Internet2

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

LastPass

overview
Eligible Subscribers:
Higher education institutions in the United States, any of the following not-for-profit organizations when affiliated with a U.S. higher education institution: healthcare providers, research facilities, libraries or museums. Also, U.S. not-for-profit members of Internet2, InCommon, or EDUCAUSE.
Sponsors:
Duke University, University of Texas - Austin
Email:
netplus@internet2.edu
Contact:
Nick Lewis

More devices, applications, networks and users increase the complexity of managing – and protecting – user access across your organization. While people just want to work efficiently, IT needs to promote secure online habits and protect the organization from cyberthreats.

LastPass reduces friction for everyday users while increasing control and visibility for IT with an access solution that’s easy to manage and effortless to use. With single sign-on for IT’s top priority apps, and password management to capture and secure everything else, LastPass protects every access point and conveniently connects people to their work.

Used and loved by millions, LastPass helps organizations of all sizes remove password obstacles and better safeguard their data.

Key benefits for Internet2 members include:

  • Significant discounted rates
  • Ability to pay out of a single budget
  • A parent-sub structure grants an overarching view from the central CIO office into individual colleges for security compliance and usage metrics
  • An education toolkit built to help admins successfully deploy LastPass and encourage adoption
  • A customer success manager to work directly with you on your deployment

Learn more on the Features tab.

features

We encourage you to register for one of our weekly live trainings to learn more. [See side bar 'learn more' section for information].

Affordable and customizable turnkey packages

LastPass and Internet2 have created turnkey, affordable packages designed to make it easy for you to provide secure password management to every person on campus – students, faculty, staff and even alums!

Each Internet2 NET+ LastPass package includes unlimited quantities of the LastPass Enterprise and Premium services. Typically, LastPass Enterprise is deployed to faculty and staff, while LastPass Premium is offered to students, but the choice is yours to make.

Give students, faculty and staff the power to secure their digital life:

  • Password saving and filling: LastPass reliably captures every password at login and fills them in during the next visit.
  • One master password: Remember the master password and forget the rest.
  • Universal access to the vault: Whether on a desktop, laptop, smartphone or tablet, accounts are backed up and synced.
  • Password generator: Create long, randomized passwords that protect against hacking.
  • Password sharing: Conveniently and safely share passwords and notes with anyone.

Simplified deployment for IT admins:

LastPass Enterprise offers centralized administrative tools to allow you to securely manage access at the organizational level for faculty and staff. User accounts are provisioned and managed by an Admin (or team of Admins) through a unified Admin Console. Employees are invited to activate their LastPass account and create their own master password. Accounts can be disabled or deleted by Admins when an employee leaves. Features specific to LastPass Enterprise include:

> Admin Console
The admin dashboard is IT’s command central, offering 100+ customizable security policies, detailed reporting, automated user management, and more.

> *NEW* Combined SSO and EPM

LastPass Enterprise combines SAML-based Single Sign-On and Enterprise Password Management in one solution, with one easy portal for users.

> SSO Catalog of 1,200+ Apps

With a catalog of 1200+ pre-integrated apps, each with an easy-to-follow configuration guide, it’s simple for IT to make critical services accessible in one convenient portal.

> User Directory Sync
Integrate with Active Directory, LDAP, Azure AD, Okta, OneLogin and custom APIs to automatically provision users and apply policies.

> Security Controls
100+ flexible security policies and multifactor authentication options to meet the needs of every organization.

> Team Password Sharing
Manage shared access to apps and web logins with Shared Folders and customized permissions for individuals or groups.

> Linked Accounts
Organizations can choose to allow employees to link a personal LastPass account to their work account for privacy and convenience. Admins can disable or delete the work account while employees can keep their personal account when they leave.

LastPass Premium for Everyone on Campus

Every individual on campus can sign up for a personal LastPass account using their school email address and then be automatically upgraded to LastPass Premium. LastPass Premium accounts are individual accounts that have no centralized control. Features specific to LastPass Premium include:

> Password Sharing
Share any single item with multiple people to give everyone convenient access.

