Make Your Business More Cyber Aware

Closeup of business people working

We talk a lot about security here at LogMeIn, especially with our recent partnership with Kaspersky Lab, and given that October is National Cyber Security Awareness Month (NSCAM), it’s an ideal time to refresh some of your company’s security practices.

As a small business or an IT lead for a larger company, you’re maintaining a large amount of technology, devices, users, and much more. But there are a few areas where you can make quick improvements to better secure your company’s important information. Check out this list of items you can address fairly quickly and make quick improvements to your security:


From WiFi to VPN, make sure your company networks have strong, secure and protected passwords. Enable strong encryption (WPA2 and AES) and require authentication as needed. For the WiFi, set up multiple networks for each use case – one for employees, guests, IT, development, etc – to help eliminate disruption and security breaches impacting the entire company. Also consider the physical security of your network equipment – is it stored in the open where anyone can access, or is it stored away hidden from potential theft?

Mobile Devices

It’s likely that many of your employees are using more than just their desktop or laptop to access company systems and information. Make sure those devices are secure as possible, including requiring a passcode that enables you to wipe the device in case it is lost. On top of the passcode, use finger swipe authentication for additional security.

POS Devices

Many LogMeIn users are managing not just computers, but also POS devices. Those machines should be just as secure as others with strong, secure passwords that are changed frequently, if not automatically, and enabled with both user and admin access. You’ll also want to set up anti-virus protection on these machines; it’s likely they don’t receive as frequent maintenance as a laptop or desktop computer so anti-virus monitoring is critical to ensuring the machine is free from malware and threats.

File Storage

Whenever you’re using a cloud-based file storage and sharing solution, you can enable authentication for those user accounts as well. And if possible, set up application-level encryption to protect that data. You can also choose to restrict the locations and devices where data and files stored in the company account can be stored so you always know where that data is going.


Our friends at LastPass have done a great job at highlighting the importance of good password practices, not just at home, but at work as well. The three key tenants that your company should adopt is secure, unique passwords for each account, use of two-factor authentication, and use of a password. Start with employee education on secure password practices and take steps within your team to roll out 2FA. While these are just a start, these steps will greatly improve your company’s security.


Plans to Retire Cubby


Today, we began notifying Cubby users and customers of the decision to retire Cubby, our file sync & share offering. Since its debut in 2013, Cubby has provided a unique file sharing experience for millions of individuals and businesses and this difficult decision was made after much deliberation and consideration.

LogMeIn’s long-term investment strategy is focused on three key technology markets — Collaboration, Identity & Access Management, and Customer Support & Engagement – and we are aligning our product development efforts accordingly to best serve our customers rapidly evolving needs. With such focus comes tough decisions around the future of products that don’t fully align with our strategy, and after careful consideration and evaluation, we have reached the difficult, but none-the-less important, decision to discontinue Cubby.

Our users are our top priority and chief concern with this change, and we are taking steps we believe will help existing Cubby users safely and securely migrate to alternative cloud-based offerings, whether to LogMeIn or other trusted companies.

Cubby Free users will be given until November 16th to migrate away from Cubby, and can choose to move to another free service – LogMeIn is recommending Dropbox and OneDrive – or a paid service, including LogMeIn Pro. Cubby Pro and Enterprise customers will continue to have full access to Cubby, both their files and full product functionality, through their account’s expiration date plus an additional 30 days to allow more time to evaluate options and complete the migration of their files.

Here is a quick tutorial on how to move your files out of Cubby and into another service like Dropbox.

We understand that with any change comes questions and potentially concerns.  Here are a few FAQs to explain what we anticipate will be the most common questions for our users:

  • How are you notifying customers?

All Cubby users are being notified of this decision by email and in-product notifications. Our users are our top priority and chief concern with this change, and we are taking steps we believe will help existing Cubby users to safely and securely migrate to other cloud offerings, whether from LogMeIn or from other trusted companies.

  • Will you offer cloud storage and file sharing capabilities in any of your other products?

LogMeIn will continue to offer cloud storage and file sharing capabilities as key features in our other products – for example both LogMeIn Pro and both offer these features – but we will no longer package them as a separate product.

  • How long will Cubby users have access to their files?

Cubby Free users will be given until November 16th to migrate away from Cubby, and can choose to move to a free service – LogMeIn is recommending Dropbox and OneDrive – or a paid service, including LogMeIn Pro.

Cubby Pro and Enterprise users will have full access to Cubby – both their files and full product functionality – through their account’s expiration date plus an additional 30 days to allow more time to evaluate options and complete the migration of their files.

