LogMeIn announced that LastPass, its password management and identity solution, has reached 25.6 million users worldwide. LastPass was founded 12 years ago to create and manage passwords, and Just over a decade later the platform assists millions of users. Besides, 70,000 firms use the tool globally to improve their cybersecurity and protect their digital assets.
With the COVID-19 crisis and the need for more and more digital services, the company saw its business thrive even more. In talks with LABS, Vanessa D’Angelo, Head of Marketing Latin America at LogMeIn, reported a jump in the search for the solution by both users and companies due to remote work, even though LogMeIn does not provide data on the growth during the seven months of the pandemic. “Companies are concerned with protecting their teams that are remote,” she said.
Although LogMeIn does not divide user numbers by region, North America is home to the majority of companies and people using the solution. “On all continents, the number of users is divided similarly, but North America ends up standing out more.” LogMeIn’s global clients include Harvard University, Pinterest, Udacity, Tinder, Princeton University, and Salesforce.
In Brazil, LogMeIn saw an increase in demand for LastPass due to the General Data Protection Law (LGPD, in Portuguese), enacted on September 18. Originally approved by Brazilian lawmakers in 2018, it provides that companies must comply specifying to the user how the data collected will be used and for how long they will retain possession of it, besides forcing companies to destroy the data after its purpose is achieved, if requested by the user. “This demand has come in recent months, because [the law] demands the preservation of information. LastPass has been a support tool for the LGPD,” said D’Angelo.
Companies operating in Brazil have been looking for the platform to be compliant, according to D’Angelo. LastPass is not an essential tool for adapting companies to the standard but, according to D’Angelo, the platform is an “appendix to LGPD”. When making changes to comply with the law, techs also started looking for a password safe and options for storing sensitive information, which is the LastPass area of operation: storing the user’s identity.
“It’s not like, ‘I have LastPass, I’m protected by LGPD’, that’s not it. But it’s a situation where you have data protection on your company’s team. You know that it is not accessed. You know that is preserved. It is in this sense of having one less headache”.
From LogMeIn’s offices in Brazil and Mexico, LastPass serves all of Latin America. “Both countries are very important. Brazil brings a little more, due to the territorial expansion and the time of LogMeIn’s activity in the country. Mexico has been growing exponentially too,” she said. The expansion plans, according to D’Angelo, will be discussed. This is because, with the pandemic, it was seen that there is no need for a physical office to operate in other countries.
Preserving the security of companies during the transition to remote work
LastPass guaranteed the protection of its customers during the transition to remote work. The tool helps employees not to rely on passwords, and alerts them when personal information is at risk. “The cool thing about this sample of 25 million users is that it allows us to do annual surveys with the public that uses the tool to study user behavior. What matters to us is not only the number of 25 million, but it is how these 25 million are behaving. And that makes us update the product to better serve, “said D’Angelo.
LogMeIn surveys show that 80% of hacker attacks happen through weak and repetitive passwords. D’Angelo points out that the fragility of information security in companies is not something corporate, but a problem for the individual user. This happens because the user usually maintains the same password pattern from personal life to corporate life. Thus, hackers can identify repetitive patterns, verify where the user works, and through an individual failure cause a problem in the company.
“We know that generally in the corporate environment people have 50 passwords on average for memorizing, which is humanly impossible”, she says. When it comes to advertising and digital marketing agencies, that number of passwords practically doubles, because these companies have to memorize passwords for customers’ social networks. “There, teams take turns at different times. And how are these passwords shared? If the post-it is not pasted on the monitor, it will be an Excel spreadsheet, which may even have a password, but is easily broken by a hacker”, she states.
Even though the company’s IT department establishes that the employee uses a password pattern with numbers, letters, symbols, and uppercase and requires the change every 40 days, this does not mean that the password will be efficient. It is possible that the employee changes the password and only adds the sequential numbers: 1,2,3 at the end, as explained by the Head of Marketing. “We are human. We search for the easier way. How can we put this responsibility on the user?”
To protect user identity in the cloud, LogMeIn expanded LastPass beyond password management in 2019 with the launch of LastPass Identity, a solution that combines password management and SSO (Single Sign-On) functionality with adaptive authentication multifactorial (MFA). Through this latest version, LastPass uses facial recognition. “Our goal is to eliminate passwords to end problems and bring security,” says D’Angelo.