Keep your MSP Secure with LogMeIn Central

Cyber criminals are targeting MSPs more and more due to the number of accounts they have access to on their networks.  MSPs need to be consistently vigilant with their security practices and ensure that they are partnering with software vendors that also prioritize security.

LogMeIn prioritizes the security of our software solutions to guarantee that we’re providing best-in-class security to keep your business and users secure (and to provide you peace of mind).

Here are a few ways we work to keep you secure:

Data Encryption

LogMeIn uses 256-bit SSL encryption on data that is passed from the host through the internet. This ensures that your data is protected while being transmitted outside of your network.

Multi-Factor Authentication

LogMeIn recommends all users introduce multi-factor authentication to add an additional layer of protection to their account. In Central, customers can choose to receive codes via the LastPass authentication app, text message, or email. To learn more about adding multi-factor authentication to your account, visit help.logmein.com.

Intrusion Detection Technology

In LogMeIn Central, we have multiple intrusion detection filters to safeguard your account.  First, we employ a TLS Filter to ensure that data is not changed in transit. Second, we employ our own filters to protect against malicious behavior. These filters include an IP address filter, Denial of Service filter, and Authentication filter. These filters are built to flag any malicious behavior and reject the connection attempt.

Software Updates

The LogMeIn host, based on user preferences, can semi-automatically or automatically update itself on the user’s computer.  These software updates are digitally signed with a private key that protects customers in the result of one of the LogMeIn data centers being compromised.

When it comes to your business’ security, do not compromise with a vendor that doesn’t take it seriously.

To learn more about our security practices, read our security whitepaper.

         

Love Bites: Ransomware Mimics Love Letter

You’ve probably heard the expression “love hurts” in the context of a heartbreak, but how about a ransomware attack?

This Valentine’s Day, we’ve heard reports that internet criminals are taking advantage of human emotions with romantically-inspired ransomware attacks. With Valentine Day inspired subject lines – ‘My letter just for you’ or ‘Wrote my thoughts down about you’ – these phishing emails are pulling at the heartstrings. Once the email is opened, victims see a love-letter named attachment that, if downloaded, will immediately install ransomware onto the victim’s computer. This will encrypt the victim’s computer until they pay the determined ransom.

These holiday-specific ransomware attacks are nothing new to consumers, but are increasingly targeting small businesses.

To keep your small business network secure from this type of targeted attacks, experts recommend creating a strong patch management policy. Patches are released when a provider discovers a vulnerability in their system that needs fixing, but organizations are not yet effective at installing these patches when these vulnerabilities are discovered. A 2018 Ponemon Institute report showed that 34% of cyber-attack victims were already aware of a vulnerability prior to being attacked. Small businesses need to have proper patch management in place to address a vulnerability prior to its exploitation by cyber-criminals.

As cyber-criminals become more specific and targeted (and even a little romantic), IT teams need to become more preventative and secure. Patch management is a key step to preventing targeted ransomware attacks and to staying one-step ahead of cyber-criminals.

To learn more about what a cyber-attack costs a small business, check out our infographic here: https://www.logmein.com/central/resources/doingnothing

         

LogMeIn Central Rated Top Endpoint Management Software in G2 Crowd

By verified product users on G2 Crowd, LogMeIn Central has been awarded the highest rated & easiest to use endpoint management software solution!

On top of those rankings, LogMeIn Central was also given top rankings for having the highest ROI, the smoothest implementation, & being the most usable.

G2 Crowd rankings are based on an algorithm that incorporates real-user satisfaction scores from review data. Thank you to all our users for the positive ratings!

To learn more, visit: https://www.g2crowd.com/categories/endpoint-management

 

         

PHISHING ALERT: FAKE EMAILS MIMIC LOGMEIN OFFER

We are getting reports from LogMeIn customers about suspicious emails that are designed to look like they are coming from LogMeIn — they have all the hallmarks of phishing attempts.

The reports are meant to look like a LogMeIn email. The email subject line is: You have earned 6 months of free subscription!”

We want to make it clear that these emails did NOT come from LogMeIn and people should NOT click on the links in these emails.

While we are working with our partners to remove these malicious websites, as part of our commitment to security, we want to make sure our users and the public are aware of this specific email, and provide an easy way for people to identify the tell-tale signs of phishing attacks.

If you have clicked a link in this email, we recommend changing your password and enabling two-factor authentication on your account as well as your users’ accounts.

Email subject line: You have earned 6 months of free subscription
Intended behavior/action: Tries to get you to open the embedded link which then downloads a malicious file.

         

Watch our latest Central Master Class

Last week, we hosted our third Central Master Class on the LogMeIn Client App & One2Many Task Management. These Master Classes are quarterly webinars that are designed to go in-depth into two features of Central to ensure that you are using Central to the best of its abilities.

