Don’t Get Taken on a Holiday Phishing Expedition

GettyImages-533726355Ah, the holidays. A time of joy, reflection, and often, missives expected and surprising, from locales far and near.

I have unexpectedly received just such a missive, and shared it below, with commentary I hope you will find helpful.

personal memo

  • Return address

For starters, the envelope containing this delightful letter said it was from Manulife Financial, a legitimate company. In Canada, not Hong Kong.

The address of Mr. Lee’s unnamed investment bank is 9 Wing Hong Street, Cheung Sha Wan, Kowloon, Hong Kong. A quick search of Google Maps reveals that this is the location of a building known as the Global Gateway Tower. This property is managed by Henderson Property Agency Limited, which has not updated the property’s Web site since 2014. Hmm.

  • Email address

Mr. Lee, the letter’s putative author, apparently has no work email, as the “private email address” he provided to me is

  • Logo

As for the letter itself, it never states the name of the investment bank that employs its author, Andy Lee. But it does have a logo—one that closely resembles an inverted version of the logo of Toronto Dominion Bank. Another Canadian institution not based in Hong Kong.

  • Incorrect name

Also, he was apparently too excited to get my name completely right. It’s correct on the envelope, but the letter’s header says that it’s a “personal memo for Michael Dalton.” Not quite my name, but close. And the inside salutation? “Dear Michael E.” Which is my correct middle initial, a matter of public record.

  • False information

According to the letter, my relative, James Dortch, was an engineer and co-owner of Jameson & Erikson Electric Inc., “a Hong Kong based [sic] Private Electricity Company,” before he “died intestate in a ghastly car crash.” There is no such company, according to Google Search. And while Mr. Lee writes that “[a]ll efforts made by our bank to locate his relatives have been unsuccessful,” my cousin James is very much alive—you can easily find him on Facebook.

  • The mega-rich relative I never knew about

Nonetheless, Mr. Lee claims that James Dortch left an account containing “sums up to USD$47.5 Million United States Dollars” with “an open beneficiary status.”

Further, Mr. Lee asserts that if I will simply contact him, he will set the wheels in motion to make it possible for me to claim my late relative’s multi-million-dollar legacy. For his work “from the inside to make sure all needed information and evidences are provided” to back up my claim, Mr. Lee would receive 50 percent of that $47.5 million, and I’d get the rest. All I have to do is email Mr. Lee with a number at which he can call me to initiate the claims process.

Upon reflection, I believe I will forego Mr. Lee’s generous offer. And if you or anyone you know gets a letter like this, during the holidays or at any other time, you should, too. It took me about seven minutes of cursory online research to confirm that this is a really badly done attempt at phishing. But I have no doubt at least someone reading this right now knows someone who has fallen or almost fallen for a similarly transparent scam.

Stay vigilant!

The holidays are a great time for giving, and receiving. Just make sure you investigate every invitation you receive, and only give what you want to those you know. And if someone sends you an invitation such as the one I received, keep your holidays happy. Tell them politely but firmly to “go phish”—elsewhere.

The Cybersecurity Skills Shortage: Threat AND Opportunity for IT?

RET_005To paraphrase iconic singer/songwriter Donovan Leitch, who borrowed the idea from a Buddhist saying, “First, there is a cybersecurity skills shortage, then there is no shortage, then there is.”

A recent Computerworld article highlighted a US Department of Homeland Security (DHS) blog post, in which a DHS official argued that the much-publicized cybersecurity skills shortage is a myth.

In that post, the DHS official offered as evidence the 14,000 applicants, including 2,000 walk-ins, who attended a DHS job fair last July. “[W]hile not all of them were qualified, we continue to this day to hire from the wealth of talent made available as a result of our hiring event. The amount of talent available to hire was so great, we stayed well into the night interviewing potential employees.”

Perhaps unsurprisingly, the Computerworld article contrasts DHS’s interpretation of its job fair experience with the findings of numerous others outside of government. “For instance, a report released one day before the government’s job fair in July, Intel Security, in partnership with the Center for Strategic and International Studies (CSIS), pointed to a ‘talent shortage crisis’ of cybersecurity skills.”

Of course, the question isn’t whether there is or is not a cybersecurity skills shortage. The real question is, how can your company avoid the negative effects of such a shortage, now or in the future?

If skills are the question, technology is the answer

The right combination of skills, technologies, and processes can maximize the business value of the skills already in place at your organization. That combination can also help your organization to deal with any difficulties in expanding your cybersecurity team, by instead expanding the reach of the people you already have and the knowledge and experience they possess.

These benefits are equally applicable beyond cybersecurity. Technologies and processes that automate mundane tasks effectively and enable well-managed collection, sharing, and application of knowledge can aid your organization’s IT asset management (ITAM), IT service management (ITSM), and other efforts as well.

However, given the highly publicized challenges and risks associated with ransomware and other cybersecurity threats, cybersecurity may be the starting point that delivers the most benefits soonest.

LANDESK, AppSense, and Shavlik solutions—and the skills and experience of their developers, resellers, and partners—can help you to ensure that your business can do business safely and efficiently. No matter how the availability of skilled, experienced personnel may ebb and flow. Visit us online, or contact your representative, to begin implementing the solutions and processes that protect and enable your people and your business.

Cybersecurity: A Marketing Opportunity for IT

GettyImages-593296284The good folks at TechTarget operate multiple IT-related websites. One of these is the IT Knowledge Exchange, “a TechTarget Expert Community” that features questions and answers, discussions, and blogs posted by IT folks of various roles and levels of expertise.

Cybersecurity training

A recently posted discussion question asks this: “What systems and policies have you put in place to make business employees more IT proficient and self-sufficient?” I believe that cybersecurity training and outreach from IT can contribute greatly to making users “more IT proficient and self-sufficient,” and provide additional benefits to users, IT, and the business.

Most ransomware and other malware enters most enterprises via legitimate-looking but bogus phishing emails and website links. According to the Verizon 2016 Data Breach Investigations Report, more than 20 percent of phishing emails get opened. The report adds that more than 12 percent of those who open those emails click on the links to malware in the messages.

IT can and should provide training, content, and repeated contacts to help users to understand this and be more diligent in looking for, spotting, reporting, and not opening bogus emails. Doing so can help to transform those users from weakest links to first lines of enterprise cybersecurity defense.

Transforming the perception of IT

Such outreach can also help to transform the perception of IT by users and line-of-business leaders. These constituents often view IT as “the bad guys” who impose rules and tools that frustrate and annoy. Helping to make users more secure and more security-savvy can get more of them to see IT as enablers and accelerators of user productivity and business agility. Which can only be good for IT and the rest of the business.

If you’re in IT and already providing cybersecurity training and outreach, keep up the good work. Remember that cybersecurity is a marathon and not a sprint, and that repetition enhances retention and understanding. In other words, that one-time run-through of cybersecurity basics during employee onboarding and orientation is a beginning, not an end.

If you’re not already conducting coordinated, repeated cybersecurity training and outreach, start now. Share some of the resources in the LANDESK ransomware blog post archive with your users. Not all at once, of course. Maybe something new once a week or once a month, accompanied by any news you want to share about new cybersecurity-related applications, patches, processes, or tips. Maybe even content or inspiration you find at TechTarget’s IT Knowledge Exchange or other online discussion areas.

Of course, your training and outreach efforts can be made even more effective if you’re delivering the best possible cybersecurity protections behind the scenes. And of course, we can help you there as well. Check out our solutions online, or contact your LANDESK, AppSense, or Shavlik representative.


Windows 10 Security Mitigations When You Can’t Apply Cumulative Updates


The introduction of Windows 10 cumulative updates will force enterprises to make a difficult choice: security or availability. Security in the sense of eliminating the risk of known vulnerabilities through patching. Availability where an application or Windows 10 feature only works when an update isn’t applied. Enterprises will need to plan on Windows 10 security mitigations when applying cumulative updates isn’t an option.

Bad Patches

Bad patches are like any other software bugs: they happen. In speaking with many of our customers, we hear about them experiencing bad Windows patches a few times a year. When these patches are applied they break functionality in Windows or 3rd party applications. Sometimes Microsoft needs to fix something – sometimes a 3rd party vendor (see Windows 10 Cumulative Updates Overview for an example with Citrix XenDesktop). In the past, the solution was fairly straight forward: don’t apply the bad patch, address the security risk of the vulnerabilities in that patch, wait for a fixed patch or 3rd party software to be released, apply the improved patch or software and move forward.

Windows 10 Security Mitigations

With the cumulative updates, selectively applying patches is over. Rather that fretting over the situation, there are a number of mitigations that might be applied in place of the update when issues arise. In April 2014, Gartner’s Neil MacDonald, wrote a report on Best Practices for Secure Use of Windows XP After Support Ends to address the issues of not being able to patch vulnerabilities that would continue to be found. Many of these practices can be used with Windows 10 for these situations where a patch breaks functionality. These practices can also be used persistently, but are often seen as too restrictive. Consider these approaches as part of a flexible security strategy that goes along with your patch management program. I will highlight a few of the practices in that report that can be addressed with LANDESK solutions.

Restrict Network Connectivity to the Minimum Possible

This can be challenging for many client systems, but easier to achieve with fixed function devices like kiosks or POS systems. LANDESK Security Suite can limit network connectivity through Windows firewall management or the LANDESK firewall.


Whitelisting is a very effective method of securing a system as it stops unauthorized applications from running. LANDESK Security Suite and our recently acquired AppSense Application Manager both provide industry leading whitelisting with plans to blend both capabilities in future product releases.

Remove Administrative Rights

Many Microsoft vulnerabilities can be mitigated if the user does not run with an administrator account. Removing administrative rights is easy, but the limitations from such an action often stop organizations from taking this step. Privilege management software, including AppSense Application Manager, can be used to grant privileges to applications that need them so users can use non-administrative accounts. On the reverse, privilege management software can also be used to remove administrative rights from an application that is vulnerable and cannot be patched.

Address the Most Common Attack Vectors — Web Browsing and Email

There are a number of things that go into securing web browsing and email. Neil mentions the following controls:

  • Patch Management: As discussed in my previous article, 3rd party patch management is a strength of LANDESK Patch Manager
  • Containerization: there are a number of solutions that use technology to isolate applications including our partner Bufferzone. With these solutions, attacks are contained to that application unable to spread to the operating system or other applications.

Keep the Rest of the Software Stack Updated Where Possible, Including Office

Can I get one more amen for patch management? Enough said.

Use an IPS to Shield Systems from Attack

LANDESK Security Suite includes a Host Intrusion Prevention component to address behavioral based attacks and apply file protection rules. Add to that, LANDESK Antivirus brings an industry leading antimalware engine.

Disable USB Ports and CD\DVD Drives

Often malware is introduced through removable media. LANDESK Security Suite provides device control to disable external media devices, make them read-only, and\or shadow copy files that move across those devices.

Key Takeaways

Here are some points to remember and share:

  • Expect Windows 10 cumulative updates to occasionally break features or 3rd party applications
  • Selective application of patches is no longer an option with Windows 10
  • Build out a strategy of security mitigations when applying the cumulative update isn’t feasible

The article marks a stopping point for this series. There will likely be updates and changes to this conversation as new branch upgrades are released, but this gives you a solid foundation. Hopefully this series has been helpful and I wish you great success with Managing Windows 10 updates.

Managing Windows 10 Cumulative Updates with LANDESK


Managing Windows 10 cumulative updates with LANDESK leverages years of features and expertise in patch management. LANDESK Patch Manager provides automated assessment and targeting, robust network-sensitive update distribution, third-party patching, and custom patch definitions all of which make a comprehensive solution for Windows 10 patch management. This article will explore the capabilities in LANDESK Patch Manager that address Windows 10 cumulative updates.

Automated Assessment and Targeting

LANDESK Patch Manager provides content to identify computers missing cumulative updates and then target those computers for automated or approved remediation. Content is specific to Windows 10 branches which enables proper targeting of cumulative updates to the appropriate computers.

16 - Windows 10 Update Definitions

Update Distribution

As detailed in my Windows 10 Cumulative Updates Overview, the large size of the updates is one of the biggest challenges that enterprises will need to address. The challenge of distributing these large packages, at least monthly, requires strong software distribution capabilities. LANDESK Patch Manager leverages best in industry distribution capabilities to quickly push packages while minimizing the impact on the network. Such capabilities include:

  • Targeted multicasting: efficiently distributes packages to multiple computers through network efficient communications.
  • Peer-to-peer downloading: peer-to-peer technology enables computers on the same subnet to share packages eliminating the need to communicate across slow links or overwhelming a single server.
  • Bandwidth throttling: throttling limits the amount of traffic a computer uses to preserve network capacity for other communications.
  • Distribution servers: Distribution servers can be designated to host packages in different locations so updates only need to be downloaded once across slow WAN links that connect remote sites to a central datacenter.
  • Checkpoint restart: nothing is more annoying than having to restart a download. With automated checkpoint restart, package downloads can continue where they left off if a system gets disconnected.

Third-Party Application Patching

I continue to be shocked when I speak with enterprises who are not patching their third-party applications. Some are painfully packaging applications for distribution one update at a time, while many others are doing nothing. If there is one thing to be learned from Windows 10 cumulative updates, it is that 3rd party application compatibility is at continuous risk and the need to update such applications rapidly is more important than ever. With LANDESK Patch Manager, thousands of common third-party applications are analyzed to create content that enables silent detection and update of such applications.

Custom Application Patching

For those applications not in our extensive catalog, there is also the option to create a custom definition to detect and update the application. This capability can be particularly beneficial for internally developed applications which will also be under compatibility pressure with Windows 10 updates.

Systematic Rollout of Cumulative Updates

In my previous article on using LANDESK for Branch Upgrades, I discussed the use of the feature, Rollout Projects, to systematically deploy branches. The same feature can be used to deploy Windows 10 Cumulative Updates (as well as any other update, branch, or software package). Rollout projects automates the assessment, distribution, and installation of updates to groups of computers in a predefined order.

16 - Patch Rollout Projects

Steps can be defined to sequence different rollout groups to have a measured approach to updates. Each step can have exit criteria before moving on to the next step. Exit criteria includes:

  • Minimum success rate of systems upgraded
  • Minimum duration of executing that step to give time to identify potential issues
  • Email approval if you need manual change control to proceed

These exit criteria enable the complex process of rolling out branch upgrades to proceed automatically, but with controls to stop rollout issues from spreading.

16 - Patch Exit Criteria

Key Takeaways

LANDESK Patch Manager solves the challenge of managing Windows 10 cumulative updates through:

  • Automated identification of vulnerable Windows 10 computers
  • Network-sensitive update distribution
  • Extensive catalog of third-party application patching
  • Custom patch definition
  • Systematic project-style roll out of patches

In the next and final article in this series, I will explore security mitigations for when you can’t apply Windows 10 cumulative updates.

I.T.’s a Real Ditch Sometimes: Time to Make a Switch

GettyImages-607604884I.T. can be a real ditch

if there’s a patching glitch.

Down in the trenches

amid all the stenches?

Time to make a switch.

Okay, I admit it. I love limericks. So much so that I’ve penned a few on the job about the world of I.T.

Take patch management for example. Even though patching and updating computers have been around for years, organizations of all sizes still struggle to patch systems effectively. Which provides some good grist to wax poetic.

Patching Is “Not a Solved Problem”

Whether computers are behind the firewall or remote, the challenge of patching the OS and applications in a timely fashion persists.

The US National Vulnerability Database, operated by the National Institute of Standards and Technology (NIST), says that as many as 86 percent of reported software vulnerabilities affect third-party applications, not operating systems. As IT environments become more heterogeneous, the vulnerabilities of third-party applications become larger threats to enterprise security and user productivity.

Whatever the mix of operating systems and applications in an environment, that environment needs protection from malefactors as well as from mistakes by legitimate users and system malfunctions.

At the October 2015 Gartner Symposium/ITxpo in Orlando, Florida, Marc van Zadelhoff, VP, IBM Security, presented on “Rethinking the Challenge of Security.” According to a Ponemon/IBM survey of some 200 customers who have been breached, “only 45 percent of the breaches are caused by malicious activities, and 55 percent are caused by mistakes, inadvertent errors [by legitimate users], or problems with systems—system glitches,” Zadelhoff said.

The challenges to delivering the protection IT environments and users need grow along with the heterogeneity of those environments. Perhaps the most pervasive example of the growth and evolution of that challenge is Microsoft’s Windows 10. With the release of that software, Microsoft replaced its traditional method of releasing patches and updates with a collective, “cumulative” approach. However, such an approach creates additional risk in some environments.

Controls Three and Four of the SANS “First Five”

Those who don’t possess effective methods for software updates open up serious vulnerabilities within their infrastructure.

In the John Pescatore-authored SANS white paper that you can download below, he writes that SANS has created a subset of the Center for Internet Security’s (CIS) Critical Security Controls, Version 6.0. This subset, known as the SANS “First Five”, delivers the highest payback in reducing risk from advanced targeted attacks:

  1. Software whitelisting
  2. Secure standard configurations
  3. Application security patching
  4. System security patching
  5. Minimization of administrative privileges

Let’s consider the third and fourth of the five controls, “Application security patching” and “System security patching,” and how the LANDESK and Shavlik family of solutions can help with continuous vulnerability assessment and remediation.

Application security patching

Patching operating systems is a common practice, but 86 percent of vulnerabilities attack third-party software not part of the OS. Shavlik® Patch™ for Microsoft System Center maximizes your organization’s investment in Microsoft System Center Configuration Manager (SCCM) to reduce security risks from unpatched non-Microsoft third-party applications. Shavlik delivers the latest software updates for hundreds of third-party apps, including Windows, Mac, and VMware.

Shavlik also offers several options to deliver software updates and ensure patch compliance, whether a system is on the network or air-gapped: agentless, agent-based, or cloud-based. It also performs hypervisor, offline virtual machine, and virtual template patching.

System security patching

LANDESK Security Suite scans for vulnerabilities that it can remediate with a patch and correlates its actions with vulnerability scanner output. Scan events are logged and can be audited. Vulnerability data is stored based on a first detection.

The LANDESK solution can also scan for vulnerabilities that it can remediate with a patch in authenticated mode with agents running locally. You can use a dedicated account. Role-based access controls ensure that only authorized employees have access.

Shavlik Empower is a cloud-based solution delivers patch management for and asset intelligence about Windows and Mac OS X devices. Empower sentinels scan for devices across your environment, then leverage Microsoft Active Directory to extract and map significant intelligence about your organization’s IT assets. Empower then deploys agents that enable comprehensive, flexible patching of Windows and Mac OS X systems, wherever they are. Shavlik Empower also produces reports that quickly highlight the status of your Windows and Mac devices, their third-party applications, and their patching profiles.

LANDESK assesses state and applies patches across the enterprise, allowing you to establish policies for when devices are patched, leveraging distribution technologies to reduce the impact on the network and disruption to the user. Rollout automation allows for an automated process from definition download through pilot and production rollout phases.

LANDESK uses multiple technologies to distribute patches quickly across the network. Integrated project rollout features can deploy patches at scale and at speed while optimizing bandwidth utilization and hardware resources. Risk rating is based on the vendor patch. Devices can be patched in and out of network.


Fantom Ransomware: Looks Like Windows. Disrupts Like Hell.

Digital Internet securityAs if ransomware and Windows updates weren’t already challenging enough, a new threat pretends to be the latter but delivers the former.

If your organization has been in the process of deploying (or considering to deploy) Windows 10, then you already know about the issues regarding Microsoft’s shift to cumulative updates and the problems with third-party applications they’ve already caused at some companies.

Microsoft updates

Even if you’re not moving to Windows 10, you may still be affected by changes Microsoft is making to how it delivers updates to Windows 7 and Windows 8.1. And if you haven’t already, you should read the sagacious guidance offered in blog posts on these and related subjects by LANDESK Director of Product Management Stephen Brown and Senior Product Manager Chris Goettl.

In addition, you’ve doubtless heard and read about—or maybe even been affected by—ransomware.

Most ransomware infiltrates computer systems, locates and encrypts critical files, then demands payment of a ransom for access to the keys needed to restore access to those files. A recent variant, known as “Hitler ransomware,” threatens to encrypt critical files, but in reality, deletes them. (Read more about this variant in blog posts by me and Stephen.)

Fantom ransomware

And now, there’s Fantom. Once it gets into a system, it looks and acts like a legitimate critical Windows update. As reported by Lawrence Abrams of and others, it even displays a realistic-looking screen that says the updates are being configured.


What’s really going on, though, is that the software is busily encrypting all the files it can find. It then displays a poorly written ransom note.


Once that note appears, victimized users have no choice but to pay the ransom and hope that they receive the decryption keys promised by that ransom note. And that those keys actually restore access to all of their files, and that the malware infection doesn’t result in further mayhem.

This is only one recent variation on the ransomware theme. Others can be at least as disruptive to your users and your business, if not more so. A ransomware variant known as “Petya,” for example, ignores your files and goes directly after the master boot records and file tables that govern access to entire hard drives.

Ransomware webinar on September 14

All of this is why we’re having a ransomware update webinar on September 14, featuring Stephen Brown and Principal Product Manager Eran Livne. (Eran’s also written some sagacious and helpful guidance for combatting ransomware, as have other members of the LANDESK team. You can browse, read, and share these in our ransomware archive.)

It’s also why we continue to evolve our solutions for fighting ransomware. In the webinar, Stephen and Eran will describe some specific upcoming enhancements to LANDESK Security Suite that can help you to defeat even the newest ransomware variants, and keep your organization’s computers and users productive and operational.

Get and stay ahead of the bad guys developing and distributing ransomware. Protect your organization, its users, and its critical information. Start now by registering for the webinar today!

Also, be sure to get your free copy of our most popular white paper below.


The Biggest Mistakes Users Make When Choosing a Password

passwordAccount information for millions of Dropbox users is being leaked online, more than four years since the file sharing service suffered a major data breach.

Fox News reports that as many as 68 million accounts were compromised, with email addresses and password data now being shared on the web.

Dropbox told that even if the passwords were cracked, hackers wouldn’t be able to access those accounts because of a recent reset.

The cloud storage service says they reset passwords for users who signed up before mid-2012 and hadn’t bothered to change their passwords since.

Using the same password on multiple sites

The collateral damage from this data breach could be a more of a concern.

“The real risk for a breached user isn’t the site that leaked their user information,” said Rob Juncker, VP of Engineering at LANDESK. “It’s the fact that most users use the same credentials at multiple sites and hackers know this.”

Juncker, an expert in cybersecurity, says being lazy with your password exposes you and your company to the possibility of a full-on cyber onslaught.

“Having discrete credentials per site is a key aspect of securing yourself as a user,” said Juncker.

Users make common mistakes when it comes to generating passwords when creating new accounts.

Adding a number at the end

“Adding a number at the end of a password doesn’t qualify,” he said. “Realize that if all you did was add a number, or add one to an existing number on the site, you might as well have just left it the same.”

A lot of emphasis is placed on coming up with unique, hard-to-crack passwords; but Juncker says your usernames, and more importantly the email address you use when signing up, can be just as critical when it comes to protecting your sensitive information.

“With some sites like Facebook and Instagram, most users will trend towards their personal emails,” he said. “Corporate sites often are registered with corporate credentials.”

Using a work email address

Many users register for sites liked LinkedIn and Dropbox with email addresses linked to their employer’s domains. Juncker says this dangerous practice can open the door for hackers to access your businesses’ network.

“The problem this creates is your corporate security teams have no control over the password governance on these sites,” he said. “But it provides a link from a credential to a corporate network when you use a corporate email.”

Key takeaways

Juncker’s advice: stop using the same password, or a variation of, for everything, and think twice about using your work email address for online accounts. A little extra diligence can save you a lot of hassle when it comes to protecting your personal and proprietary information.

Are you guilty of any of these password blunders? Check out LANDESK Security Suite and be sure to get your free copy of our white paper on how to protect against ransomware—this year’s biggest cyber security threat—below.


Saving Time, Money and Your Network With LANDESK

IT teams are constantly on the hunt for ways to save their organizations time and money. LANDESK’s portfolio of products is doing just that and MORE for its customers. The key is consolidation.

LANDESK has listened and learned from what IT professionals have been asking for and, as a result, has developed a feature-rich line that is meeting and exceeding the needs of consumers.

Everything you need in one place

“We had several different platforms to accomplish a bunch of different tasks,” said Chris Frediani, senior support specialist at NEPC, LLC. “What we wanted to accomplish by implanting LANDESK was to consolidate all those different tools into just one suite of tools.”

That’s exactly what you get with LANDESK. All the tools you need to manage your entire network — nicely packaged into one customizable platform.

“We are more efficient as a team when we just have one platform with all of the tools that we use every day, readily available in one system,” he said.

It’s a new level of efficiency that isn’t just saving customers minutes or hours, they’re shaving days off formerly time-consuming tasks.

“Before, we had this kind of archaic method of making sure that all of our endpoints were patched and within compliance standards. It would take two days to get the patching process started,” said Frediani. “Now, what used to a be a two-day thing is a 15-minute thing once a month.”

Going beyond IT management

In addition to saving time, LANDESK’s clients say they’re now able to go outside the normal bounds of IT management.

“One of the main things we wanted to accomplish with LANDESK Service Desk was to become more efficient, to get our processes nailed down, and to start rolling it out to other areas (besides IT) within our organization,” said Mike Abranink, desktop support analyst for the City of Leduc, a busy suburb of Edmonton, Alberta.

Abranink pocketed time he would have normally wasted traveling from desktop to desktop and was able to impress his bosses at the same time.

“It has made my life as a desktop analyst easier. I don’t have to go out to my users as often, it makes the distribution of software easier, and it makes tracking for our executive and CIOs easier,” he said. “One of the main benefits is through the built-in reports in LDMS. I’ve been able to pull reports that demonstrate to our executive and to our managers that by remotely controlling a desktop, we actually save time and money.”


Our focus isn’t just on saving you time and money; security is our number one priority. LANDESK’s security solutions are constantly on the prowl for possible vulnerabilities that threaten to wreak havoc on your system.

“The problem that we were facing when we first considered LANDESK was that we didn’t know what we didn’t know,” said Nick Gehr, enterprise support manager for Aviall. “Once we got it up and running in our environment, the light that shined on in every corner — that we just had originally no sense of awareness around — we were able to take action upon those.”

The unknown can be detrimental to a network. LANDESK’s solutions are helping IT managers seek and destroy hidden threats and keep your system protected.

“We discovered a ton of devices in our environment that weren’t being managed at all — that we didn’t even know were there until we spun up LANDESK Management Suite and it pointed them out to us,” said Frediani. “What you can do with just a couple of application platforms like LDMS and LDSD is pretty incredible.”

Businesses, corporations, and even cities are using LANDESK products to streamline their workflow and tailor IT management to the ever-changing needs of users and administrators.

“Some of the problems we were facing that made us consider LANDESK were that we started with a very small, out-of-the-box solution for a ticketing system that wasn’t meeting our needs. It wasn’t customizable; it didn’t let us have a process flow in it,” said Abranink. “LANDESK Service Desk addressed all the needs we had as we grew and it has scalability and functionality in it that’s hard to find in other places.”