With over 40 years of experience as one of Australia’s leading tertiary education providers, Deakin University has won numerous awards and teaches over 60,000 students each year. A multi-award winning, internationally recognised university, Deakin has a history of being innovative and cutting edge, offering excellent facilities, exceptional teaching and flexible learning to all students, whether on campus or online.deakin.edu.au
Using the same or similar password for each login because it’s easy to remember and keeping a record of different login details in an Excel spread- sheet or equivalent, is high risk behaviour that makes stealing credentials rewarding for hackers. Using a bad password protocol increases risk.
Deakin University uncovered similar behavior, that staff were not using secure methods to store and share sensitive information and private notes. For example, some staff were keeping personally identifiable information (PII), including credit card numbers and passport details in spreadsheets saved on shared drives.
At the same time, there were others at Deakin University who understood the importance of password security, resulting in the use of a variety of password management solutions that were unruly to manage and not easily scalable into a campus wide solution.
“The requirement for password sharing became more obvious as other teams across the university began exploring the how they could use a password manager. Our developers needed to share credentials and API keys with other people in the team in a secure way, and there were people who needed to share sensitive information with other parts of the organization.” Dushyant Sattiraju, Cyber Security Operations Team Lead at Deakin University
Deakin University searched the market for a password management solution that could be leveraged across a broad spectrum of users – technical, non- technical, staff, students, and alumni. The winning solution would need to also allow the University to have a single, central location for users to store their sensitive information such as credentials, passport numbers, banking details, and private notes.
Deakin deployed LastPass Business across the entire university, to students and staff.
“We were looking for a password management solution that was user-friendly and didn’t require a lot of effort to deploy. LastPass was on the table and we saw it as a good option. It was easy for both technical and non-technical people to use, was more comprehensive and universal.” Sattiraju
The university now has visibility of over the use of each “bad password” being used and can proactively examine how users are interacting with LastPass through the LastPass admin dashboard. They are able to understand password strengths, the risk around privileged accounts, and how often people repeat passwords - insights that have proven valuable for educating users while rolling out LastPass.
Secure File Sharing
The university found that some users had been using their Deakin credentials for third-party sites, such as social media, an example of a scenario they can now use to point out bad habits and suggest best practices instead.
Deakin University is appreciating their newfound ability to better safeguard their sensitive data, records, and passwords. They can rest assured knowing their personal information is safely protected against data breaches and hackers.
"We’ve had training sessions and webinars to help them transition from using the same password everywhere, to using LastPass to have unique passwords everywhere, improving their overall online security." Dushyant Sattiraju, Cyber Security Operations Team Lead, Deakin University
Additionally, the solution has aided in ensuring seamless transitions for newly hired and departing employees, saving them valuable time and effort. “When you have a developer on the team leave the organisation, we no longer need to reset all the passwords that they may have had access to. Now, we can share credentials with developers without revealing them via LastPass,” said Sattiraju.