LastPass Teams is one of our recommended products, simply because it’s easy to set up and manage for those who are not IT professionals, but it also contains a lot of advanced settings that can be utilised if you’re comfortable doing so.
Here you can see the basic settings for your LastPass Teams account, such as registered company address, business contact, the number of licenses purchased, billing information and invoice history. Also, if your organisation has separate departments, it is possible to input different email addresses for relevant notifications to be sent to. For example, security information and updates can be sent to your IT department or senior management, while invoices and billing notifications can be sent to your accounting department.
A section dedicated to listing information about software releases and updates; it lists known issues, fixes and changes that have been made for various versions of their software. Potentially very useful information for your IT provider!
Designed for slightly more advanced users, LastPass for Teams’ policies are numerous, and they give granular control of how your team uses LastPass. Want to require that people reset their master password after a set number of days? Want to give people a few days grace after setting up their account to add their multifactor authentication method of choice, or set users’ accounts to log out automatically when they close their browser? You can do all of that from the policies section – a selection of flexible policies that allow you to tailor your LastPass Teams experience to your team’s needs.
In LastPass for Teams, all of the default policies are enabled automatically. While you can view them, you cannot change them; this function is reserved for LastPass Enterprise admins.
You can also view the kinds of advanced security policies that LastPass Enterprise gives access to, such as disallowing users from changing their email address, advanced reporting features and more. We’ll go into a bit more detail about LastPass for Enterprise in a future post.
If your team are required to use multifactor authentication (MFA) when logging into their LastPass account, (which we’d recommend,) you can set the types of MFA that are allowed in this part of your settings. If you want to restrict your team to using a single application or a small selection of two or three options for MFA, that setting can be accessed here.
Simple MFA methods such as Google Authenticator or Microsoft Authenticator, or even LastPass’ own authenticator are some of the options available. For MFA methods that require advanced setup such as Symantec VIP or SecureAuth, those settings can also be configured here.
If your organisation has its own smartcard security system or fingerprint scanners, those can also be configured as MFA options.
Next week we’ll be taking a look at some of the additional options that LastPass Enterprise offers for more advanced security.