Four Key Components of an Endpoint Management Solution

 

 

Endpoint management is increasingly becoming a top priority in the IT community. It’s defined as the ability to centrally discover, provision, deploy, update, and troubleshoot endpoint devices – including, but not limited to, laptops, desktops, or servers – within an organization. An endpoint management solution feature set is pretty extensive, but the typical features include asset management, patch management, mobile device management, operating system (OS) or application deployment, remote control, and anti-virus management. With so many features falling into the endpoint management bucket, I’m here to help you focus on the four key components of an endpoint management solution.

Patch Management

Patch Management has been a hot topic as of late given the first major cyber-threats of the new year – Spectre and Meltdown. A good endpoint management solution allows you to discover and apply patches to all devices within your endpoint infrastructure. The advantage of leveraging endpoint management technology is that by pairing the ability to patch with alerts and process automation, it enables you to be more productive and proactive securing your endpoints.

OS Deployment

Save time and resources by automatically deploying an operating system to your endpoint infrastructure. An endpoint management solution enables you to deploy an operating system to one or all your endpoints with little to no disruption to the end user. Operating systems have and continue to be a large target for cyber threats which is why having a patch management solution to compliment OS deployment is critical.

Application Deployment

It’s becoming more common for employees to bring their own applications into the workplace – Spotify and Slack just to name a few. Add that to other employee-shared applications like Adobe or Java and the difficulty of managing these applications skyrockets. An endpoint management solution not only lets you manage applications within your ecosystem, but also enables you to monitor your endpoints for software that is outdated or at risk, push software updates directly to one or multiple endpoints, manage and perform multiple updates silently without interruption to end users or remote endpoints, and automate software updates on endpoints to prevent future issues.

Asset Management

A good endpoint management solution collects all the important details about your assets regarding the hardware, software, operating system, and applications running on a given endpoint. It stores this information in a single location – usually in the form of a list view or dashboard – for easy reporting.

If you would like to take a look at an endpoint management solution, try LogMeIn Central Premier for free today.

         

What We Know About The Latest CPU Bugs Meltdown and Spectre and Steps You Can Take to Protect Your Organization

On Wednesday, January 3rd, two CPU bugs were discovered that could impact billions of devices worldwide. These two security flaws, known as Meltdown and Spectre, target most computer processing systems making it possible for attackers to steal sensitive data – including passwords, banking information, and encrypted communications.

Meltdown and Spectre: What Are These New Security Flaws?

Let’s start with Meltdown. Affecting Intel processors, Meltdown enables attackers to bypass the hardware barrier between applications that are being run and the computer’s memory – allowing for them to read a computer’s memory and steal passwords.

Spectre, on the other hand, breaks the isolation between different applications allowing attackers to essentially trick those applications into giving up valuable information. Spectre’s impact is larger given it affects Intel, AMD, and ARM processors. This expands its reach to include a multitude of devices, essentially anything with a chip in it.

Combined, these two bugs affect virtually every modern computer, including laptops, smartphones, tablets, and PCs from all vendors, running almost any operating system.

What steps can be taken to reduce the risk of being exposed to these two bugs?

Three steps your organization can take to reduce the risk of being impacted by these two security flaws are to patch your systems with the latest update, monitor CPU usage, and continue to keep an eye on this evolving threat.

  • Patch Your Systems

Patch Management is an essential part of securing your IT infrastructure. Meltdown and Spectre can impact devices running just about any operating system – including Windows, Mac, and Linux – or application leaving just about every organization at risk. Intel and ARM have issued patches that they deem will make your systems immune to these two bugs – but this requires users to download a patch and update their operating system to fix. If you have not already applied the necessary patches, make sure to do so as soon as possible.

  • Monitor CPU Usage

Because these two bugs target CPUs, be sure to continuously monitor CPU usage on all machines in your ecosystem. If you notice any unusual activity, be sure to raise a red flag to your IT leadership and explore the situation further.

  • Keep An Eye On This Evolving Threat

It has only been a few days since these security flaws were identified. More information is sure to surface over the coming days and weeks – including critical information from the security researchers who identified these flaws as well as the impacted providers Intel, AMD, and ARM.

