The Surprising State of IT Security: 4 Key Trends Revealed

Whether it’s malware or hackers or viruses, they pose significant threats to businesses and companies around the world, and rightfully so. These continue to evolve – and get smarter – making risk management a consuming task for IT teams and MSPs. According to the AV Test Institute, there were over 700 million known malware instances in 2017 and that number continues to rise year over year. What’s even scarier is how commonplace breaches and attacks are – almost 60% of IT teams have experienced a breach or attack at some point.

But rather than becoming more skilled at handling these threats, IT teams are more challenged by them now than ever before. And there are plenty of reasons for that. With the proliferation of devices such as laptops, smartphones, tablets, and the rise of account-based information that lives in the cloud, employees and companies are more at risk than ever, and IT teams are scrambling to keep up with rapidly-changing tech behaviors.

In our research study, we heard from 500 IT professionals on everything related to anti-virus and security management – their current processes, challenges, and overall take on the overwhelming task of protecting their computers and customers from threats. Check out the infographic below to learn the 4 trends we uncovered in the current state of IT security.

LogMeIn_State_of_IT_Final_standard_res

         

Solving for a Lack of IT Visibility & Control

Technology is a double-edged sword for IT. On one hand, it makes life easier with instant access to information, eliminates traditionally manual tasks, and allows us to better protect and manage the IT environment. On the other hand, it’s given a new life to rogue employees who can sign up for accounts and conduct business completely outside of IT’s line of sight and certainly out of their control.

You can’t protect what you can’t see. That is the elusive problem known as shadow IT. The challenge is gaining visibility into this hidden world, knowing the applications that are in use, and protecting company data without impacting the employee’s productivity.

This problem is largely based on the use of employee-introduced, non-sanctioned cloud apps. Last October, Ovum released research finding that 78% of IT executives say they do not control all the cloud apps their employees use for work, and a quarter say they only control half of the cloud apps being used through the organization.

With no oversight of these apps, there is little protection against the exposure of sensitive corporate data, with an unknown quantity of touch points and security behaviors outside the control of the IT team. Companies must put the right policies and technology in place to address password problems, without becoming the enemy of the employees.

Almost 68% of those surveyed by Ovum acknowledged that these open doors open the company to significant risk, whether that’s a phishing attack, ransomware, or social engineering attack. However, the challenge is how to address these risks without taking up even more time of the IT team’s already full plate.

How IT Can Take Back Control

While it can appear overwhelming to tackle the problem of shadow IT within your business, it doesn’t have to be. To help you approach this problem, we’ve provided three critical steps to get you started on taking back control of the apps and security of your organization:

  • Audit your employees’ cloud apps – As we said before, you can’t protect what you can’t see, and the first step to seeing all the apps in use is to ask. Do an audit of all the apps and tools that employees are using through a survey. Even if you don’t capture everything, you’ll learn about many of the tools in use and raise awareness with employees that IT needs to be in the loop as they bring in new apps. Once you have a clearer picture of your business’ app ecosystem, start to consider Single Sign-On and password management tools to give you management over those apps that give you visibility into usage and allow you to enforce policies that keep those accounts more secure.
  • Setup automated software updates – Don’t get caught with outdated software, which was the catalyst for the Equifax breach back in September 2017. This is an easy fix. Leverage endpoint management technology like LogMeIn Central, which enables you to pair the ability to push patch updates, with the ability to automate the process and setup alerts so a service is never outdated for long.
  • Require multi-factor authentication (MFA) – If you haven’t already, introduce your employees to multi-factor authentication. Start with your user directory, whether it’s Active Directory, Azure or G-Suite, and require employees to add this second layer of protection to the account. Once employees are comfortable with MFA on their email, they’ll be more comfortable adding it to other apps as well.
         