> Emergency Access

Always ensure someone has access to your most important information, in case of an emergency or crises.

> 1GB Document Storage

Keep track of important files and safeguard your private information. Attach documents, PDFs, images, and more, all encrypted and backed up for secure, reliable access.

Support for Deployment and Adoption

LastPass offers streamlined fulfillment tools and educational resources to simplify a campus-wide rollout.

Customized customer success support is provided to ensure you are getting maximum value out of your purchase.

Security

LastPass is a trusted Internet2 partner, and we take your security seriously. At every step, we’ve designed LastPass to protect what you store, so you can trust LastPass with your sensitive data.

LastPass is SOC 2 Type II compliant. This detailed review of our controls and processes is a gold standard for confirming the security and reliability of LastPass.

Plus, you can augment security for LastPass accounts with multifactor authentication.

For more technical information, see the link to the “Security Whitepaper” in the “learn more” section of the sidebar at right.

FERPA, HIPAA and Research Requirements

FERPA requirements are supported as of service general availability.

The NET+ LastPass program offers a Business Associate Agreement (BAA) in support of HIPAA compliance. Institutions wishing to adopt the BAA with LastPass can do so after signing the Participation Schedule for the LastPass service. Institutions that do not plan to sign the BAA will need to agree not to store PHI in LastPass. Each institution still has the responsibility to implement LastPass (leveraging the tool sets provided) in a manner that is HIPAA compliant. LastPass cannot guarantee that each customer will leverage the appropriate tool sets to configure and implement LastPass to ensure HIPAA compliance. We believe that LastPass can be used in compliance with most research requirements, although the institution should check specifics (especially around FISMA).

fees

LastPass is priced as a flat annual fee that is based on 'actual campus size' (FTEs + students). The package includes unlimited licenses of LastPass Enterprise for your faculty/staff, and unlimited licenses of LastPass Premium for anyone within your community (anyone with a college-issued email address). This flat annual fee makes it easy to budget, and affordable for every school and team on campus. 

As a member of the Internet2 Community, you are eligible for preferred pricing. 

For pricing questions please contact: netplus@internet2.edu.
 

Billing

The subscription year is initially based on the 12-month period beginning the first of the month in which your service begins. The first year, you will be billed according to the size of your institution within 30 days of account activation for your first 12 months. Subsequent year renewals will be annual based on your starting (anniversary) date. Your institution may choose to change the billing cycle after the first 12-month period.

Systems

Systems can leverage their collective buying power to save even more with the Internet2 NET+ LastPass packages. To buy for the entire System, simply total up the ‘Actual Campus Size’ of each member-institution and map this total to the appropriate tier on the table above. If only select schools choose to participate, then the individual package rates above shall apply based on the individual campus size of each participating institution.

Internet2 Membership/InCommon Participation Status Changes

If your institution is currently not an Internet2 member, but subsequently joins, your institution will be afforded the appropriate discounts upon the next LastPass renewal. If your institution is currently an Internet2 member, but subsequently drops membership, then the non-member rates will apply upon renewal.

Cancellation

Your campus may decide to cancel at any point during the subscription year which will cancel the automatic renewal at the end of the calendar year. No refunds are provided for during the current year of service; however, you will have until the end of the subscription term to migrate data out of LastPass as necessary. Upon termination, the university can delete all user accounts at their discretion. Barring deletion by the university, the Premium accounts will remain available to their owners, will automatically convert to LastPass Free accounts, and all Enterprise features will be deactivated.

faq

LastPass has an extensive library of tools available to help educate buyers and users about the services. We encourage you to check them out (see sidebar "learn more" at the right).

General

Who is LastPass and what services do they offer?

LastPass is an award-winning password manager that helps millions around the world organize their online lives. LastPass provides secure password storage to make going online easier and safer, supporting all browsers, platforms and mobile devices. LastPass Enterprise scales Single Sign-On and password management for teams small and large, with the security businesses need and the convenience of one-click access that employees expect. Founded in 2008, LastPass is now a product of LogMeIn (NASDAQ:LOGM). For more information, visit https://lastpass.com.

What is the relationship between LastPass and Internet2?

