Tens of thousands of businesses use LastPass every day to improve password security and give employees convenient access to their work tools. Despite ranging in size, location, and industry, those businesses have at least one thing in common: LastPass admins that need to train and support employees. And since LastPass admins often face the same challenges, why not share the knowledge? Other admins can be a great resource for best practices in deploying and managing LastPass.
That’s why I recently caught up with one of our LastPass admins here at LogMeIn. Anderson Dinga is the Manager, Enterprise–wide Applications at LogMeIn and a long-time admin of LastPass. There are about 20 LastPass admins within LogMeIn IT who support employees across the globe. We chatted about common questions and requests that LastPass admins get from employees, how the team encourages adoption of LastPass, and what advice he has for other LastPass admins, both in setting up and managing LastPass day-to-day.
What are the most frequent requests LogMeIn IT receives from internal LastPass users?
The top two requests we receive are around onboarding new users to LastPass and supporting existing users.
For onboarding, we frequently hear employees asking how to activate their LastPass account (this is especially true of long-time employees) or where to find training to get started. Onboarding is now a big focus for us. Since LastPass is one of our core services, our new employees receive accounts before they start, and get training on how to get started with LastPass on Day 1. They also leverage LastPass’ publicly-available resources for help with specific features. There are so many resources available, so we don’t need to reinvent the wheel.
For employees who are already using LastPass, we are often asked for help with resetting their master password. We make sure all LastPass admins are trained on resetting master passwords, including mobile account recovery. Designated Super Admins can administratively reset a master password if needed.
What resources do you use to help users?
We rely heavily on the LastPass support site for help with getting started and for questions about specific features, such as linking a personal account to the work account. We created a few internal knowledge articles that are unique to our employees, but we rely heavily on LastPass’ existing content. For mergers and acquisitions, we have taken available content and broken it down into smaller bite-size pieces where needed for training. But we usually just direct to the help site. Finally, we have a wonderful LastPass Customer Success team. They bring industry best practices to IT to improve adoption and support our admins.
How do you encourage employees to adopt and use LastPass?
Adoption starts with onboarding. As I mentioned earlier, all new hires get set up with LastPass as part of their Day 1 experience. They follow the steps in the LastPass activation email to log into their vault and start using it immediately.
We also communicate best practices often, using LastPass as a solution to support our corporate security policies. For example, password sharing. No one writes passwords down on a sticky note or sends them to others in an email. They are now using LastPass for that.
In October, for National Cyber Security Awareness Month (NCSAM), we run a few internal campaigns, all geared towards raising awareness and improving adoption. During NCSAM, we share helpful resources, conduct internal webinars, and remind employees of the benefits of LastPass.
Don’t forget that there are many additional features of within LastPass like linking a personal account or using LastPass Families at home. We want employees to know that these security best practices can help them both at work and in their personal lives. Linking a personal account gives them the convenience of accessing both accounts. Plus, they’ll be confident that their work information is separate from their personal data.
How does your team handle common requests like password resets?
The post of entry for more support requests is our IT help desk. Any requests that come in – I don’t remember my password, something’s broken – go straight to the help desk. They triage and provide basic troubleshooting. For additional troubleshooting, they escalate to a LastPass admin or Super Admin. Our Super Admins can reset master passwords, so forgotten master passwords are escalated to them. If our Super Admins cannot resolve the issue, they escalate it to our LastPass support team.
What advice do you have for other admins looking to deploy and manage LastPass?
There are four key areas I’d recommend focusing on:
- Provisioning. Set up your provisioning option of choice early. Use one of the automated integrations like AD or Azure AD. It saves you manual overhead and makes sure employees are deactivated and deprovisioned when they leave. It also gets new hires their LastPass accounts very quickly.
- Onboarding. The LastPass welcome email should include or be accompanied by a powerful call to action. Do not assume people will see it and act on their own. Make sure LastPass onboarding is integrated into new hire training. They should have a basic introduction to LastPass so they can start using it right away. After Day 1, continuing education is important. Remind them to use it and provide ongoing training.
- Support. Be prepared to support your users. Train as many admins as you can to support the use cases your business will encounter. For example, understand the account recovery options or who is going to be a Super Admin. Know what to do when those questions inevitably come to you.
- The reporting and dashboard metrics within LastPass can give you a solid understanding of your company’s adoption and performance. These insights can help you create content that’s specific to the problems you wish to solve and the behaviors you want to encourage, like low security scores or re-used master passwords.
If you are in the process of deploying LastPass, make sure to create a post-deployment plan. Ongoing education is very important. Take advantage of the webinars LastPass produces and consider doing your own internally – we do. We include the benefits of LastPass and any education resources in our internal employee communications. We have created a task force to look after our internal usage.
One final thing – talk with users about two-factor or multifactor authentication and how it can be used with LastPass. MFA is strongly recommended for increasing security, without increasing complexity for users. We find that users who’ve turned it on tend to be more engaged and really appreciate the added layer of security. And, bonus for admins – it makes the security score go up!