PASSWORD REUSE ISSUE AFFECTING SOME LOGMEIN USERS

This excerpt is from a post that originally appeared on our official corporate blog: 

“…Today we began proactively resetting some LogMeIn users’ passwords. So we wanted to let both these users and the rest of our customer base understand why. The short version is these users’ credentials were on a list making the rounds on the web — credentials taken from high profile breaches at companies like LinkedIn, Tumblr and MySpace. Here’s a bit more.

What happened?

As you may have seen in the news, lists of hundreds of millions of user credentials taken from past breaches (mostly at social networks) are now being used for a variety of recent nefarious activity on high profile sites like Netflix and Facebook.

LogMeIn actively looks for situations where the accounts of our users could be at risk—even if the threat is external to our service. In this particular case, we identified users who may be at risk because of password reuse. Out of an abundance of caution, we proactively reset those users’ LogMeIn passwords…”

View the entire post on our corporate blog at blog.logmeininc.com.

 

 

         

Why CAPTCHA (and how do you turn it off)?

Your security is our first and foremost interest. Your experience is an incredibly close second. So we want to protect you in the most friction-less way possible. To that end, we’ve just started using a CAPTCHA check when you login to join.me, LogMeIn Pro, LogMeIn Central and/or Cubby. But we understand it does add an extra step that some users may not want. So here’s a quick take on why CAPTCHA is a good thing when it comes to protecting your account…and how you can turn it off if desired.

Why CAPTCHA:

Simply put, CAPTCHA stops most brute force attacks. That is, it stops bad guys who are trying to run hundreds, thousands or millions of login attempts against popular online services to gain access to individual user accounts. You’ve likely heard the recent stories, but if you haven’t, millions of social media accounts are reportedly on sale. Worse is there is lots of evidence that hackers are counting on users’ reusing these across other services.  CAPTCHA largely protects against such attempts.

How to turn it off:

CAPTCHA should help as an extra layer of protection against password reuse, in that it protects against automated, big scale attacks that rely on such reuse. Even better is changing your password. So if you want to shut off CAPTCHA, all we ask is that you reset your join.me, LogMeIn or Cubby password. Here’s how you can do that.

         

Secure Password Practices for IT Teams and Employees

Closeup of using modern mobile phone with email icons around it.

We’re halfway through June and I’m sure you’ve read more best practices and tips on Internet safety than you can even recall. However, our focus for today is one you don’t want to overlook. Today, we’re talking passwords – both what you can do from an IT perspective and what you can recommend to employees.

In previous posts, we’ve talked about how employees tend to be our biggest weakness when it comes to security; poor or uninformed habits open the door for phishing attempts and hackers. One of those biggest doors is through passwords, which we now use in nearly every facet of our workday – computer logins, wi-fi access, email, servers, and so much more. Knowing that almost two in three consumers (65%) either mostly or always use the same password, and nearly half store (and share!) passwords in a spreadsheet, it’s not difficult to see how serious problems could stem from password habits.

Tip #3: Establish password policies: Almost a quarter of people do not consider themselves informed on the best practices for password protection, so you can enhance your company security with a rather simple focus on passwords.

On the corporate/IT systems end, set up requirements for employees, including mandatory password changes every 30, 60, 90 days (you choose the increment), requirements for strong passwords, and enabling two-factor authentication on all systems that house important data.

For employees, setup a password security crash course and highlight the value this has not only on their work life, but also helps them prevent a breach in their personal accounts as well.  Educate employees on what it means to have secure passwords. This means not only creating strong passwords for your accounts, but also not sharing them with co-workers, friends and family, using a password manager to store passwords, changing passwords often, and using unique passwords for multiple accounts. Also, it might sound like a no-brainer but make sure employees are not using the same passwords for both personal and work accounts.

         

Educate your employees during Internet Safety Month

central

In honor of Internet Safety Month, we’re offering up some of our best tips that help small businesses keep their employees and company information safe from fraud and hackers.

Your company is only as strong as your least-informed, most insecure employee; nearly 30% of companies say employee apathy is a big threat to their company’s security. It’s worth the time and investment in educating your employees, reinforcing the risks of weak security habits and instilling good habits, which is the focus of this week’s Internet safety tip.

Tip #2: Establish device management policies: It’s clear that how we get work done every day has changed dramatically in the last 10 years. It’s becoming much more uncommon to find desktop computers and the prevalence of laptops, tablets, and smartphones in the workplace has risen dramatically. With these devices, employees are able to work out of the office far more frequently. But that means IT teams need to be even more diligent with device management and BYOD policies, including encryption, firewalls, VPN requirements, and more.

