Educause Security Discussion mailing list archives
Re: Password Management
From: Emily Harris <emharris () VASSAR EDU>
Date: Mon, 25 Feb 2019 13:51:03 -0500
FWIW we did the full site license for LastPass Premium for everyone with a vassar.edu email address and Enterprise for all of our employees through the Internet2 pricing. We found this very affordable - we will see how the renewal goes later this year. ---- Emily Harris, CISSP Information Security Officer, CIS Vassar College 845-437-7221 On Mon, Feb 25, 2019 at 1:28 PM Linc Nesheim <nesheijl () whitman edu> wrote:
We had an Enterprise version of Thycotic Secret Server when I arrived at my current role -- pricing was not palatable for the feature set we were actually using. We switched to the Vault version which has the functionality we are using and the licensing/maintenance costs that won't break the bank. We're happy with the product. Linc On Mon, Feb 25, 2019 at 10:02 AM Blake Ketcham <blake.ketcham () aims edu> wrote:We also have Secret Server and are happy with it. Thycotic recently began offering discounted "business user" licenses that are meant for anyone not needing advanced PAM capabilities. From what I understand, they using this pricing model to better compete with password manager vendors like LastPass. Thanks, Blake Ketcham Information Security Analyst Aims Community College 970-339-6395 On Mon, Feb 25, 2019 at 10:38 AM Windham, Gary D - (windhamg) < windhamg () email arizona edu> wrote:We use Stache <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.saltycloud.com_stache_&d=DwMGaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg&m=zBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE&s=dbAZv6byUf9-o2s5HEs1J0Mywd5dmX4GWEaksS8Kjmg&e=>, which is developed by UT Austin's ISO (who also developed DorkBot, ISORA, and other security tools) and provisioned in a SaaS model through SaltyCloud (a "public benefit corporation"). We use it for both end-user credentials as well as securing/sharing other secrets (e.g., API keys, license keys, S/MIME certificates, etc). It integrates with our campus SSO and has a very robust "M-of-N" security model for administrator access to end-user secrets (requires a quorum, so that a single administrator can't retrieve end-user secrets unilaterally). Thanks, --Gary *--* *Gary Windham* Principal Enterprise Systems Architect University Information Technology Services The University of Arizona Email: windhamg () email arizona edu Office: +1 520 626 5981 On Mon, Feb 25, 2019 at 8:54 AM Greg Williams <gwillia5 () uccs edu> wrote:Looks like this topic hasn’t been discussed in a while (~2 years). We * *have** had around 100 users in LastPass Enterprise for our IT department for the past 4 years. This is the 4th year in a row that the price has increased 100% year over year. It was $8/year/user 4 years ago. So over 4 years $8*2*2*2 = ~62/year/user today. What is everyone else using these days? Are you using DUO with it as well? Thanks! Greg Williams, ME Director of Operations Office of Information Technology Lecturer Department of Computer Science University of Colorado Colorado Springs 1420 Austin Bluffs Parkway, (EPC 136A) Colorado Springs, CO 80918 Phone: (719) 255-3292 Connect: Skype | WebEx <https://urldefense.proofpoint.com/v2/url?u=https-3A__uccs.webex.com_meet_gregwilliams&d=DwMGaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg&m=zBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE&s=X6w0mX1QUdb2bjTcJhgYp9pPZG2ieWkOSOL_NLmsvRU&e=> www.uccs.edu <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.uccs.edu_&d=DwMGaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=-kYucs-vtuoNxJe853RClse3h_pVj0vDpCe5zu7ybmg&m=zBtdEOdF_qbv74CnHyZHBr-K9UNL0Sf2TVJEA789jyE&s=K6KMcZWhZQFHHQQI3vx9-CsjtRDGQ61rsK_1xmv90G4&e=>-- *Linc Nesheim, CISSP* Information Security Officer Whitman College *509-527-5852*
Current thread:
- Re: Password Management, (continued)
- Re: Password Management Greg Williams (Feb 25)
- Re: Password Management Austin Bollinger (Feb 25)
- Re: Password Management Pardonek, Jim (Feb 26)
- Re: [External] Re: [SECURITY] Password Management Gregg, Christopher S. (Feb 26)
- Re: Password Management Jason Borinski (Mar 01)
- Re: Password Management Frank Barton (Feb 25)
- Re: Password Management Hagan, Sean (Feb 25)
- Re: Password Management Blake Ketcham (Feb 25)
- Re: Password Management Linc Nesheim (Feb 25)
- Re: Password Management Emily Harris (Feb 25)
- Re: Password Management Walter Moore (Feb 25)
- Re: Password Management Jackson Muhirwe (Feb 25)
- Re: Password Management Emily Harris (Feb 27)
- Re: Password Management Nick Lewis (Feb 27)