Re: Password Management

[Emily Harris <emharris () VASSAR EDU>]

$13K/year.  We are still in our first year so hopefully we don't get any
surprises in June!

----
Emily Harris, CISSP
Information Security Officer, CIS
Vassar College
845-437-7221


On Mon, Feb 25, 2019 at 2:08 PM Jackson Muhirwe <jmuhirwe () ucdavis edu>
wrote:

> Emily,
>
> How much did a full site LastPass Premium Internet2 license cost you if
> you don’t mind? I am considering a consolidation project.
>
>
>
> Jackson Muhirwe
>
> Deputy Chief Information Security Officer
>
> Information Security Office
>
> UC Davis
>
> Phone: (530)752-2726
>
> Information Security Symposium @ UC Davis
>
> Save the Date: June 18 – 19, 2019
>
> For more info: https://infosecsymposium.ucdavis.edu/
>
>
>
>
>
> *From:* The EDUCAUSE Security Community Group Listserv <
> SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Emily Harris
> *Sent:* Monday, February 25, 2019 10:51 AM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* Re: [SECURITY] Password Management
>
>
>
> FWIW we did the full site license for LastPass Premium for everyone with a
> vassar.edu
> <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvassar.edu&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834411359&sdata=jv76uw196suk4kEk57nqqmX6I9uM9Og1yu5SS4DsN14%3D&reserved=0>
> email address and Enterprise for all of our employees through the Internet2
> pricing.  We found this very affordable - we will see how the renewal goes
> later this year.
>
>
>
> ----
>
> Emily Harris, CISSP
>
> Information Security Officer, CIS
>
> Vassar College
>
> 845-437-7221
>
>
>
>
>
> On Mon, Feb 25, 2019 at 1:28 PM Linc Nesheim <nesheijl () whitman edu> wrote:
>
> We had an Enterprise version of Thycotic Secret Server when I arrived at
> my current role -- pricing was not palatable for the feature set we were
> actually using.
>
> We switched to the Vault version which has the functionality we are using
> and the licensing/maintenance costs that won't break the bank.  We're happy
> with the product.
>
>
>
> Linc
>
>
>
> On Mon, Feb 25, 2019 at 10:02 AM Blake Ketcham <blake.ketcham () aims edu>
> wrote:
>
> We also have Secret Server and are happy with it. Thycotic recently began
> offering discounted "business user" licenses that are meant for anyone not
> needing advanced PAM capabilities. From what I understand, they using this
> pricing model to better compete with password manager vendors like LastPass.
>
>
> Thanks,
>
>
>
> Blake Ketcham
>
> Information Security Analyst
>
> Aims Community College
>
> 970-339-6395
>
>
>
>
>
> On Mon, Feb 25, 2019 at 10:38 AM Windham, Gary D - (windhamg) <
> windhamg () email arizona edu> wrote:
>
> We use Stache
> <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__www.saltycloud.com_stache_%26d%3DDwMGaQ%26c%3DspdyCQlbcMzVK9-MvWb-WQ%26r%3D-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg%26m%3DzBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE%26s%3DdbAZv6byUf9-o2s5HEs1J0Mywd5dmX4GWEaksS8Kjmg%26e%3D&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834421369&sdata=6sjmPioyD6J%2Bt%2BvH4oonsdgUScV3XYG4iBXhkcqP%2B14%3D&reserved=0>,
> which is developed by UT Austin's ISO (who also developed DorkBot, ISORA,
> and other security tools) and provisioned in a SaaS model through
> SaltyCloud (a "public benefit corporation"). We use it for both end-user
> credentials as well as securing/sharing other secrets (e.g., API keys,
> license keys, S/MIME certificates, etc). It integrates with our campus SSO
> and has a very robust "M-of-N" security model for administrator access to
> end-user secrets (requires a quorum, so that a single administrator can't
> retrieve end-user secrets unilaterally).
>
>
>
> Thanks,
>
> --Gary
>
> *--*
>
> *Gary Windham*
>
> Principal Enterprise Systems Architect
>
> University Information Technology Services
>
> The University of Arizona
>
>
>
> Email: windhamg () email arizona edu
>
> Office: +1 520 626 5981
>
>
>
>
>
> On Mon, Feb 25, 2019 at 8:54 AM Greg Williams <gwillia5 () uccs edu> wrote:
>
> Looks like this topic hasn’t been discussed in a while (~2 years).  We *
> *have** had around 100 users in LastPass Enterprise for our IT department
> for the past 4 years.  This is the 4th year in a row that the price has
> increased 100% year over year.  It was $8/year/user 4 years ago.  So over 4
> years $8*2*2*2 = ~62/year/user today.  What is everyone else using these
> days?  Are you using DUO with it as well?  Thanks!
>
>
>
> Greg Williams, ME
> Director of Operations
> Office of Information Technology
>
> Lecturer
> Department of Computer Science
>
> University of Colorado Colorado Springs
> 1420 Austin Bluffs Parkway, (EPC 136A)
> Colorado Springs, CO 80918
> Phone: (719) 255-3292
> Connect: Skype | WebEx
> <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__uccs.webex.com_meet_gregwilliams%26d%3DDwMGaQ%26c%3DspdyCQlbcMzVK9-MvWb-WQ%26r%3D-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg%26m%3DzBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE%26s%3DX6w0mX1QUdb2bjTcJhgYp9pPZG2ieWkOSOL_NLmsvRU%26e%3D&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834421369&sdata=EB3Xfv8RdOy6%2BklQMMJcE9d7ETbPxxP%2BW8FmJ0WjT7c%3D&reserved=0>
> www.uccs.edu
> <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttp-3A__www.uccs.edu_%26d%3DDwMGaQ%26c%3DspdyCQlbcMzVK9-MvWb-WQ%26r%3D-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg%26m%3DzBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE%26s%3DK6KMcZWhZQFHHQQI3vx9-CsjtRDGQ61rsK_1xmv90G4%26e%3D&data=02%7C01%7C%7C144cdff4cc674c4e36aa08d69b523c14%7Ca8046f6466c04f009046c8daf92ff62b%7C0%7C0%7C636867174834431373&sdata=djDWVahF4%2FvcqKffQ8QdbM1KxiKAHrSQsFt1HZ0CNZ0%3D&reserved=0>
>
>
>
>
>
>
> --
>
>
>
>
>
> *Linc Nesheim, CISSP*
>
> Information Security Officer
>
> Whitman College
>
> *509-527-5852*