Hi,
As part of ISO27001 the logging, monitoring and alerts of failed authentication attempts should be made available for auditing.
LogMeIn allows you to view your own logins, including failed logins, and even sends an alert to your email address, however, as part of reviews, we cannot see other users failed login attempts.
Could you please implement a change:
- As an 'admin', view all user LMI account login failures within the reports section, showing username, email, time and date, IP address.
- Send email alert on configured threshold to specified email (for example, more than 2 failed logins within 5 minutes, generate email with details).
Thanks,