         

5 tips to enjoy the holidays and stay on the ball at work

Woman holding Christmas gift at the desk

The holidays are in full swing, which means holiday parties, time off with the family, and sneaking away to finish up your shopping. However, it can be a challenge to balance holiday to-do’s with work to-do’s and the last thing we want to worry about during the holidays is work.

For most of us, knowing we’ve covered our bases allows us to flip the work switch off and relax. But that peace of mind can only be achieved if we set ourselves up correctly. And while business is inherently unpredictable, we’ve put together these five tips for factors that you can control before going away to set yourself up for a happy, stress-free holiday season!

  1. Pre-holidays prep

The biggest gift you can give yourself is peace of mind as we head into the holiday seaon, and that means preparation well ahead of time. Anticipating deadlines and prioritizing projects weeks ahead of when you’ll be out of the office can translate into a clear line between what needs to be done before you leave, and what can wait until after. Use apps like Trello to maintain your lists with this “before and after” perspective.

  1. Don’t be a bottleneck

Nobody wants to be the reason a project is being held up, and the key here is communication. Reach out early to all of your stakeholders and let your team know when you’re going to be out of the office – Connect with them in person, via e-mail or quick pings on Slack – so you can leave knowing you didn’t drop the ball.

  1. Notorious OOO message

Probably the simplest, yet most effective thing you can do is to set-up your Out of Office message. For anyone you might have missed before leaving, or that falls outside your usual team, it sets clear expectations while you’re away or unavailable. In many cases, after you let people know that you have limited access to email, they may even be pleasantly surprised to hear back from you while you are away.

  1. Schedule your work ‘check-ins’

If you do need to keep in touch while you’re off for the holidays, be sure to set specific times that won’t disrupt your time with family, and set a maximum on your communication. For example, an easy rule to follow is two email checks in your day: once in the morning, and once in the evening. Reply only to what is time-sensitive, and save everything else until you get back. Done. It’s important to respect the time you have allowed for time off, both for your well-being and for those around you. Switching your email notifications off or even turning your data off while you’re out enjoying yourself can help keep this in check.

  1. Enable your technology

Technology has made it possible for us to be equally or more productive when we are outside of the office. In fact, many leaders are beginning to embrace remote culture for its many productivity benefits. With LogMeIn Pro you can access files on your work computer from your personal laptop, even if you’re over the river and through the woods at Grandma’s house (assuming Grandma has wi-fi). Once you retrieve that document from your work computer, you may need to collaborate on it with a colleague or update a client in a quick meeting. Simple start up join.me from your laptop or your mobile app. You can easily screen share with a colleague or meet face-to-face with a client, maintaining strong relationships even with your time off.

         

Discontinuing LogMeIn Authenticator

Our product development efforts at LogMeIn have always centered on enabling employees and individuals to simply and securely connect to their devices and applications. Today, we notified users of our plans to discontinue the LogMeIn Authenticator, our dedicated two-factor authentication app, on December 31, 2016.

Designed to simplify the second factor authentication process to a single gesture, we’ve built a superior product with a better user experience in the LastPass Authenticator. A LogMeIn product and free mobile app, the LastPass Authenticator delivers a unique one-tap password verification experience and can be used on hundreds of popular applications and websites such as LogMeIn, LastPass, Google, Amazon, Salesforce, and more.

We recommend users migrate their two-factor authentication enabled online accounts over to the LastPass Authenticator before the end of the year. The app can be downloaded from:

For step-by-step instructions on how to enable the LastPass Authenticator for your LogMeIn accounts, please click here. 

         

Plans to Retire Cubby

LMI_logos_new_RGB

Today, we began notifying Cubby users and customers of the decision to retire Cubby, our file sync & share offering. Since its debut in 2013, Cubby has provided a unique file sharing experience for millions of individuals and businesses and this difficult decision was made after much deliberation and consideration.

LogMeIn’s long-term investment strategy is focused on three key technology markets — Collaboration, Identity & Access Management, and Customer Support & Engagement – and we are aligning our product development efforts accordingly to best serve our customers rapidly evolving needs. With such focus comes tough decisions around the future of products that don’t fully align with our strategy, and after careful consideration and evaluation, we have reached the difficult, but none-the-less important, decision to discontinue Cubby.

Our users are our top priority and chief concern with this change, and we are taking steps we believe will help existing Cubby users safely and securely migrate to alternative cloud-based offerings, whether to LogMeIn or other trusted companies.

Cubby Free users will be given until November 16th to migrate away from Cubby, and can choose to move to another free service – LogMeIn is recommending Dropbox and OneDrive – or a paid service, including LogMeIn Pro. Cubby Pro and Enterprise customers will continue to have full access to Cubby, both their files and full product functionality, through their account’s expiration date plus an additional 30 days to allow more time to evaluate options and complete the migration of their files.

Here is a quick tutorial on how to move your files out of Cubby and into another service like Dropbox.

We understand that with any change comes questions and potentially concerns.  Here are a few FAQs to explain what we anticipate will be the most common questions for our users:

  • How are you notifying customers?

All Cubby users are being notified of this decision by email and in-product notifications. Our users are our top priority and chief concern with this change, and we are taking steps we believe will help existing Cubby users to safely and securely migrate to other cloud offerings, whether from LogMeIn or from other trusted companies.

  • Will you offer cloud storage and file sharing capabilities in any of your other products?

LogMeIn will continue to offer cloud storage and file sharing capabilities as key features in our other products – for example both LogMeIn Pro and join.me both offer these features – but we will no longer package them as a separate product.

  • How long will Cubby users have access to their files?

Cubby Free users will be given until November 16th to migrate away from Cubby, and can choose to move to a free service – LogMeIn is recommending Dropbox and OneDrive – or a paid service, including LogMeIn Pro.

Cubby Pro and Enterprise users will have full access to Cubby – both their files and full product functionality – through their account’s expiration date plus an additional 30 days to allow more time to evaluate options and complete the migration of their files.

For more information pertaining to your Cubby Basic, Pro or Enterprise account, please read our detailed FAQs here:

         

Why CAPTCHA (and how do you turn it off)?

Your security is our first and foremost interest. Your experience is an incredibly close second. So we want to protect you in the most friction-less way possible. To that end, we’ve just started using a CAPTCHA check when you login to join.me, LogMeIn Pro, LogMeIn Central and/or Cubby. But we understand it does add an extra step that some users may not want. So here’s a quick take on why CAPTCHA is a good thing when it comes to protecting your account…and how you can turn it off if desired.

Why CAPTCHA:

Simply put, CAPTCHA stops most brute force attacks. That is, it stops bad guys who are trying to run hundreds, thousands or millions of login attempts against popular online services to gain access to individual user accounts. You’ve likely heard the recent stories, but if you haven’t, millions of social media accounts are reportedly on sale. Worse is there is lots of evidence that hackers are counting on users’ reusing these across other services.  CAPTCHA largely protects against such attempts.

How to turn it off:

CAPTCHA should help as an extra layer of protection against password reuse, in that it protects against automated, big scale attacks that rely on such reuse. Even better is changing your password. So if you want to shut off CAPTCHA, all we ask is that you reset your join.me, LogMeIn or Cubby password. Here’s how you can do that.

         

Educate your employees during Internet Safety Month

central

In honor of Internet Safety Month, we’re offering up some of our best tips that help small businesses keep their employees and company information safe from fraud and hackers.

Your company is only as strong as your least-informed, most insecure employee; nearly 30% of companies say employee apathy is a big threat to their company’s security. It’s worth the time and investment in educating your employees, reinforcing the risks of weak security habits and instilling good habits, which is the focus of this week’s Internet safety tip.

Tip #2: Establish device management policies: It’s clear that how we get work done every day has changed dramatically in the last 10 years. It’s becoming much more uncommon to find desktop computers and the prevalence of laptops, tablets, and smartphones in the workplace has risen dramatically. With these devices, employees are able to work out of the office far more frequently. But that means IT teams need to be even more diligent with device management and BYOD policies, including encryption, firewalls, VPN requirements, and more.

However that’s only one side of the problem. Be sure to instill good practices with your employees. Encourage them to lock their computers before walking away from them or keep them securely stored somewhere while traveling, especially while traveling in places like airports or hotels. Also be sure employees understand not to connect outside devices – like external hard drives – to their work computers because of the risk of what those devices might bring to the computer.

Check out Tip #1 on safe browsing practices and stay tuned next week for another tip!

