LogMeIn has announced LastPass Enterprise has been integrated with Microsoft Active Directory Federation Services (ADFS). LastPass is a cloud-based federated login solution. It is a one-stop shop for all the security credentials that employees use. Employees can now access LastPass using their ADFS credentials.
This integration ensures that the AD credentials are never fully exposed to LastPass. This reduces the risk of a breach exposing other security credentials.
Sandor Palfy, Chief Technology Officer of Identity and Access Management at LogMeIn said: “We’re dedicated to providing our LastPass Enterprise customers with a frictionless experience employees love and the strong security and control IT admins need.
“By tying LastPass to Microsoft Active Directory Federation Services, employees truly only have one password (their AD password) to remember, which translates to a higher adoption rate, helping organisations meet their password security goals faster.”
What does LastPass add to ADFS?
Integrating ADFS with multiple third-party solutions is nothing new. In-house developer teams write the integration in large enterprises. For smaller businesses, integration requires relying on third-party developers and support teams. This is expensive and time consuming when integration with multiple solutions has to happen.
The LastPass ADFS integration does not require a user to create their own LastPass login. It is provisioned for them through AD. This means that existing and new employees can be given LastPass access easily. Once enrolled, they can store all the passwords they need to manage to use single sign-on across multiple systems.
LastPass also offers multiple policies for passwords. This allows IT more flexibility when it comes to locking down access to multiple systems. Employees can access it wherever they are as it is a cloud-based solution.
What does this mean
Users no longer access a single enterprise system nor do they work exclusively within the control of a single organisation. The growth of cloud services means that they use as much, if not more, cloud-based software as they do enterprise software. This leads to the reuse of security credentials and means that a single password breach can lead to multiple system access.
Password management and vaulting systems, such as LastPass, provide a secure storage location for security credentials. The user only needs to remember a single username/password combination to access it.