LogMeIn has focused much of its business expansion efforts on the “Internet of Things” industry over the past several years, but on Friday it turned its attention toward cybersecurity in a big way.
The Boston-based software company announced an agreement to purchase Fairfax, VA-based LastPass in a deal that could top out at $125 million in cash. It marks the largest acquisition LogMeIn (NASDAQ: LOGM) has made in its 12-year-history, according to a spokesman.
Founded in 2008, LastPass offers a “single-sign-on” and password management service for consumers and businesses. Basically, users create a LastPass account with an e-mail address and a master password, which the company bills as “the last password you’ll have to remember.” The service saves users’ login information for various websites and automatically fills it in when they visit those pages. It can also store credit card and billing information to simplify online shopping.
LastPass encrypts the sensitive data and can sync the passwords across multiple devices. Other features include the ability to back up documents, add additional layers of security, and send alerts when other sites and services might have been hacked.
There has been lots of talk in recent years about the “bring your own device” movement—the trend toward employees using their smartphones and tablets for work purposes. LogMeIn says LastPass is selling a service that supports the “bring your own app” trend, as employees are increasingly using those devices to run Web and mobile apps that weren’t developed by their company’s IT department or purchased and implemented by management.
Those apps need to be secured because they often contain confidential data, and users rarely vary their passwords, LogMeIn says.
There are plenty of similar services jockeying for position in this sector, including Dashlane, Keeper, StickyPassword, and LogmeOnce.
LogMeIn saw LastPass as the leader and was willing to place a huge bet on it. The deal will deplete much of LogMeIn’s war chest—it had $136.1 million in cash and cash equivalents on the books as of June 30.
But the move gives it a strong foothold in what the company calls the identity and access management market, an area in which LogMeIn, best known for remote device access software, has been strengthening its position. LastPass has millions of individual users and counts more than 15,000 businesses as customers.
“We believe this transaction instantly gives us a market-leading position in password management, while also providing a highly favorable foundation for delivering the next generation of identity and access management solutions to individuals, teams, and companies,” LogMeIn chair and CEO Michael Simon (pictured above) says in a press release.
After the deal closes, LogMeIn will integrate its other identity management products and services into LastPass. Those include the offerings from Meldium, a similar company based in San Francisco that LogMeIn acquired in September 2014 for $15 million in cash.
LogMeIn says it will continue supporting the product lines of both Meldium and LastPass for the foreseeable future, but eventually it will consolidate them into a single identity management business that will carry the LastPass name.
LogMeIn will initially pay $110 million in cash for LastPass, and will kick in another $15 million in cash for equity stakeholders and key employees if LastPass hits “certain milestone and retention targets” during the two years following the transaction’s close.
LastPass employs about 30 people at its headquarters and a satellite office in France, all of whom have been offered jobs with LogMeIn, a spokesman says.
LogMeIn employs about 1,000 people worldwide and generated an $8 million profit last year on $222 million in revenue.