Customer Spotlight: Running a Live Performance with Chicago Symphony Orchestra

We at LogMeIn traveled to Chicago, Illinois to visit with Dan and co. at the Chicago Symphony Orchestra (CSO), where they’ve been using Central for nearly a decade.

What we love about Dan and the CSO (other than the fact that they’re long-time users of Central) is how they embody that behind every great company, organization, or even performance, is an IT team, working at all hours from wherever they might be to keep everything up and running. As outsiders, we usually don’t see all that goes on behind the scenes and the CSO is a great example of what goes into ensuring an entire orchestra is able to perform night after night.

Dan and his team use Central on a daily basis to ensure that all of their computers and servers around the orchestra are up and running. With Central, they’ve made impressive improvements to their IT processes, including cost savings on licensing and hardware, decreased IT time spent on support requests, and increased proactive identification of critical software updates and machine health.

Watch the whole story here:

         

Don’t Leave Your Endpoint
Protection to Chance

News coverage of recent cybersecurity attacks shines a glaring spotlight on the vulnerability of our endpoint infrastructure in this increasingly technology-dependent world.

Exploits in the News

When the WannaCry ransomware infected more than 300,000 computers in over 74 countries in May 2017, it forced the UK National Health Service to turn patients away, resulted in a two-day shut down of LG self-service kiosks in South Korea, affected more than 40,000 businesses in China and threatened thousands of individual systems.

According to a New York Times article, the hackers behind the attack leveraged a hacking tool they stole from the National Security Association (N.S.A.) called “Eternal Blue.” Eternal Blue enabled the rapid spread of WannaCry by exploiting a vulnerability in Microsoft Windows servers. Even though Microsoft had addressed the vulnerability via a patch in a March software update, large volumes of computers weren’t up-to-date to defend against this attack.

The incident was quickly followed up by other global ransomware attacks including Petya ransomware initiated in June, and the series of Equifax data breaches which started in May and were discovered in July before being reported to the public 6 weeks later. The Equifax breaches, like the WannaCry attack, were enacted by exploiting a software vulnerability that the firm attempted to patch months prior to the attack.

Costs of Exploits

Incidents like these are more common than you might think. According to a study conducted by Ponemon Institute and sponsored by IBM security, the probability of experiencing a data breach is 1 in 4 and costs around $141 per record on average. If your company or the clients you serve have as few as 20k records, that’s equivalent to $2.8 million dollars at risk.

Proactive Prevention

Protecting systems from costly exploits, like just the few we mentioned, falls on IT. It’s imperative to have a centralized approach to maintaining machines and keeping them up-to-date with the latest software patches that are vital to protecting your overall network. Automating updates and patch deployment will ensure that your systems aren’t left unprotected and can save hours of time over updating each endpoint manually.

If you’re not managing or automating this critical function yet, try LogMeIn’s Central Premier for free for 14 days or request a demo from one of our Central pros. Make security your #1 priority and protect your endpoints today!

         

New LogMeIn Pro Status Page Now Live

 

Busy professionals rely on LogMeIn Pro to securely remote into their computers and get their work done from anywhere. Because reliable connectivity is a crucial aspect of remote access, we’ve built LogMeIn Pro with security being the most important design objective. Today, as a further commitment to our customers, we announce the launch of a new status page to keep you fully informed of our service status and historical up-time.

Visit http://status.logmeinaccess.com/ to view our status page that shows the current state of the LogMeIn Pro service. Powered by Atlassian’s monitoring  service https://www.statuspage.io/ our administrators and users have access to the #1 status and incident communication tool.

We’re committed to keeping your connections completely secure and reliable, and we’ll always keep you fully informed regarding any product incidents and updates. For real-time updates, be sure to subscribe to receive notifications via email, text or phone.

         

PHISHING ALERT: PoS Malware Mimics LogMeIn Software Updates

As part of our ongoing commitment to security, we want to make our users and the public aware of a new report of malicious software impersonating LogMeIn updates to Point of Sales (PoS) systems.

