LogMeIn enjoys bolstered application security with fine-grained control through Cloudflare.
LogMeIn is one of the world’s largest SaaS companies with over 3,000 employees and $1 billion in annual revenue. LogMeIn’s platforms support 25 million users and 200 million customer engagements per year. LogMeIn’s suite of products includes GoToMyPC, which is a remote desktop software allowing users to log in and control computers remotely.
LogMeIn’s Challenge: Enhancing Control Over Application Security
With GoToMyPC, LogMeIn needed to ensure the highest levels of application security to maintain customer trust with their sensitive information. GoToMyPC’s team had implemented effective security, but were frustrated with it’s binary functionality. “We had DDoS mitigation in place,” explained Ben Hamilton, Information Security Architect at LogMeIn, “but the mitigation was all or nothing. It wasn’t content aware.” Having all or nothing mitigation meant that when mitigation was turned on, legitimate GoToMyPC traffic could also be affected. While this solution kept GoToMyPC’s platform secure, the team was looking for a smarter system that would be “always on” and only filter out malicious traffic while keeping normal traffic running smoothly.
LogMeIn’s Solution: Smart, Powerful Application Security
“We did a product evaluation with 3-4 different vendors,” related Hamilton. “We were looking for security providers with API driven capabilities and we didn’t want an on-premise solution that we’d have to scale horizontally. We wanted to be able to scale dynamically, so we chose Cloudflare because it provided the high level of security we wanted with the scalability and features we were looking for.”
LogMeIn now uses Cloudflare’s DDoS mitigation, Web Application Firewall (WAF), and Rate Limiting to protect GoToMyPC. Cloudflare’s “always on” DDoS mitigation is built to stop the biggest attacks on the internet, and attacks aimed at GoToMyPC are automatically mitigated by Cloudflare’s solution. Plus, GoToMyPC is even further protected with Cloudflare’s WAF, which leverages threat intelligence from over 7 million sites on the network to block the latest threats and protect against the most recent vulnerabilities. In the last month Cloudflare’s WAF blocked over 41,000 requests from ever touching GoToMyPC’s servers. Rate Limiting also stopped over 200,000 requests in a single day keeping GoToMyPC’s application data secure from a potential brute force attack and running smoothly for customers.
LogMeIn also enjoys the benefits of Cloudflare’s integrated world class CDN network. Cloudflare’s CDN delivers 30% savings on bandwidth costs every month for LogMeIn. Cloudflare’s CDN caches and serves GoToMyPC content from over 118 data centers around the world that are geographically closest to each user. By reducing geographic latency and serving directly from the cache Cloudflare’s CDN dramatically increases the speed of asset delivery for the GoToMyPC application.
Cloudflare strives to make implementation quick and efficient. For GoToMyPC, Cloudflare’s enterprise engineering team worked with GoToMyPC globally distributed team to implement and fine tune Cloudflare’s services. Hamilton applauded Cloudflare’s customer support: “The one thing that sticks in my mind about Cloudflare is their incident response. I’ve been in the security industry for a while and Cloudflare’s response is best-in-class. They recently had an issue, but as soon as it was known they owned it quickly, worked with 3rd parties, and facilitated getting it solved really quickly.”