However that’s only one side of the problem. Be sure to instill good practices with your employees. Encourage them to lock their computers before walking away from them or keep them securely stored somewhere while traveling, especially while traveling in places like airports or hotels. Also be sure employees understand not to connect outside devices – like external hard drives – to their work computers because of the risk of what those devices might bring to the computer.

Check out Tip #1 on safe browsing practices and stay tuned next week for another tip!

         

Customer Spotlight: Tom Hayden, Store Systems Manager at Cosi Restaurants

cosi2

A few weeks ago, we had the opportunity to speak with a few of our local Central customers at our Boston office, and one of those customers was Tom from Cosi, a nationwide fast-casual restaurant group – he’s been using Central for many years now at multiple companies and currently keeps all of Cosi’s POS terminals online with LogMeIn.

Here is a snippet of our conversation with Tom about how he uses Central in his day-to-day:

Let’s start off with what your role is and how you use Central.
I manage all of our POS systems at Cosi based here in Boston, and I use LogMeIn to manage all POS machines in every corporate and franchisee location across the country. We have over 500 terminals. I have to meet PCI compliance and LogMeIn is basically one of the only secure ways out there right now, especially with SSLs. Other than that it’s a VPN connection.

How did you first learn about Central?
Previously I worked for Elephant & Castle and while I was there, I implemented Central. Everywhere I go, LogMeIn follows. It’s a great product and easy to use. At Elephant & Castle they were using PC Anywhere and we had to connect to the network with a VPN, and I really don’t like that approach. It’s archaic and slow. So I rolled out LogMeIn to all of our machines. It was a no-brainer.

On a daily basis, what do you turn to Central for?
We use Central for anti-virus management to meet our PCI compliance requirements, as well as two-factor authentication. And I look at the reporting in Central to see if any threats have come in. In addition to that we use Central for installing new software and running scripts remotely.

We use an outsourced helpdesk to manage our help desk tickets and they all connect through Central. With that setup, we’re always actively creating new accounts and moving accounts out as end users get hired with the helpdesk vendor.

What keeps you using Central?
It’s simple. If the POS isn’t up, we don’t make money. With LogMeIn, I have an alert that goes out when a POS terminal is offline for 15 minutes. When it’s down for 15 minutes, there’s a problem. I get the alert and call the store, usually before they even know it’s down.

 

OLYMPUS DIGITAL CAMERA

         

4 Tips for SMBs During Internet Safety Month

Happy June and Happy Internet Safety Month! In a world where one in five IT professionals has experienced a malicious attack on their systems or accounts in the past year, Internet safety and security are more top of mind than ever.

As a small business, you need to be smart about how you protect your most valuable data and information, and we’re here to give you to the tools and resources to protect your organization. It’s important to understand possible threats, identify your organization’s security weaknesses, and establish processes to address internet and device safety, and protect the organization from risks.

Over the next four Fridays in June, we will offer up a new tip for SMBs on how to handle internet safety in their company.

Tip #1: Create Internet Browsing Awareness: Whether it’s while perusing websites or checking email, employees need to be aware of suspicious activity and links. As a company, establish internet browsing guidelines. For example, do you block all social media? Video streaming? Music streaming? Also what categories of sites do you block due to inappropriate content or potentially suspicious activity? Put these rules and regulations into a document that you share with employees on their first day of work and post it where it can be found at any time.

Email fraud and phishing is another very serious threat, mostly because of how common it is. According to recent research we conducted, phishing is a top 3 concern among IT teams (behind malware and hacking).  Prepare employees to look for potential phishing attempts that are designed to steal personal and valuable information. Safeguard your company by understanding the key signs of a fraudulent email and communicating them to employees. Have employees ask the 5 questions below if they suspect a phishing attempt. If they can answer ‘yes’ to one or more, the email might be suspicious.

Stay tuned next week for Tip #2 in support of Internet Safety Month!

 

         

Introducing a New BoldChat

boldchat_hero-panel_01

Recently, I’ve spent a good amount of time speaking directly with companies about challenges and opportunities with regards to today’s customer experience.  It’s surprising that regardless of the industry and even geographical region, most agree that while exceptional customer experience has always been important, it’s never been more difficult to achieve.

This is a fact of doing business in the world which we live in today.  Customer experience is rapidly changing by the likes of Uber and Amazon – customers expect everything to work effortlessly and instantly with a single click.  “Click” and a car arrives to pick me up….  “Click” and a box is delivered to my doorstep in an hour… It’s magic.

So when it comes to Customer Engagement and Support, it’s not surprising that customers expect the exact same thing.  And the expectations of today’s customer makes it hard for today’s contact center to keep up.

