet2 pricing. We found this very affordable - we will see how the renewal goes later this year. ---- Emily Harris, CISSP Information Security Officer, CIS Vassar College 845-437-7221 On Mon, Feb 25, 2019 at 1:28 PM Linc Nesheim <nesheijl () whitman edu> wrote: We had an Enterprise version of Thycotic Secret Server when I arrived at my current role -- pricing was not palatable for the feature set we were actually using. We switched to the Vault version which has the functionality we are using and the licensing/maintenance costs that won't break the bank. We're happy with the product. Linc On Mon, Feb 25, 2019 at 10:02 AM Blake Ketcham <blake.ketcham () aims edu> wrote: We also have Secret Server and are happy with it. Thycotic recently began offering discounted "business user" licenses that are meant for anyone not needing advanced PAM capabilities. From what I understand, they using this pricing model to better compete with password manager vendors like LastPass. Thanks, Blake Ketcham Information Security Analyst Aims Community College 970-339-6395 On Mon, Feb 25, 2019 at 10:38 AM Windham, Gary D - (windhamg) < windhamg () email arizona edu> wrote: We use Stache <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__www.saltycloud.com_stache_%26d%3DDwMGaQ%26c%3DspdyCQlbcMzVK9-MvWb-WQ%26r%3D-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg%26m%3DzBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE%26s%3DdbAZv6byUf9-o2s5HEs1J0Mywd5dmX4GWEaksS8Kjmg%26e%3D&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834421369&sdata=6sjmPioyD6J%2Bt%2BvH4oonsdgUScV3XYG4iBXhkcqP%2B14%3D&reserved=0>, which is developed by UT Austin's ISO (who also developed DorkBot, ISORA, and other security tools) and provisioned in a SaaS model through SaltyCloud (a "public benefit corporation"). We use it for both end-user credentials as well as securing/sharing other secrets (e.g., API keys, license keys, S/MIME certificates, etc). It integrates with our campus SSO and has a very robust "M-of-N" security model for administrator access to end-user secrets (requires a quorum, so that a single administrator can't retrieve end-user secrets unilaterally). Thanks, --Gary *--* *Gary Windham* Principal Enterprise Systems Architect University Information Technology Services The University of Arizona Email: windhamg () email arizona edu Office: +1 520 626 5981 On Mon, Feb 25, 2019 at 8:54 AM Greg Williams <gwillia5 () uccs edu> wrote: Looks like this topic hasn’t been discussed in a while (~2 years). We * *have** had around 100 users in LastPass Enterprise for our IT department for the past 4 years. This is the 4th year in a row that the price has increased 100% year over year. It was $8/year/user 4 years ago. So over 4 years $8*2*2*2 = ~62/year/user today. What is everyone else using these days? Are you using DUO with it as well? Thanks! Greg Williams, ME Director of Operations Office of Information Technology Lecturer Department of Computer Science University of Colorado Colorado Springs 1420 Austin Bluffs Parkway, (EPC 136A) Colorado Springs, CO 80918 Phone: (719) 255-3292 Connect: Skype | WebEx <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__uccs.webex.com_meet_gregwilliams%26d%3DDwMGaQ%26c%3DspdyCQlbcMzVK9-MvWb-WQ%26r%3D-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg%26m%3DzBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE%26s%3DX6w0mX1QUdb2bjTcJhgYp9pPZG2ieWkOSOL_NLmsvRU%26e%3D&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834421369&sdata=EB3Xfv8RdOy6%2BklQMMJcE9d7ETbPxxP%2BW8FmJ0WjT7c%3D&reserved=0> www.uccs.edu <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttp-3A__www.uccs.edu_%26d%3DDwMGaQ%26c%3DspdyCQlbcMzVK9-MvWb-WQ%26r%3D-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg%26m%3DzBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE%26s%3DK6KMcZWhZQFHHQQI3vx9-CsjtRDGQ61rsK_1xmv90G4%26e%3D&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834431373&sdata=djDWVahF4%2FvcqKffQ8QdbM1KxiKAHrSQsFt1HZ0CNZ0%3D&reserved=0> -- *Linc Nesheim, CISSP* Information Security Officer Whitman College *509-527-5852*
Current thread:
- Re: [External] Re: [SECURITY] Password Management, (continued)
- Re: [External] Re: [SECURITY] Password Management Gregg, Christopher S. (Feb 26)
- Re: Password Management Jason Borinski (Mar 01)
- Re: Password Management Windham, Gary D - (windhamg) (Feb 25)
- Re: Password Management Frank Barton (Feb 25)
- Re: Password Management Hagan, Sean (Feb 25)
- Re: Password Management Blake Ketcham (Feb 25)
- Re: Password Management Linc Nesheim (Feb 25)
- Re: Password Management Emily Harris (Feb 25)
- Re: Password Management Walter Moore (Feb 25)
- Re: Password Management Jackson Muhirwe (Feb 25)
- Re: Password Management Emily Harris (Feb 27)
- Re: Password Management Nick Lewis (Feb 27)
- Re: Password Management Frank Barton (Feb 25)