What are managed companies for LastPass Business?
The "Managed Companies" feature of a Managed Service Provider (or, MSP) account for LastPass Business provides the ability for LastPass admins of the primary account (i.e., MSP technicians) to manage multiple independent tenants (i.e., company accounts) for LastPass all from one primary account.
Managed companies have all the features and functionality available to a LastPass Business account, including various multifactor authentication options, directory integrations, federated login, over 100+ customizable policies, single sign-on capabilities, and much more. For more details about the various features and tools included in LastPass Business, please see the LastPass Admin Toolkit.
This company management solution allows LastPass admins to have granular control over all aspects of the LastPass accounts they oversee, including full access to the Admin Console of each managed company. If desired, a hybrid model can be set up, which allows both the LastPass admin of the primary account (MSP technician) and the local LastPass admin of the managed company account to share management responsibilities.
What is the technical structure of managed companies?
LastPass Managed Service Provider accounts (i.e., MSPs, managed companies) utilize strict and secure data isolation between each managed company, at both the logical and encryption layer. This is critical to support independence, privacy, and security for each company account that is managed in LastPass Business. It also preserves compliance with security and privacy standards covering SOC-2.
Since LastPass uses a zero-knowledge security architecture, each managed company's data is completely separate and encrypted with a key derivation architecture that is specific to each managed company. Therefore, it is not possible to inadvertently share managed company related data (e.g., emails, admins, teams, roles, vault data, etc.) with any other company that is also being managed.
What is displayed on the Managed Companies page?
On the Managed Companies page, you can see the following data:
- Licenses – Displays both the total active licenses and total available licenses for the entire primary account.
- Average company-level security score – Displays the aggregated average security score for all managed companies combined.
- Managed Companies table – This section provides a list of all companies managed within the primary account (with the ability to perform various actions), and displays the following details:
- Managed company name
- Company ID
- Managed company status (i.e., active or suspended)
- Licenses consumed by the managed company
- Available licenses for the managed company
- Security score for the managed company
What can I do from the Managed Companies page?
- Add a new managed company
- Navigate between a managed company and the primary account
- Allocate more licenses to a managed company
- Return licenses from a managed company back to the primary account
- Suspend a managed company
- Reactivate a suspended managed company
- Detach a managed company (so it can be managed independently)
How do I get started?
Please see our LastPass Business MSP Deployment and Adoption Guide (PDF) to learn how to get started.