On Friday, January 19, 2018, a security researcher from Forcepoint (https://www.forcepoint.com/) reached out to LogMeIn’s Security Team and provided details on a suspected PoS-based malware. According to our investigation, the malware is intended to deceive an unsuspecting user into executing a malicious email, link or file, possibly containing the LogMeIn name.

This link, file or executable is not provided by LogMeIn and updates for LogMeIn products, including patches, updates, etc., will always be delivered securely in-product. You will never be contacted by us with a request to update your software that also includes either an attachment or a link to a new version or update.

This potential malware is being delivered through channels independent of our solutions and we have no evidence at this time to believe that the LogMeIn environment or our products have been compromised as a result thereof.

As always, we encourage users follow standard best practices to safeguard their accounts against phishing and social engineering which include:

  • Only accept updates directly from within your LogMeIn product. We will never deploy a software update via email.
  • Beware of phishing attacks. Do not click on links from people you don’t know or that seem out of character from your trusted contacts and companies.
  • Turn on 2FA for email, and other services like your bank, Twitter, Facebook, etc. Two-factor authentication remains one of the most effective ways to protect your account from targeted attacks.
  • Set a strong, random password for email and for every online account.

As with all suspicious emails, please read carefully and review the website links in these messages. Please be sure to delete these messages if you receive them.

         

Four Key Components of an Endpoint Management Solution

 

 

Endpoint management is increasingly becoming a top priority in the IT community. It’s defined as the ability to centrally discover, provision, deploy, update, and troubleshoot endpoint devices – including, but not limited to, laptops, desktops, or servers – within an organization. An endpoint management solution feature set is pretty extensive, but the typical features include asset management, patch management, mobile device management, operating system (OS) or application deployment, remote control, and anti-virus management. With so many features falling into the endpoint management bucket, I’m here to help you focus on the four key components of an endpoint management solution.

Patch Management

Patch Management has been a hot topic as of late given the first major cyber-threats of the new year – Spectre and Meltdown. A good endpoint management solution allows you to discover and apply patches to all devices within your endpoint infrastructure. The advantage of leveraging endpoint management technology is that by pairing the ability to patch with alerts and process automation, it enables you to be more productive and proactive securing your endpoints.

OS Deployment

Save time and resources by automatically deploying an operating system to your endpoint infrastructure. An endpoint management solution enables you to deploy an operating system to one or all your endpoints with little to no disruption to the end user. Operating systems have and continue to be a large target for cyber threats which is why having a patch management solution to compliment OS deployment is critical.

Application Deployment

It’s becoming more common for employees to bring their own applications into the workplace – Spotify and Slack just to name a few. Add that to other employee-shared applications like Adobe or Java and the difficulty of managing these applications skyrockets. An endpoint management solution not only lets you manage applications within your ecosystem, but also enables you to monitor your endpoints for software that is outdated or at risk, push software updates directly to one or multiple endpoints, manage and perform multiple updates silently without interruption to end users or remote endpoints, and automate software updates on endpoints to prevent future issues.

Asset Management

A good endpoint management solution collects all the important details about your assets regarding the hardware, software, operating system, and applications running on a given endpoint. It stores this information in a single location – usually in the form of a list view or dashboard – for easy reporting.

If you would like to take a look at an endpoint management solution, try LogMeIn Central Premier for free today.

         

What We Know About The Latest CPU Bugs Meltdown and Spectre and Steps You Can Take to Protect Your Organization

On Wednesday, January 3rd, two CPU bugs were discovered that could impact billions of devices worldwide. These two security flaws, known as Meltdown and Spectre, target most computer processing systems making it possible for attackers to steal sensitive data – including passwords, banking information, and encrypted communications.

Meltdown and Spectre: What Are These New Security Flaws?

Let’s start with Meltdown. Affecting Intel processors, Meltdown enables attackers to bypass the hardware barrier between applications that are being run and the computer’s memory – allowing for them to read a computer’s memory and steal passwords.

Spectre, on the other hand, breaks the isolation between different applications allowing attackers to essentially trick those applications into giving up valuable information. Spectre’s impact is larger given it affects Intel, AMD, and ARM processors. This expands its reach to include a multitude of devices, essentially anything with a chip in it.

Combined, these two bugs affect virtually every modern computer, including laptops, smartphones, tablets, and PCs from all vendors, running almost any operating system.

What steps can be taken to reduce the risk of being exposed to these two bugs?

Three steps your organization can take to reduce the risk of being impacted by these two security flaws are to patch your systems with the latest update, monitor CPU usage, and continue to keep an eye on this evolving threat.

  • Patch Your Systems

Patch Management is an essential part of securing your IT infrastructure. Meltdown and Spectre can impact devices running just about any operating system – including Windows, Mac, and Linux – or application leaving just about every organization at risk. Intel and ARM have issued patches that they deem will make your systems immune to these two bugs – but this requires users to download a patch and update their operating system to fix. If you have not already applied the necessary patches, make sure to do so as soon as possible.

  • Monitor CPU Usage

Because these two bugs target CPUs, be sure to continuously monitor CPU usage on all machines in your ecosystem. If you notice any unusual activity, be sure to raise a red flag to your IT leadership and explore the situation further.

  • Keep An Eye On This Evolving Threat

It has only been a few days since these security flaws were identified. More information is sure to surface over the coming days and weeks – including critical information from the security researchers who identified these flaws as well as the impacted providers Intel, AMD, and ARM.

         

Introducing Application Updates for Central Premier

Today we’re excited to announce the release of Application Updates for LogMeIn Central Premier. Application Updates is a patch management feature that allows IT professionals to effectively monitor third-party applications that require updates and automate the deployment of patches to their managed network.

Update Third-Party Applications

With more and more vulnerabilities surfacing every day, keeping your systems update-to-date and secure can be time consuming and costly. Unpatched third-party applications like Adobe, Java, Chrome, and Firefox leave your systems susceptible to attacks and security breaches.

With Application Updates, users can quickly and easily monitor, push updates to applications, perform multiple updates simultaneously, and automate the process of updating software to stay ahead of potential issues and keep their managed network up and running.

Complete Patch Management

As the threat landscape continues to evolve, the need for IT professionals to protect and manage their end points both efficiently and effectively becomes more and more challenging. Patching is an essential part of securing systems from potential vulnerabilities, and cyber-attacks against unpatched software can be completely eliminated with the right solution.

With Central Premier, IT professionals are now equipped with a complete, dedicated view of their endpoints that require important security patches and software updates. Quickly deploy updates to anti-virus software, operating systems, and third-party applications, remotely and automatically, without taking up more time from your day. As the leading remote access platform, LogMeIn now provides IT professionals with the ability to confidently address not only the management, but also the security of their managed network.

Application Updates is included in Central Premier subscriptions at no additional cost, and is now generally available.

         

Discontinuing LogMeIn Authenticator

Our product development efforts at LogMeIn have always centered on enabling employees and individuals to simply and securely connect to their devices and applications. Today, we notified users of our plans to discontinue the LogMeIn Authenticator, our dedicated two-factor authentication app, on December 31, 2016.

Designed to simplify the second factor authentication process to a single gesture, we’ve built a superior product with a better user experience in the LastPass Authenticator. A LogMeIn product and free mobile app, the LastPass Authenticator delivers a unique one-tap password verification experience and can be used on hundreds of popular applications and websites such as LogMeIn, LastPass, Google, Amazon, Salesforce, and more.

We recommend users migrate their two-factor authentication enabled online accounts over to the LastPass Authenticator before the end of the year. The app can be downloaded from:

For step-by-step instructions on how to enable the LastPass Authenticator for your LogMeIn accounts, please click here.