Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Password Management

From: Emily Harris <emharris () VASSAR EDU>
Date: Mon, 25 Feb 2019 13:51:03 -0500
FWIW we did the full site license for LastPass Premium for everyone with a
vassar.edu email address and Enterprise for all of our employees through
the Internet2 pricing.  We found this very affordable - we will see how the
renewal goes later this year.

----
Emily Harris, CISSP
Information Security Officer, CIS
Vassar College
845-437-7221


On Mon, Feb 25, 2019 at 1:28 PM Linc Nesheim <nesheijl () whitman edu> wrote:


We had an Enterprise version of Thycotic Secret Server when I arrived at
my current role -- pricing was not palatable for the feature set we were
actually using.
We switched to the Vault version which has the functionality we are using
and the licensing/maintenance costs that won't break the bank.  We're happy
with the product.

Linc

On Mon, Feb 25, 2019 at 10:02 AM Blake Ketcham <blake.ketcham () aims edu>
wrote:


We also have Secret Server and are happy with it. Thycotic recently began
offering discounted "business user" licenses that are meant for anyone not
needing advanced PAM capabilities. From what I understand, they using this
pricing model to better compete with password manager vendors like LastPass.

Thanks,

Blake Ketcham
Information Security Analyst
Aims Community College
970-339-6395


On Mon, Feb 25, 2019 at 10:38 AM Windham, Gary D - (windhamg) <
windhamg () email arizona edu> wrote:


We use Stache
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.saltycloud.com_stache_&d=DwMGaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg&m=zBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE&s=dbAZv6byUf9-o2s5HEs1J0Mywd5dmX4GWEaksS8Kjmg&e=>,
which is developed by UT Austin's ISO (who also developed DorkBot, ISORA,
and other security tools) and provisioned in a SaaS model through
SaltyCloud (a "public benefit corporation"). We use it for both end-user
credentials as well as securing/sharing other secrets (e.g., API keys,
license keys, S/MIME certificates, etc). It integrates with our campus SSO
and has a very robust "M-of-N" security model for administrator access to
end-user secrets (requires a quorum, so that a single administrator can't
retrieve end-user secrets unilaterally).

Thanks,
--Gary

*--*

*Gary Windham*

Principal Enterprise Systems Architect

University Information Technology Services

The University of Arizona



Email: windhamg () email arizona edu

Office: +1 520 626 5981


On Mon, Feb 25, 2019 at 8:54 AM Greg Williams <gwillia5 () uccs edu> wrote:


Looks like this topic hasn’t been discussed in a while (~2 years).  We *
*have** had around 100 users in LastPass Enterprise for our IT
department for the past 4 years.  This is the 4th year in a row that
the price has increased 100% year over year.  It was $8/year/user 4 years
ago.  So over 4 years $8*2*2*2 = ~62/year/user today.  What is everyone
else using these days?  Are you using DUO with it as well?  Thanks!



Greg Williams, ME
Director of Operations
Office of Information Technology

Lecturer
Department of Computer Science

University of Colorado Colorado Springs
1420 Austin Bluffs Parkway, (EPC 136A)
Colorado Springs, CO 80918
Phone: (719) 255-3292
Connect: Skype | WebEx
<https://urldefense.proofpoint.com/v2/url?u=https-3A__uccs.webex.com_meet_gregwilliams&d=DwMGaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg&m=zBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE&s=X6w0mX1QUdb2bjTcJhgYp9pPZG2ieWkOSOL_NLmsvRU&e=>
www.uccs.edu
<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.uccs.edu_&d=DwMGaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg&m=zBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE&s=K6KMcZWhZQFHHQQI3vx9-CsjtRDGQ61rsK_1xmv90G4&e=>







--


*Linc Nesheim, CISSP*
Information Security Officer
Whitman College
*509-527-5852*
Previous By Date Next
Previous By Thread Next

Current thread: