MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe

Empowering Your MSP Business to Grow and Prosper—One Post at a Time

5 Ways to Improve Your MSP Service Level Agreement (SLA)

Featured Post

5 Ways to Improve Your MSP Service Level Agreements (SLAs)

SLAs are the foundation of your MSP business. They are essential to building strong client relationships and must be clear, reasonable and well-constructed.

Read Now

CONTINUUM PARTNERS: Important Information Regarding Heartbleed - Update LogMeIn

Posted April 12, 2014by Hunter Smith

Yesterday, LogMeIn announced that LogMeIn Pro used OpenSSL and released new versions for Windows and Mac that fix the vulnerabliity. We have been working with LogMeIn to ensure we have all required information to advise you on needed actions. Most of the resources Continuum monitors are already updated with the fixed version of LogMeIn Pro, however approximately 10% of servers and 30% of desktops are not. 

In order to ensure your clients are no longer vulnerable, there are two critical actions to take immediately:

1. Verify machines have the updated version of LogMeIn Pro:

a. Windows: 4.1.0.4144 or above
b. Mac: 4.1.0.4145 or above

2. Once this verification is complete, change all passwords that can be used to access those machines or applications running on those machines. (more detail below)

You will find detailed instructions for verifying the version of LogMeInPro and many of the steps below at here. If you find sites or resources running an earlier version of LogMeIn Pro, we recommend these actions:

3. Check that your security restrictions do not block access to logmeincdn.http.internapcdn.net. If this URL is not accessible from any endpoint, LogMeIn will not be able to auto-update itself.

4. Be sure all machines are turned on and have network access.

5. Confirm that auto-update is enabled on each machine.

6. Use the Check Updates button in the LogMeIn Control Panel to force an immediate update.

7. If this fails you can run an executable to update to the latest version.

8. Please contact the NOC Product Support Team via chat for assistance if needed.

 

Password Details

For maximum security, we recommend that you work with your clients to change every password in their environment. We also recommend that you change any password stored in the ITSupport Portal including passwords stored in the Password Vault, Application Vault, NIF and Free Flow. As communicated Thursday, the ITSupport Portal was not vulnerable to Heartbleed;  however, because any password stored in the Portal could have been exposed during remote access (which uses LogMeIn), all passwords should be changed immediately.

We hope you find this information useful as we all work to respond to Heartbleed. Continuum is continuing to work on ways to help partners keeps their environments secure. Please watch our communications and blog for more advice and notifications.

 

For more information about Heartbleed as it relates to Continuum's portals, please view our blog post from Thursday

As Chief Information Officer (CIO), Hunter is expected to take Continuum's IT operations to the next level of performance as our company continues its rapid growth and expansion. Most recently, Hunter served as Senior Vice President and Chief Technology Officer for Acadian Asset Management. Prior to Acadian, Hunter held positions at Plymouth Rock Companies as Director of Enterprise Technology Services as well as positions at Hobbs/Madison, MFS Investment Management and CSC Consulting. Hunter has a bachelor’s degree in computer science from Dartmouth College. He is responsible for all IT resources for Continuum’s U.S. and India locations.

RMM 101: Must-haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus