Educause Security Discussion mailing list archives
Re: Centralized Password Management
From: Brad Judy <brad.judy () CU EDU>
Date: Thu, 14 Dec 2017 22:06:41 +0000
Like many other EDUs, the accessibility standard we look for with third-party service providers is WCAG 2.0 AA. It would be great if I2 used a standard like this during all of their Net+ negotiations. Brad Judy Information Security Officer Office of Information Security University of Colorado 1800 Grant Street, Suite 300 Denver, CO 80203 Office: (303) 860-4293 Fax: (303) 860-4302 www.cu.edu<http://www.cu.edu/> [u-logo_fl] From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Nick Lewis <nlewis () INTERNET2 EDU> Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Thursday, December 14, 2017 at 2:18 PM To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Centralized Password Management Hi everyone, I checked with LastPass for an update from when we last discussed this with them. We discussed 508 compliance with LastPass during the NET+ service validation and periodically since. LastPass does not have a VPAT at this time, but does continue to develop consistent with the W3C guidelines and they believe themselves to be 508 and W3C compliant. They have blind users using LastPass through JAWS, and are open to any improvements or working directly with any users experiencing issues. We’ll continue to work with them and please let us know if you have any questions about the NET+ LastPass program. Thanks, Nick Nick Lewis, MS, MA, CISSP Program Manager, Security and Identity Internet2 nlewis () internet2 edu From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Tom Horton <horton () CORNELL EDU> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Tuesday, December 12, 2017 at 12:13 PM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Centralized Password Management Hi Theresa - When we selected LastPass we asked them for a VPAT and they were not able to provide one. Perhaps we can ask as a group? ________________________________ From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Theresa Rowe <rowe () OAKLAND EDU> Sent: Tuesday, December 12, 2017 9:28:58 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Centralized Password Management Has LastPass or any similar tool been able to provide a VPAT or similar documentation for accessibility compliance? Theresa Rowe Theresa Rowe Chief Information Officer Oakland University On Thu, Dec 7, 2017 at 8:03 PM, Shelton Waggener <swaggener () internet2 edu<mailto:swaggener () internet2 edu>> wrote: All, Yes there is a lastpass program with Internet2. We have also been working with them on how to accelerate adoption for campuses as more institution are tackling this particular challenge. Nick Lewis heads up that effort and will respond to any requests to netplus () internet2 edu<mailto:netplus () internet2 edu> or feel free to reach out to him directly at nlewis () internet2 edu<mailto:nlewis () internet2 edu> Best Shel Waggener On 12/7/17, 3:58 PM, "The EDUCAUSE Security Constituent Group Listserv on behalf of Shen, Philip *HS" <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> on behalf of PS7XJ () HSCMAIL MCC VIRGINIA EDU<mailto:PS7XJ () HSCMAIL MCC VIRGINIA EDU>> wrote: If I'm not mistaken Internet2 has a deal with lastpass https://www.internet2.edu/products-services/cloud-services-applications/lastpass/ Phil ________________________________ From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of Shawn Kohrman <skohrman () APU EDU<mailto:skohrman () APU EDU>> Sent: Thursday, December 7, 2017 5:18 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Centralized Password Management We're using Lastpass Enterprise and are liking it. ----- Shawn A. Kohrman, CISSP, C|EH, CPT Executive Director, Information Services Security Architect Azusa Pacific University Information & Media Technology 901 E. Alosta Ave., PO Box 7000 Azusa, CA 91702-7000 P: 626.815.2054 | F: 626.815.2061 | http://security.apu.edu/ ----- On Thu, Dec 7, 2017 at 2:00 PM, Madl, Michael <michael.madl () indwes edu<mailto:michael.madl () indwes edu><mailto:michael.madl () indwes edu<mailto:michael.madl () indwes edu>>> wrote: Interested in what vendor app the community may be using for centralizing passwords. I have looked at several products and ran across a fairly straight forward and inexpensive one in TeamsID. Appreciate the feedback in advance! MICHAEL MADL INFORMATION SECURITY OFFICER UNIVERSITY INFORMATION TECHNOLOGY INDIANA WESLEYAN UNIVERSITY 4201 SOUTH WASHINGTON STREET<https://maps.google.com/?q=4201+SOUTH+WASHINGTON+STREET%0D+MARION,+IN+46953%0D+%C2%A0%0D+765&entry=gmail&source=g> MARION, IN 46953<https://maps.google.com/?q=4201+SOUTH+WASHINGTON+STREET%0D+MARION,+IN+46953%0D+%C2%A0%0D+765&entry=gmail&source=g> 765.677.2688<tel:(765)%20677-2688> | 765.677.2020<tel:(765)%20677-2020> FAX michael.madl () indwes edu<mailto:michael.madl () indwes edu><mailto:mike.madl () indwes edu<mailto:mike.madl () indwes edu>> INDWES.EDU/IT<http://INDWES.EDU/IT><http://indwes.edu/IT> [cid:image001.jpg@01D3436E.D1E0F1C0] CONFIDENTIALITY NOTICE: This email, including applicable attachments, may include legally protected information. If you are not the intended recipient of this message, you may not disclose, print, copy, save, or disseminate this information. If you have received this email in error, please notify the sender by replying to this message and immediately delete this message.
Current thread:
- Centralized Password Management Madl, Michael (Dec 07)
- Re: Centralized Password Management Matt Brehm (Dec 07)
- Re: Centralized Password Management Cam Beasley (Dec 07)
- Re: Centralized Password Management Shawn Kohrman (Dec 07)
- Re: Centralized Password Management Shen, Philip *HS (Dec 07)
- Re: Centralized Password Management Shelton Waggener (Dec 07)
- Re: Centralized Password Management Frank Barton (Dec 08)
- Re: Centralized Password Management Theresa Rowe (Dec 12)
- Re: Centralized Password Management Tom Horton (Dec 12)
- Re: Centralized Password Management Nick Lewis (Dec 14)
- Re: Centralized Password Management Brad Judy (Dec 14)
- Re: Centralized Password Management Nick Lewis (Dec 15)
- Re: Centralized Password Management Brad Judy (Dec 15)
- Re: Centralized Password Management Jones, Mark B (Dec 18)
- Re: Centralized Password Management Shen, Philip *HS (Dec 07)
- Re: Centralized Password Management Matt Brehm (Dec 07)
- Re: Centralized Password Management Ken Connelly (Dec 08)
- Re: Centralized Password Management Nick Lewis (Dec 08)
- Re: Centralized Password Management Marlana Trombley (Dec 08)
- Re: Centralized Password Management Barton, Robert W. (Dec 08)