In this Master Class, we covered: 

  • The most efficient way to install software and distribute files across multiple computers 
  • Our top tips for running scripts and automating manual tasks  
  • How to quickly connect to your remote computers without a web browser

To watch this Master Class as well as previous Master Classes, visit:  https://www.logmein.com/central/resources/masterclasses 

         

Double Threat: How Your Endpoints & Passwords Put You at Risk

From passwords resets to corporate network threats, today’s IT teams are increasingly burdened with time-consuming tasks that keep them from more strategic work. With this in mind, we created an informative infographic to demonstrate how your passwords and endpoints might be putting you at risk – and then show you how to address these problems.

 

         

LogMeIn Central Named a Top Endpoint Security Vendor

By a third-party reviewer, LogMeIn Central has been named one of the top 6 endpoint security vendors to watch in 2019.  This reviewing site focuses on Endpoint Security & Protection Platforms and posts about best practices when evaluating or maintaining an endpoint solution.

The reviewer writes:

“LogMeIn provides a comprehensive endpoint management and security solution indicative of the blurring lines between identity security and the traditional endpoint perimeter. The LogMeIn Central solution security portfolio includes anti-virus, patch management, proactive alerts, software inventory, and computer health monitoring, thereby providing a comprehensive package for enterprises struggling with perimeter security gaps or visibility issues.”

To learn more, visit: https://solutionsreview.com/endpoint-security/top-6-endpoint-security-vendors-watch/

         

Can your business afford a cyber-attack?

 

For small businesses, strong endpoint security is no longer a nice to have, but a necessity to proactively prevent threats and mitigate costs. According to the IDC, 70% of successful breaches begin at an endpoint. In addition, over the past 5 years, the number of breaches targeting small businesses has been on the rise. Small businesses need to improve their endpoint security or it is increasingly likely that they will experience a costly attack.

In honor of National Cyber-Security Awareness month, we investigated the types of endpoint breaches that are impacting small businesses and the most effective ways to proactively mitigate those threats to save costs and keep your endpoints secure.

Learn more on our website at https://www.logmein.com/central/resources/doingnothing

 

         

This National Cyber-Security Awareness Month, Focus on Patch Management

 

Every day it seems like there is another cyber-attack impacting small businesses. Per the Ponemon Institute, 61% of small businesses have experienced a cyber-attack in the past 12 months (up from 55% the previous year)1. In fact, the U.S. Securities and Exchange Commission estimates that most targeted cyber-attacks are directed at small businesses2.

As this landscape is rapidly changing and October is national cyber-security awareness month, it’s more important than ever for IT and MSP professionals to take the time to understand their vulnerabilities and to learn how to proactively protect themselves.

A key area where IT professionals can improve their ability to proactively protect themselves is against ransomware attacks. 52% of small businesses reported experiencing a ransomware attack in the past year and this number is on the rise1.

Luckily, there are tools available to IT professionals to help them proactively combat ransomware attacks. These tools focus on patching known vulnerabilities, which is an extremely effective way to stay ahead of cyber-attacks. Per Fortinet, 90% of cyber-attacks in the last year could have been avoided if people updated and patched their systems3. In addition, the research found that, of companies who experienced a cyber-attack, 60% experienced a successful attack for which a patch had been available for over a decade3.

The importance of utilizing these patch management tools is shown through the recent WannaCry cyber-attack.

WannaCry was a destructive ransomware attack that impacted more than 100 countries4. For the vulnerability that was attacked, Windows had released a patch a month prior. All the companies that fell victim to the attack had not implemented the Windows patch which left most IT departments and MSPs scrambling the days after the attack to lock-down and ensure their systems were properly patched. If these organizations had been proactive with updating their patching, they would have prevented the attack from impacting their networks and daily business operations.

With national cyber-security awareness month upon us, we should all be thinking through the best practices we should implement to improve our security and minimize our risks – and patch management is one of the best places to start.

 

  1. Ponemon Institute, ‘2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)’, 2017. ​
  2. U.S. Securities and Exchange Commission, ‘The Need for Greater Focus on the Cybersecurity Challenges Facing Small and Midsize Businesses’, 2015.
  3. Fortinet, ‘Report: Dissecting Our Q2 Threat Landscape Research’, 2017.
  4.  Smarter MSP, ‘The Most Telling Cyber-Attacks and Data Breaches of 2017’, 2017.

 

         

Did you watch our latest Master Class?  

Last week, we hosted our second Central Master Class. These Master Classes are quarterly webinars that are designed to go in-depth into two features of Central to ensure that you’re using the product to the best of its abilities.  In our latest Master Class, we dove into the User Management and Alert features.

In this Master Class, we covered: 

  • How to simplify your user management by arranging users into groups and controlling permissions 
  • The fundamentals of setting-up, monitoring, and acting on Alerts to proactively address issues before they occur  
  • A closer look at how these features will make it easier for you to take control of critical IT task 

To watch this Master Class as well as previous Master Classes, visit:  https://www.logmein.com/central/resources/masterclasses