For more information pertaining to your Cubby Basic, Pro or Enterprise account, please read our detailed FAQs here:


Phishing Alert: Fake Emails Mimic LogMeIn Activation Emails

In light of recent news around the Yahoo breach, we are getting reports from both the general public and LogMeIn customers about suspicious emails that are designed to look like they are coming from LogMeIn — they have all the hallmarks of phishing attempts.

All of the reports are meant to look like a LogMeIn activation email. The email subject line is: Activate your account” or “Verify your new LogMeIn ID.”

We want to make it clear that these did NOT come from LogMeIn and people should NOT click on the links in these emails.   While we are working with our partners to remove these malicious websites, as part of our commitment to security, we want to make sure our users and the public are aware of this specific email, and we wanted to share what we’ve learned, as well as provide an easy way for people to identify the tell-tale signs of phishing attacks.

View the entire post on our corporate blog at


LIVE: LogMeIn & Kaspersky Lab offer best-in-class security & control

Today is the day! The Kaspersky Lab integration is now available in Central Premier accounts. This exciting new partnership allows admins to install best-in-class anti-malware software onto their managed computers.

Now with LogMeIn Central, you can centralize your IT automation and anti-malware needs into one tool for easier, more efficient management, including:

  • Award-winning defense against malware
  • Easily identify threats from a single dashboard
  • Proactively support endpoints with scans, real-time protection, and more

The Kaspersky anti-malware software is now available in Central Premier subscription packages at no additional cost.

To get started, simply log in and click on the “Anti-virus” dashboard in the left-hand column. On the AV dashboard, select the computers on which you want to install Kaspersky anti-malware and select the “Actions” menu at the top, then click “Install Kaspersky.”


Not a Premier customer? Contact sales for a demo of Kaspersky Lab or visit our site to learn more start a free trial of Central Premier.



The Surprising State of IT Security: 4 Key Trends Revealed

Whether it’s malware or hackers or viruses, they pose significant threats to businesses and companies around the world, and rightfully so. These continue to evolve – and get smarter – making risk management a consuming task for IT teams and MSPs. There were over 400 million known malware instances in 2015 and that number is on the rise in 2016. What’s even scarier is how commonplace breaches and attacks are – almost 60% of IT teams have experienced a breach or attack at some point.

But rather than becoming more skilled at handling these threats, IT teams are more challenged by them now than ever before. And there are plenty of reasons for that. With the proliferation of devices such as laptops, smartphones, tablets, and the rise of account-based information that lives in the cloud, employees and companies are more at risk than ever, and IT teams are scrambling to keep up with rapidly-changing tech behaviors.

In our latest research study, we heard from 500 IT professionals on everything related to anti-virus and security management – their current processes, challenges, and overall take on the overwhelming task of protecting their computers and customers from threats. Check out the infographic below to learn the 4 trends we uncovered in the current state of IT security.




This excerpt is from a post that originally appeared on our official corporate blog: 

“…Today we began proactively resetting some LogMeIn users’ passwords. So we wanted to let both these users and the rest of our customer base understand why. The short version is these users’ credentials were on a list making the rounds on the web — credentials taken from high profile breaches at companies like LinkedIn, Tumblr and MySpace. Here’s a bit more.

What happened?

As you may have seen in the news, lists of hundreds of millions of user credentials taken from past breaches (mostly at social networks) are now being used for a variety of recent nefarious activity on high profile sites like Netflix and Facebook.

LogMeIn actively looks for situations where the accounts of our users could be at risk—even if the threat is external to our service. In this particular case, we identified users who may be at risk because of password reuse. Out of an abundance of caution, we proactively reset those users’ LogMeIn passwords…”

View the entire post on our corporate blog at




Why CAPTCHA (and how do you turn it off)?

Your security is our first and foremost interest. Your experience is an incredibly close second. So we want to protect you in the most friction-less way possible. To that end, we’ve just started using a CAPTCHA check when you login to, LogMeIn Pro, LogMeIn Central and/or Cubby. But we understand it does add an extra step that some users may not want. So here’s a quick take on why CAPTCHA is a good thing when it comes to protecting your account…and how you can turn it off if desired.


Simply put, CAPTCHA stops most brute force attacks. That is, it stops bad guys who are trying to run hundreds, thousands or millions of login attempts against popular online services to gain access to individual user accounts. You’ve likely heard the recent stories, but if you haven’t, millions of social media accounts are reportedly on sale. Worse is there is lots of evidence that hackers are counting on users’ reusing these across other services.  CAPTCHA largely protects against such attempts.

How to turn it off:

CAPTCHA should help as an extra layer of protection against password reuse, in that it protects against automated, big scale attacks that rely on such reuse. Even better is changing your password. So if you want to shut off CAPTCHA, all we ask is that you reset your, LogMeIn or Cubby password. Here’s how you can do that.


