Educause Security Discussion mailing list archives
Re: Password Management
From: "Hagan, Sean" <sean.hagan () YC EDU>
Date: Mon, 25 Feb 2019 18:02:40 +0000
We’re paying about $10k per year in support/maintenance costs for an on-prem install of Thycotic. That’s for ~30 users. I think it’s a total rip-off (but admittedly, we’re using it as more of a password manager than a true PAM). ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sean Hagan Chief Information Security Officer Yavapai College (928) 717-7651 – direct https://www.yc.edu<https://www.yc.edu/> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Frank Barton Sent: Monday, February 25, 2019 10:58 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Password Management Austin, those numbers do not match up at all with what I'm paying for Secret Server. While my policy is never to give our numbers to anybody. I will give some rough numbers. annual support is less than $15 per user, the initial (perpetual) license is around $100 per user. I wonder if the quotes you got were for one of the higher levels, or for their hosted solution. On Mon, Feb 25, 2019 at 12:38 PM Windham, Gary D - (windhamg) <windhamg () email arizona edu<mailto:windhamg () email arizona edu>> wrote: We use Stache<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.saltycloud.com%2fstache%2f&c=E,1,TuVrIWyNFnci8o_Jn9d_BcvsmEAzBcT36imo3i5L70n6UzL0w5XY4QgXokL_V2ETE5OGJO9ZMAlbi9Ycph7iPUGgiwU6OHSoysIlvtDXhRWdyqee&typo=1>, which is developed by UT Austin's ISO (who also developed DorkBot, ISORA, and other security tools) and provisioned in a SaaS model through SaltyCloud (a "public benefit corporation"). We use it for both end-user credentials as well as securing/sharing other secrets (e.g., API keys, license keys, S/MIME certificates, etc). It integrates with our campus SSO and has a very robust "M-of-N" security model for administrator access to end-user secrets (requires a quorum, so that a single administrator can't retrieve end-user secrets unilaterally). Thanks, --Gary -- Gary Windham Principal Enterprise Systems Architect University Information Technology Services The University of Arizona Email: windhamg () email arizona edu<mailto:windhamg () email arizona edu> Office: +1 520 626 5981 On Mon, Feb 25, 2019 at 8:54 AM Greg Williams <gwillia5 () uccs edu<mailto:gwillia5 () uccs edu>> wrote: Looks like this topic hasn’t been discussed in a while (~2 years). We *have* had around 100 users in LastPass Enterprise for our IT department for the past 4 years. This is the 4th year in a row that the price has increased 100% year over year. It was $8/year/user 4 years ago. So over 4 years $8*2*2*2 = ~62/year/user today. What is everyone else using these days? Are you using DUO with it as well? Thanks! Greg Williams, ME Director of Operations Office of Information Technology Lecturer Department of Computer Science University of Colorado Colorado Springs 1420 Austin Bluffs Parkway, (EPC 136A) Colorado Springs, CO 80918 Phone: (719) 255-3292 Connect: Skype | WebEx<https://uccs.webex.com/meet/gregwilliams> www.uccs.edu<https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.uccs.edu%2f&c=E,1,YcnI6z8EsHKbaxaRfO9cv-3sAWyd_AhMh2t24xLhI8CUTISuplrQQ071lqM-JQEZRrACHp3_5mJ2BBvXsR2gxjhyrPhjnItLL0W-eNUZTvxdDSX8STNGKTK9iQ,,&typo=1> -- Frank Barton, MBA Security+, ACMT, MCP IT Systems Administrator Husson University
Current thread:
- Re: Password Management, (continued)
- Re: Password Management Kevin Crider (Feb 27)
- Re: Password Management Madl, Michael (Feb 25)
- Re: Password Management Austin Bollinger (Feb 25)
- Re: Password Management Greg Williams (Feb 25)
- Re: Password Management Austin Bollinger (Feb 25)
- Re: Password Management Pardonek, Jim (Feb 26)
- Re: [External] Re: [SECURITY] Password Management Gregg, Christopher S. (Feb 26)
- Re: Password Management Austin Bollinger (Feb 25)
- Re: Password Management Jason Borinski (Mar 01)
- Re: Password Management Frank Barton (Feb 25)
- Re: Password Management Hagan, Sean (Feb 25)
- Re: Password Management Blake Ketcham (Feb 25)
- Re: Password Management Linc Nesheim (Feb 25)
- Re: Password Management Emily Harris (Feb 25)
- Re: Password Management Walter Moore (Feb 25)
- Re: Password Management Jackson Muhirwe (Feb 25)
- Re: Password Management Emily Harris (Feb 27)
- Re: Password Management Nick Lewis (Feb 27)