Internet2 has signed a Master Services Agreement (MSA) with LastPass that provides various terms and conditions tailored to the higher education community. In addition, Internet2 has worked with LastPass to co-develop a customized service offering and pricing options that are better suited to the needs of the Internet2 community.

Where will our data be stored, and who will have access?

LastPass is a cloud-based solution with data centers located in the US, Germany, and Australia. All Internet2 Net+ LastPass data will be stored at US data centers exclusively. Please see our “Security Whitepaper” (linked to from the “learn more” section at right) for more information about our security practices and architecture.

My campus needs a business associate agreement to use LastPass. What should I do?

Please contact LastPass at https://www.lastpass.com/contact-sales to execute a business associate agreement. The template/review copy of the BAA is available here.

Eligibility and Enrollment

Do I have to be a direct Internet2 member to sign up for the Internet2 NET+ LastPass service?

No. Direct Internet2 members get an additional discount, but membership in Internet2 is not required.

How does my institution sign up for the service?

Visit the Participate tab to gather and contact netplus@internet2.edu. You will then be connected with a LastPass Account Manager to help you roll out the program.

Can a portion of my institution sign up (for example, a business school, medical school, or even a single department)?

No, this package is campus-wide. There are user-based options available from the LastPass website for more limited deployments.

What happens if I already have a LastPass account?

If you or a member of your institution have already created an account using your university email address, it can be merged into the new service offering when your school signs up. Account holders can migrate data to a separate personal account using another non-university email address if they choose.

What happens when an account holder leaves the organization?

LastPass Premium: Accounts will revert to free at the end of the then-current subscription term.

LastPass Enterprise: Upon termination, the university can delete all Enterprise end user accounts at their discretion. Barring deletion by the university, the accounts will remain available to their owners, will automatically convert to LastPass Free accounts, and all Enterprise features will be deactivated.

LastPass FAQ

How do I get a copy of the information security policy?

Please contact LastPass to receive a copy of this document under NDA It was reviewed by the campuses in service validation.

Why is LastPass not connected directly to the Internet2 network?

Because of the minimal bandwidth requirements, the service validation campuses didn’t think this was required.

Why is LastPass not using InCommon Federation?

This was a deliberate decision by the service validation campuses and LastPass. LastPass states they do not have access to the encrypted passwords and changing the login process to use InCommon would have potentially given them access to passwords.

Do you have an advisory board for the NET+ LastPass service?

The advisory board is still forming. Please contact NET+ if you are interested in participating in this advisory board.

Do you have something I can give my procurement department?

We have a procurement worksheet that can be shared. Please contact NET+ for a copy.

How do local IT departments deploy LastPass for their individual department?

Contact LastPass to link the sub-organization to the main organization in LastPass to use the main organization’s license. More information can be found at here.

What are the support response times?

LastPass will generally respond to email support inquiries for our paid customers within 24 hours

What if I need more than 14 days for a trial?

Contact LastPass for a longer trial period.

Features and Security

For questions regarding features and security, please see our Features tab.

Cost and Terms

For questions regarding cost, terms of agreement and billing, please see our Fees tab.

participate

To subscribe to LastPass:

  1. If you are ready to sign up for the service, please send a signatory name and email address directly to: netplus@internet2.edu

     

  2. If you need to redline the documents, please see a review copy of the Participation Agreement here and Service Schedule here. NET+ agreements are developed by the community and may not be modified for an individual institution. Requests for changes based on state law requirements may be submitted with appropriate citations to netplus@internet2.edu.

     

    ** NOTE:  If you need a QUOTATION before signing up, please make a request with the details at: netplus@internet2.edu

  3. Need help? Please contact netplus@internet2.edu
     
    Please note, by starting this participation application, you are not required to sign the agreement and will be able to send the agreement via DocuSign to the appropriate party/parties on your campus for signature. The first step does say "Begin Signing", but that means to start the signing process. During the process, you can choose the "Other Actions" option to assign it to someone else for review or signature.

    NOTE: Internet2 uses electronic signatures for legal contracts, unless state law mandates otherwise.