         

Customer Spotlight: Tom Hayden, Store Systems Manager at Cosi Restaurants

cosi2

A few weeks ago, we had the opportunity to speak with a few of our local Central customers at our Boston office, and one of those customers was Tom from Cosi, a nationwide fast-casual restaurant group – he’s been using Central for many years now at multiple companies and currently keeps all of Cosi’s POS terminals online with LogMeIn.

Here is a snippet of our conversation with Tom about how he uses Central in his day-to-day:

Let’s start off with what your role is and how you use Central.
I manage all of our POS systems at Cosi based here in Boston, and I use LogMeIn to manage all POS machines in every corporate and franchisee location across the country. We have over 500 terminals. I have to meet PCI compliance and LogMeIn is basically one of the only secure ways out there right now, especially with SSLs. Other than that it’s a VPN connection.

How did you first learn about Central?
Previously I worked for Elephant & Castle and while I was there, I implemented Central. Everywhere I go, LogMeIn follows. It’s a great product and easy to use. At Elephant & Castle they were using PC Anywhere and we had to connect to the network with a VPN, and I really don’t like that approach. It’s archaic and slow. So I rolled out LogMeIn to all of our machines. It was a no-brainer.

On a daily basis, what do you turn to Central for?
We use Central for anti-virus management to meet our PCI compliance requirements, as well as two-factor authentication. And I look at the reporting in Central to see if any threats have come in. In addition to that we use Central for installing new software and running scripts remotely.

We use an outsourced helpdesk to manage our help desk tickets and they all connect through Central. With that setup, we’re always actively creating new accounts and moving accounts out as end users get hired with the helpdesk vendor.

What keeps you using Central?
It’s simple. If the POS isn’t up, we don’t make money. With LogMeIn, I have an alert that goes out when a POS terminal is offline for 15 minutes. When it’s down for 15 minutes, there’s a problem. I get the alert and call the store, usually before they even know it’s down.

 

OLYMPUS DIGITAL CAMERA

         

4 Tips for SMBs During Internet Safety Month

Happy June and Happy Internet Safety Month! In a world where one in five IT professionals has experienced a malicious attack on their systems or accounts in the past year, Internet safety and security are more top of mind than ever.

As a small business, you need to be smart about how you protect your most valuable data and information, and we’re here to give you to the tools and resources to protect your organization. It’s important to understand possible threats, identify your organization’s security weaknesses, and establish processes to address internet and device safety, and protect the organization from risks.

Over the next four Fridays in June, we will offer up a new tip for SMBs on how to handle internet safety in their company.

Tip #1: Create Internet Browsing Awareness: Whether it’s while perusing websites or checking email, employees need to be aware of suspicious activity and links. As a company, establish internet browsing guidelines. For example, do you block all social media? Video streaming? Music streaming? Also what categories of sites do you block due to inappropriate content or potentially suspicious activity? Put these rules and regulations into a document that you share with employees on their first day of work and post it where it can be found at any time.

Email fraud and phishing is another very serious threat, mostly because of how common it is. According to recent research we conducted, phishing is a top 3 concern among IT teams (behind malware and hacking).  Prepare employees to look for potential phishing attempts that are designed to steal personal and valuable information. Safeguard your company by understanding the key signs of a fraudulent email and communicating them to employees. Have employees ask the 5 questions below if they suspect a phishing attempt. If they can answer ‘yes’ to one or more, the email might be suspicious.

Stay tuned next week for Tip #2 in support of Internet Safety Month!

 

         

Customer Spotlight: Running a Live Performance with Chicago Symphony Orchestra

Earlier this year we traveled to Chicago, Illinois to visit with Dan and co. at the Chicago Symphony Orchestra (CSO), where they’ve been using Central for nearly a decade.

What we love about Dan and the CSO (other than the fact that they’re long-time users of Central) is how they embody that behind every great company, organization, or even performance, is an IT team, working at all hours from wherever they might be to keep everything up and running. As outsiders, we usually don’t see all that goes on behind the scenes and the CSO is a great example of what goes into ensuring an entire orchestra is able to perform night after night.

Dan and his team use Central on a daily basis to ensure that all of their computers and servers around the orchestra are up and running. With Central, they’ve made impressive improvements to their IT processes, including cost savings on licensing and hardware, decreased IT time spent on support requests, and increased proactive identification of critical software updates and machine health.

Watch the whole story here: