LastPass password manager interview: successes and challenges

lastpass logo and app preview

In our LastPass review, we praised it as a “reliable service at an affordable price.” Not just reliable, though—LastPass is also easy to use, and has a great free tier that offers unlimited password storage. It’s one of the best password managers available today, and certainly one of the most popular.

We were fortunate enough to speak with Dan DeMichele, VP of Product Management for LastPass, to learn more about LastPass’s greatest successes and biggest challenges in the past few years, especially as they relate to the COVID-19 global pandemic.

Can you give us a brief overview of the company and what it does?

LastPass is an all-in-one access and authentication solution that increases individual password hygiene and company security posture.

From business grade password management and single sign-on to multi-factor authentication that works on everything from cloud and mobile apps to legacy on-premise tools, LastPass gives granular control to IT and frictionless access to users.

LastPass is trusted by industry experts worldwide, serving more than 70,000 businesses of all sizes. Founded in 2008, LastPass joined the LogMeIn family through an acquisition in 2015.

What’s been your biggest success, and why?

In 2020, one of our biggest milestones was reaching 25 million LastPass users around the globe. Additionally, 70,000 businesses count on LastPass to simplify and secure their digital lives.

Watching our community grow, especially during the pandemic, was remarkable as organisations quickly transitioned to remote work. It was unique to see that our solutions were pivotal for many organisations and users as they moved to a new way of working and living securely.

What have been the biggest challenges, and how did you tackle them?

The sudden shift to remote work due to the COVID-19 pandemic brought an array of challenges to many organisations. Like many companies, our IT teams felt an immediate impact, as they quickly had to enforce stronger security to support flexible, virtual environments.

During this time, our business continuity plan became an important lifeline for our company, as we were able to seamlessly transition to a fully remote work policy for the duration of lockdown.

Prior to the pandemic, our teams were well versed in a “working-from-anywhere” culture. Despite the experience, we still faced a wide variety of challenges as employees adapted to social distancing practices, and worked alongside kids, animals, and significant others.

RELATED RESOURCE

A modern digital workplace strategy

Why working and learning from anywhere matters

FREE DOWNLOAD

Recapturing the normal in-person energy was seemingly challenging—as video chats replaced hallway conversations. Leveraging technology, such as LogMeIn’s GoToMeeting, allowed us to communicate effectively despite the physical distance.

With more people online than ever before, cybercriminals leveraged the unprecedented chaos to conduct COVID-19-related scams and attacks. While our company did not have any direct attacks, our IT and security teams were on heightened alert, and enforced stronger security measures to mitigate any threats and enable a secure working environment for remote employees.

Additionally, we found ourselves in a situation to help companies increase their security posture, by using our unified access and authentication platform to thwart attackers.

What impacts - both positive and negative - has the pandemic had on your business?

The shift to a remote workforce exponentially expanded the threat surface. This digital dynamic workforce shift highlighted and accelerated the need for security outside the company's physical or even logical perimeter—as more employees than ever were accessing business accounts through various devices in various locations.

Plus, many of the accounts employees use to get their work done are not fully within the control of the IT team. When you remove the perimeter and remove control over the end device, the only thing that is left to protect is the identity of the user. We saw more IT teams prioritising access management and authentication to support a secure remote workforce.

As companies continue the long-term shift to a hybrid remote working model, we will continue to see organisations implementing solutions such as password management, SSO, and MFA to further enhance the organisation's security.

LastPass login screen on smartphone

What new market challenges and opportunities have you seen emerge?

As organisations worked to navigate the challenges brought on by the pandemic, many new opportunities emerged. For the first time, many organisations implemented a robust business continuity plan to maintain day-to-day operations around the globe.

This plan caused many business streams to adapt to new policies and procedures, and many had to adapt to the changing role of management. As everyone moved online, collaboration between all departments became essential.

For example, IT, Security, HR, and Business Operations had to break down their siloed work streams to navigate the many challenges that remote work presented. Throughout all these challenges, many new lessons were learned, and enabled businesses to build stronger and more resilient operations.

We saw first-hand how important it was for businesses, especially SMBs, to lock down their cybersecurity while also allowing employees to communicate more effectively. Our LogMeIn solutions across the board helped them do just that.

Are you taking advantage of the new world of blended and remote working? If so, how?

I am taking advantage of the flexibility that this new, digitally dynamic workforce is promoting. Not having to commute to the office every day allows me and others to have a greater work-life balance.

Additionally, at LogMeIn/LastPass, we are taking advantage of hiring top talent no matter the location. Having a hybrid workforce allows us to reshape our long-term investments, and support employees from anywhere at any time.

What are your aims for the future?

As we come out of lockdown, I hope that we learn from our resilience and readiness so we can combat any new crisis that comes our way. The pandemic has taught us many lessons, and my hope is that organisations come away from this experience with a better understanding of why they need to have effective security measures in place.

With the role of IT and security changing, it’s essential to secure and protect the organisation's assets no matter where its workforce is located. Implementing the right software and security education programs—from collaboration tools to password management—will support a stronger and more secure organisation in the future.

How do you see the password security/management sector changing in the next five to 10 years?

In the next ten years, I believe we will see more organisations adopting passwordless authentication to streamline and simplify the login experience for employees.

Adopting identity solutions, including password management, single sign-on, and biometric authentication, will enable organisations to improve their overall security posture. Recently, we have seen an uptick in cyberattacks—Colonial Pipeline and SolarWinds just two from 2021— targeting enterprises.

As we look ahead, no company is safe, and it is up to organisations to enforce better password security and management to mitigate attacks effectively.

Christian Rigg

Christian is a freelance writer and content project manager, with over six years' experience writing and leading teams in finance and technology for some of the world's largest online publishers, including TechRadar and Tom's Guide.