Secure Password Practices for IT Teams and Employees

Closeup of using modern mobile phone with email icons around it.

We’re halfway through June and I’m sure you’ve read more best practices and tips on Internet safety than you can even recall. However, our focus for today is one you don’t want to overlook. Today, we’re talking passwords – both what you can do from an IT perspective and what you can recommend to employees.

In previous posts, we’ve talked about how employees tend to be our biggest weakness when it comes to security; poor or uninformed habits open the door for phishing attempts and hackers. One of those biggest doors is through passwords, which we now use in nearly every facet of our workday – computer logins, wi-fi access, email, servers, and so much more. Knowing that almost two in three consumers (65%) either mostly or always use the same password, and nearly half store (and share!) passwords in a spreadsheet, it’s not difficult to see how serious problems could stem from password habits.

Tip #3: Establish password policies: Almost a quarter of people do not consider themselves informed on the best practices for password protection, so you can enhance your company security with a rather simple focus on passwords.

On the corporate/IT systems end, set up requirements for employees, including mandatory password changes every 30, 60, 90 days (you choose the increment), requirements for strong passwords, and enabling two-factor authentication on all systems that house important data.

For employees, setup a password security crash course and highlight the value this has not only on their work life, but also helps them prevent a breach in their personal accounts as well.  Educate employees on what it means to have secure passwords. This means not only creating strong passwords for your accounts, but also not sharing them with co-workers, friends and family, using a password manager to store passwords, changing passwords often, and using unique passwords for multiple accounts. Also, it might sound like a no-brainer but make sure employees are not using the same passwords for both personal and work accounts.


Educate your employees during Internet Safety Month


In honor of Internet Safety Month, we’re offering up some of our best tips that help small businesses keep their employees and company information safe from fraud and hackers.

Your company is only as strong as your least-informed, most insecure employee; nearly 30% of companies say employee apathy is a big threat to their company’s security. It’s worth the time and investment in educating your employees, reinforcing the risks of weak security habits and instilling good habits, which is the focus of this week’s Internet safety tip.

Tip #2: Establish device management policies: It’s clear that how we get work done every day has changed dramatically in the last 10 years. It’s becoming much more uncommon to find desktop computers and the prevalence of laptops, tablets, and smartphones in the workplace has risen dramatically. With these devices, employees are able to work out of the office far more frequently. But that means IT teams need to be even more diligent with device management and BYOD policies, including encryption, firewalls, VPN requirements, and more.

However that’s only one side of the problem. Be sure to instill good practices with your employees. Encourage them to lock their computers before walking away from them or keep them securely stored somewhere while traveling, especially while traveling in places like airports or hotels. Also be sure employees understand not to connect outside devices – like external hard drives – to their work computers because of the risk of what those devices might bring to the computer.

Check out Tip #1 on safe browsing practices and stay tuned next week for another tip!


Customer Spotlight: Tom Hayden, Store Systems Manager at Cosi Restaurants


A few weeks ago, we had the opportunity to speak with a few of our local Central customers at our Boston office, and one of those customers was Tom from Cosi, a nationwide fast-casual restaurant group – he’s been using Central for many years now at multiple companies and currently keeps all of Cosi’s POS terminals online with LogMeIn.

Here is a snippet of our conversation with Tom about how he uses Central in his day-to-day:

Let’s start off with what your role is and how you use Central.
I manage all of our POS systems at Cosi based here in Boston, and I use LogMeIn to manage all POS machines in every corporate and franchisee location across the country. We have over 500 terminals. I have to meet PCI compliance and LogMeIn is basically one of the only secure ways out there right now, especially with SSLs. Other than that it’s a VPN connection.

How did you first learn about Central?
Previously I worked for Elephant & Castle and while I was there, I implemented Central. Everywhere I go, LogMeIn follows. It’s a great product and easy to use. At Elephant & Castle they were using PC Anywhere and we had to connect to the network with a VPN, and I really don’t like that approach. It’s archaic and slow. So I rolled out LogMeIn to all of our machines. It was a no-brainer.

On a daily basis, what do you turn to Central for?
We use Central for anti-virus management to meet our PCI compliance requirements, as well as two-factor authentication. And I look at the reporting in Central to see if any threats have come in. In addition to that we use Central for installing new software and running scripts remotely.

We use an outsourced helpdesk to manage our help desk tickets and they all connect through Central. With that setup, we’re always actively creating new accounts and moving accounts out as end users get hired with the helpdesk vendor.

What keeps you using Central?
It’s simple. If the POS isn’t up, we don’t make money. With LogMeIn, I have an alert that goes out when a POS terminal is offline for 15 minutes. When it’s down for 15 minutes, there’s a problem. I get the alert and call the store, usually before they even know it’s down.