LogMeIn LastPass Identity is an all-in-one control system for password, access, and authentication services that offers flexible integrations and simple deployment and end-user onboarding. LogMeIn has built this identity tool onto the company’s already refined, enterprise-leading password management solution. Because of LogMeIn’s maturity, LastPass Identity can secure all access points in an organization, resulting in unlimited integrations and complete end-to-end access and authentication coverage for over 1200 supported applications.
LastPass has approximately eighty connectors that synchronize end-users with third-party directories to simplify implementation. There are hundreds of policy configuration options, including single-sign on and extensive multifactor authentication, to ensure that LastPass aligns with industry and organization security standards. The available granular policies make very detailed rules that are based on various thresholds or conditions, such as defined locations with geofencing. A green zone, like the interior of a known office space, indicates a secure place, whereas a red zone indicates security compromise. The platform immediately rejects all red zone requests.
A workstation login authentication feature serves as a biometric replacement for the typical password. Once end-users download the agent onto their workstations, LastPass sends them a prompt for an MFA application. Employees then authenticate their login sessions on their mobile devices using the biometrics, which then simultaneously logs them into their workstations.
The LastPass Identity administrator and password management consoles synchronize users and groups. This synchronous relationship enables a dashboard display with at-a-glance information regarding organizational identity security, multifactor status, and individual and average group security scores.
Password management offers the ability to save and fill credentials in order to sign into applications quickly and conveniently. Even though Identity regularly verifies the security of passwords based on length and frequency of reuse, there is still a security concern with auto-filling passwords. For example, malicious actors often add hidden boxes to web pages in order to trick end-users into supplying them with additional information. Please note, however, this is not specific to LastPass. Any password vault with autofill is a potential target. Therefore, it is best practice to disable any autofill features.
Overall, LogMeIn LastPass Identity simplifies use for both administrators and end-users alike. It provides administrators with easy on and offboarding and straightforward application and policy configurations, while end-users can enjoy an intuitive dashboard and several login options for easy access to their applications. We especially liked the concept and infrastructure of leveraging shared folders to pass secrets securely within an organization. LastPass Identity is particularly ideal for small to midsized businesses. However, anyone would benefit from adding it to their security toolset.
Pricing is $8 per user, per month and includes 24/7 phone, email, and website support. There are different bundles and additional pricing models available, including a free option. Organizations also have access to a searchable knowledgebase. This is a well-documented solution with a lot of effective, easily digestible user-oriented manuals with thorough explanations and screenshots. Priority phone and email support options are available for a fee.
Tested by Tom Weil