We licensed LastPass on 06/09/2020. We're actively working to migrate away from Stache and in to LastPass. LastPass has better search, is easier to use, and is more secure for our purposes.
Policies
- We will have a large collection of shared folders to organize our info
- Don’t create new shared folders
- If you think a new shared folder should be created, ping #Escalations on Slack
- While you can store information in your personal vault, you can’t share these entries with other users
- If you need to share a key or password with another UT employee, you should still use Stache, not LastPass, to share it.
- If you have a personal LastPass account, you’re able to link it. Your personal account will remain private, no one at LAITS will be granted access to it.
- You should only use your LastPass Enterprise account for business purposes
Expand |
---|
title | Permissions & Architecture |
---|
|
Permissions - laits-critical@austin.utexas.edu is the Identity Admin of our LastPass instance
- The password for this account is (funnily enough) stored in Stache under LAITS-LastPass
- Access to this account is not needed for routine administration
- Our Groups are meant to mirror existing groups in StacheLAITS-Admins replaces ATS- Stache-Owners
- LAITS-DSS replaces ATS-DSS
- LAITS-DE is a new group created for desktop engineeringreplaces ATS Stache Owners
- LAITS-Management is a new group for managers
- The Zone groups have been discarded
Folder Architecture - Departmental Information
- Each Department will have a shared folder named after it, "SHARED-DEPT"
- Printers for each department will be created as a password/login.
- This will only needs to include the URL/Ip address, name of the printer, username, and password
- Given the number of printers we have, these will be migrated in waves in a separate project
- Encryption keys for each department will be stored in a secure note titled "DEPT Encryption Keys"
- Additional departmental credentials will be stored in the secure note titled "DEPT Credentials"Licenses will be stored in the secure note titled "DEPT Licenses"
- If any of these entries don't exist for a given department, please go ahead and create them
- AdministrativeAdministrative & Assorted
- Passwords to old accounts, like la-admin or ats-admin
- Passwords to tools like Deepfreeze
|
Expand |
---|
title | Onboarding & Offboarding |
---|
|
We have 38 35 LastPass licenses to share amongst staff. These can be reassigned as staff join or leave LAITS.
Offboarding - To be completed immediately once someone leaves LAITS, by an Admin.
- Log on to the admin console user's page (Lastpass.com > Admin Console > Users)
- Find the staff in question, remove the admin role if appropriate, and then delete their account.
- Note: Don't just disable it, delete it.
|
Expand |
---|
title | Folder Structure |
---|