LastPass Enterprise: For Departments
UCLA is offering LastPass Enterprise, an upgraded team license with administrative features, at no cost to Departments. LastPass provides secure password storage and centralized admin oversight to reduce the risk of data breaches while removing employee password obstacles. With customizable policies, secure password sharing, and comprehensive user management, LastPass offers the control IT needs and the convenience users expect. Each department will have complete control their own instance of LastPass enterprise.
The average person struggles to manage 213 passwords in the workplace. A password manager will eliminate this struggle and help:
- Promote safer password behavior and habits for your users.
- Let your users focus on their job, not remembering their passwords.
- Gain insight into how safe your departments password behavior is and how you can improve it.
- Reduce the number of password reset requests. Your users will only have to remember one password. Even if they forget their master password, your admins only have to reset one password, instead of 213.
In short, close to none. After the IT Security Office completes the initial configuration of your LastPass instance, it’s yours to customize. The only mandatory policy is the policy requiring you and your users to use DUO MFA with LastPass. We want to ensure you and your user’s sensitive password data is protected behind MFA. Our auditing of LastPass is going to be extremely high level, similar to the DUO MFA roll-out. We just want to report how many departments and users have signed up to leadership. That’s it. We won’t see or control your passwords. We won’t see or control your password activity. The rest is up to you and your department.
If the user’s work email is already tied to a LastPass account, the user will be able to transfer that account to the Departmental LastPass Enterprise.
If the user already has LastPass, but used a personal email account, the user can create a new LastPass account under the Department Enterprise with their work email. The user can then link their personal LastPass account(s) to their UCLA Enterprise LastPass Account, so the credentials in both accounts can be used. Instructions and more information can be found at LastPass Account Linking Support Documentation. If you wish to unlink your personal account, instructions can be found at LastPass Unlinking Support Documentation.
*Once the IT-Security receives your request via the web form, it will take a week to process your request and create and configure your instance. Once the instance is configured, the IT-Security Office will contact you to transfer ownership and help with the initial set-up and roll-out to your user base.
Yes, a user can be added to as many departmental LastPass Enterprise accounts as he or she is invited to.
Since LastPass uses email addresses as unique identifiers, the user must use a different email address for each enterprise instance they are a part of. A solution for users being a part of multiple enterprise instances has been to use email (smtp) aliases.