If you're on a Galaxy Fold, consider unfolding your phone or viewing it in full screen to best optimize your experience.
LastPass for business offers a robust suite of tools -- single sign-on (SSO), multi-factor authentication (MFA), and password management -- to prevent hackers from accessing your enterprise network and data. Its functionality isn't cheap, though, so you must do a cost-benefit analysis to decide if it's the right choice for your business.
You don't use chewing gum and duct tape to lock the warehouse doors that protect your inventory, and you can't rely on employee passwords like qwerty or iloveyou to secure your enterprise network and confidential data.
Protecting your network is made more complex by the fact that every digital device -- laptop, tablet, and smartphone -- connected to it is a potential entry point for hackers.
LastPass for business is one of the best identity management software solutions. You'll pay a hefty price to access all its features, however, so let's take a deep dive into its pros and cons to see if it's right for your small business.
Founded in 2008, LastPass originally focused on freemium password management for individuals and their families. LogMeIn bought LastPass in 2015, and its identity and access management (IAM) applications for small and medium-sized businesses (SMBs) are available via the web, browser extensions, and mobile apps.
Businesses using LastPass include the travel site TripLegend and healthcare technology company Flatiron Health.
LastPass has multiple products and plans for individuals and families, but we'll focus on its business applications: SSO, MFA, and password management.
Chances are your employees access multiple company accounts every day to use applications such as MS Outlook, Zoom, and Salesforce. Each company or personal digital device -- laptop, smartphone, or tablet -- that they use to log into these accounts is a potential entry point for bad actors.
LastPass SSO lets employees use your company's applications after logging into a single interface and allows you to set password policies to prevent weak employee-generated passwords. The LastPass portal supports more than 1,200 pre-integrated applications and includes password vaults for each user.
Need to use an app not included in the LastPass catalog? Add it from within the SSO admin console.
If hackers have enough computer power and time, they can discover any password. MFA adds more security to the login process by requiring users to input secondary identification factors. These factors include things that you:
LastPass's free Authenticator app includes six-digit automatically generated passcodes, texted codes, and automated push notifications.
Adaptive authentication takes MFA further by assessing the risk level of each login attempt based on location, device, and user behavior to apply appropriate security measures.
For example, if I logged into my company LastPass account from my office desktop, LastPass would recognize it and let me in with only my password. But if someone on an unrecognized device tried to log in from outside the U.S., LastPass would use MFA.
LastPass can't do all the heavy lifting to secure your network, so its reporting features provide the necessary data for actionable insights. This begins with the admin dashboard, which gives you an overview of user activity and password security.
The LastPass admin dashboard provides a thumbnail picture of your identity and access management security. Image source: Author
LastPass's Enterprise plan lets you drill down further with multiple report types:
LastPass has a shared folders report -- you can securely store company data within your account -- but I'm not sure how useful this is. Most companies needing IAM software likely already have a dedicated content management system (CMS) or equivalent via help desk or customer service applications.
Information technology (IT) departments love LastPass because it significantly reduces ongoing help desk requests for new or reset passwords and automatically applies stringent password policies.
If you use a security operations center (SOC), LastPass reports help flesh out your social network diagram -- the interconnected relationships between people, devices, and applications.
Once users have their accounts set up, they appreciate the cross-device functionality and separate password vaults for company and personal logins. The interface can take some time to learn, and password synching across multiple devices and the Password Manager app can be slow at times.
If LastPass has an Achilles heel, it's the limited support options, which steer users toward email and online help tickets and don't make phone support easily accessible.
If you have a system-wide issue, your IT department needs quick telephone support to reduce downtime and ensure continued employee access to linked accounts.
Users also report they'd like more onboarding resources because the LastPass portal can be clunky at times and hard to figure out on your own. If you decide to go with LastPass, your best option is designating your own power user(s) to train new employees and serve as their first resource for help.
LastPass business pricing has four options:
If you want both MFA and SSO functionality, you must get the Identity plan. All plans include a 14-day free trial, or you can sign up for a LastPass demo. Quote-based site licenses are also available.
LastPass says it offers telephone support, but no phone number or information about how to access it is provided on its website. Instead, business users are steered toward email or submitting support requests from the admin dashboard within the LastPass interface.
Self-service resources include:
Enterprise and Identity admins and users can get live online training for free. The LastPass blog has articles about general industry news, product updates, and tips and tricks.
Many users are resistant to IAM software because it creates extra hoops to jump through, including secondary authentication factors and restrictive password policies, but LastPass has more features to enhance the SSO and MFA user experience.
LassPass's password management features streamline the login process while securely storing passwords:
LastPass also includes company and personal password vaults for each user. Every account is backed up and synced across multiple devices such as desktops, laptops, tablets, and smartphones. When employees leave a company, they take their personal passwords with them while leaving company credentials behind.
Going to the LastPass user portal multiple times each day isn't convenient, so users can install the LastPass browser extension for faster access to connected applications. The extension is available for all major browsers and operating systems.
Each time you create a new account or visit a new site with a login page, the browser extension will ask if you want to save it to your LastPass vault. When you change a site password, the extension also asks if you want to update it in your password vault.
You must disable your browser's default password manager so it doesn't interfere with the LastPass extension. Once you do this, you can access your login credentials whenever you need them because LastPass syncs across all your devices.
Your employees won't always be at their desktop computers in the office, so the free LastPass Password Manager app gives them access to their password vaults when they're using the web on the go.
Password Manager app features include:
I never give the passwords saved in my laptop browser much thought until I need to access an account on my smartphone. If it's not already saved in my phone's separate password manager, I usually end up resetting it and must backtrack later to update it across my laptop and other devices.
The LastPass Password Manager app circumvents these headaches.
If you want robust IAM software, LastPass has the functionality you need: SSO, MFA, adaptive authentication, browser extensions, and mobile apps. It doesn't come cheap, however, and you must commit to at least a year's subscription.
The LastPass Teams plan is the most cost-effective option if you only need basic password management, but check out the LastPass Enterprise trial to experiment with its SSO features.
Free Plan | Phone Support | Monthly Billing | Mobile App | |
---|---|---|---|---|
LastPass for Business | ||||
##PRODUCT-LINK-google-cloud-identity## | ||||
##PRODUCT-LINK-okta## | ||||
##PRODUCT-LINK-onelogin## | ||||
##PRODUCT-LINK-azure-active-directory## |
LastPass is designed for small and medium-sized businesses, and its customers include ticket site Festicket and science e-learning provider Labster.
The lower-level LastPass plans provide separate feature sets -- MFA only, password management only, or SSO and password management -- and range from $36/year, per user to $72/year, per user.
You must get the Identity plan at $96/year, per user to have both SSO and MFA functionality. Quote-based site licenses are also available.
LastPass says it offers telephone support, but users are directed toward email and help tickets submitted from the account admin dashboard. Self-service resources include a knowledge base, community forums, and admin toolkits.
Enterprise and Identity users can access live online training for free. Multiple users note that more onboarding resources would be helpful.
Our Small Business Expert
We're firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers. The Ascent does not cover all offers on the market. Editorial content from The Ascent is separate from The Motley Fool editorial content and is created by a different analyst team.