Three LastPass Admin Policies to Enable Today 

LastPass is a powerful password management tool that can significantly enhance your organization's data security and minimize cyber risks. As a LastPass admin, you can access over 100 policies from the Admin Dashboard that allow you to customize password security standards, modify feature usage, and establish employee login requirements. This article will explore three essential LastPass admin policies you should enable today: password sharing, linking personal accounts, and enabling multi-factor authentication (MFA). These policies will help to secure your organization, increase the adoption of LastPass, and encourage compliance with password security policies.

1. Prohibit Sharing Except for Shared Folders

LastPass offers password sharing to help employees securely and conveniently share logins with others inside and outside the organization. By default, individuals can share items one-on-one, or teams can easily collaborate and access shared accounts by setting up shared folders. However, any credentials shared one-on-one are not visible to admins. Enabling the "Prohibit Sharing Except for Shared Folders" policy restricts password sharing to designated shared folders only and does not allow employees to share individual accounts. As a result, this LastPass policy lets admins keep track of all shared access and ensure transparency. Of course, employees can still create shared folders, add relevant sites, and share them with their teams. However, admins will be able to see when such sharing occurs, enhancing overall security and accountability.

2. Recommend or Require Linked Personal Account

LastPass is beneficial at home and in the workplace, offering secure storage and management of credentials in both places. However, to ensure the security and privacy of both data sets, an employee should be encouraged to create two LastPass accounts - a personal and a work account. Then, LastPass allows users to "link" their personal and business LastPass accounts, providing a unified view of all login credentials in a single vault. Admins don't have visibility into the personal LastPass vault, while users can access credentials from both vaults as they work. By recommending or requiring linking accounts via the LastPass Admin policies, you nudge employees to leverage LastPass to better secure their own logins, such as email, social media, and online shopping. Promoting the use of linked accounts also helps employees understand the value of LastPass, promoting the adoption and usage of LastPass as employees get comfortable with password management features and more quickly develop better security habits. Good security at home, in turn, translates to better protection in the workplace. Linking personal accounts also facilitates a smooth transition when employees leave the organization, as admins can instantly revoke access to work accounts so employees walk away with only their personal passwords.

3. Require Multi-Factor Authentication

In today's threat landscape, enforcing an additional layer of security beyond traditional username and password authentication is crucial. Requiring employees to use multi-factor authentication (MFA) significantly enhances the protection of sensitive data. By using additional information to verify a user's identity, organizations can eliminate many common cyber threats and reduce the threat of data breaches. LastPass integrates with various MFA services, such as smartphone apps, software-based services, and hardware tokens. By enabling the LastPass admin policy to "Require Multi-Factor Authentication," you ensure that employees validate their identity using additional information during login to LastPass. Implementing MFA across all applicable platforms, including LastPass, single sign-on, and user directories, is advisable to mitigate the risk of unauthorized access.

Policies give you power

As a LastPass admin, you have the power to customize and enforce numerous policies to strengthen your organization's security posture. By enabling three key LastPass admin policies today—password sharing restrictions, linking personal accounts, and requiring multi-factor authentication—you can significantly enhance your company's data security while providing a user-friendly experience for your employees. Transparent password sharing, improved password hygiene at home, and additional verification requirements all contribute to a more robust defense against cyber threats. Take advantage of LastPass's extensive policy options and empower your organization with more robust security measures today.  New to password management in the workplace? Learn how LastPass can help you meet your security goals.