Given technology advancements, millennial trends or a number of other factors, a stellar customer experience is absolutely required in order for companies to either compete or go the way of the dinosaurs.  But as the world of customer experience continues to rapidly evolve, we have seen more than a few challenges in traditional customer engagement which are completely avoidable.   These include:

  • Siloed Communication – Moving from channel to channel was often not seamless. Customers who started their communication via Twitter might be escalated to a phone call. The problem is that the agent responsible for social was often not the agent in the call center – leaving the customer needing to explain their question or issue over again.
  • Inefficient Use of Channels – Simple questions, like a password reset for example, can generally be best answered through lower touch channels like an FAQ or Live Chat, but often higher touch channels like phone are being used for these simple questions. While those channels will certainly get the question answered, it is likely not the most efficient for the customer and more expensive for the company.
  • Disjointed Customer Information – In traditional multi-channel situations, information about a customer is housed in a variety of different repositories requiring agents to toggle between various locations to understand the full scope of the customer query and resulting in incomplete information and longer time to resolution.

If you can remove these barriers, you can begin to take back and own the customer experience.  This is where an omni-channel approach to customer experience is emerging.  One that provides the right channel to the right customer for the right situation.

We’ve been talking about the merits of an omni-channel experience to help our customers move beyond these challenges for a while and today we announced a brand new version of BoldChat that continues our mission to provide a market-leading live chat and omni-channel customer engagement solutions which gives businesses the control and flexibility to distinguish themselves in the marketplace.     The latest BoldChat adds new channels including video chat and auto answers – ensuring that whether the customer query requires a high-touch interaction, a self-service question, or anything in between, BoldChat can meet those needs.   We also added a new UI that provides agents a consolidated view of all customer communications and relevant information in order to provide a more personal experience with faster resolution times.

We’ve all been in situations where customer service has made or broken our relationship with a brand.   We remember those times, we tell our friends and families about those experiences.  Today’s announcement takes customer service to the next level.  By providing a seamless omni-channel experience for customers on the front end and all the tools agents need to do their jobs efficiently and effectively on the backend, companies can elevate and personalize the customer experience to a level that will make them stand out against competitors, boost sales and increase customer loyalty.  Making a strong relationship between the customer and brand, not breaking it.

         

Customer Spotlight: Running a Live Performance with Chicago Symphony Orchestra

Earlier this year we traveled to Chicago, Illinois to visit with Dan and co. at the Chicago Symphony Orchestra (CSO), where they’ve been using Central for nearly a decade.

What we love about Dan and the CSO (other than the fact that they’re long-time users of Central) is how they embody that behind every great company, organization, or even performance, is an IT team, working at all hours from wherever they might be to keep everything up and running. As outsiders, we usually don’t see all that goes on behind the scenes and the CSO is a great example of what goes into ensuring an entire orchestra is able to perform night after night.

Dan and his team use Central on a daily basis to ensure that all of their computers and servers around the orchestra are up and running. With Central, they’ve made impressive improvements to their IT processes, including cost savings on licensing and hardware, decreased IT time spent on support requests, and increased proactive identification of critical software updates and machine health.

Watch the whole story here:

         

NEW: Collaborate with your team on shared documents

How many times a week – or even a day – do you send files back and forth for review and editing? Given that most of us live in Word, Excel or PowerPoint, the answer is probably a lot. With new user-level access controls for file storage in LogMeIn Pro, you never have to send another file via email ever again.

With LogMeIn Pro, you can now share folders with individuals or teams, and collaborate by viewing and editing the contents of that folder. Whether you have a client presentation that requires input from product, marketing, and sales, or you want a central location for all team documents, file storage in Pro gives you the access and collaboration tools you need.

Simply hover over the folder you’d like to share and click “Share folder.” On the next screen, you can add the email address of the users – with no limit on how many users – you want to share with, or choose to generate a public link. The best part? The users you’re sharing with don’t have to be connected with your Pro account in order to access the file. You can share with anyone – vendors, clients, colleagues, whoever!

Log in to get started or watch the video below about file storage in Pro.

         

Mac remote control & support just got better

As an internal IT team or service provider for customers, it’s likely that you’re supporting at least a few Mac computers. You might even be on a Mac yourself. With LogMeIn Central’s latest product update, it’s now even easier to manage and support those Mac end points.

Whether your network includes many or a few Mac computers, Central offers you an improved remote control experience and additional insights into those computers that allow you to provide more comprehensive remote support.

New and improved features for Macs allow you to:

  • Setup and manage alerts for connectivity, CPU usage, disk storage, and more on Mac host computers
  • Enable Wake on LAN from the Mac desktop client to switch on computers that are in sleep mode
  • Pull inventory information about Mac computers in your network, including hardware, software, and operating system details on installed Macs
  • Remotely access Mac computers in a more seamless, HD experience, especially when viewing streaming video
  • Easily switch between a host computer’s two monitors during a remote session – Coming Soon

Log in now to try out these updates!

Mac Client Wake-on-LAN