“A chain is only as strong as its weakest link.”
We’ve all heard this saying and unfortunately, most of us have also heard it applied to IT security as the chain with users as the weak link.
Protecting data from the actions of users – whether intentional or not – has long been one of the greatest challenges IT pros face. Whether it’s via phishing emails, remote work habits or Shadow IT downloads, users are too-often the weak link. The good news is organizations are making progress. New research from Wombat Security says 95% of companies surveyed remarked that they now train end users on identifying and avoiding phishing attacks, up from 86% in 2014.
User education is of course key. But there are additional strategies you can employ to prevent a user-involved attack. We all know the difficulties in maintaining compliance with a management architecture as challenging as Windows. Local Users are created on devices, they fall off the domain, creating endpoint blindspots. All of these things negatively impact your security posture. One small action from a user could cause a Windows file to become corrupt.
New Reach Workflows to Manage Windows User Profiles
To give you more granular control with the ability to easily delete Local Users (on a single device or multiple) and delete aged profiles after a specific amount of time, Absolute today released new scripts for Reach, a powerful custom query and remediation feature that is a part of the Absolute platform. Now you can rest easy that your Directory remains pristine and users are not by bypassing your security controls, or worse, leaving data unprotected in local user profiles.
Because Absolute Reach lets you ‘reach’ any device, even if these devices are off your network and outside the bounds of traditional tools, you can still take action on these devices. The full list of new Reach scripts is listed below, and more are soon to come.
New Script Name | Description |
Add a Local Group | Add a local group on a system |
Add a Local User | Add a local user on a system |
Remove Local Group or User | Remove a local user or group from a device |
Delete Aged User Profiles | Delete user profiles that are older than a specified number of days.* |
Force GPUpdate Machine | Force a background update to refresh the Computer configuration settings in Group Policy |
Force GPUpdate User | Force a background update to refresh the User configuration settings in Group Policy |
Remotely Remove Microsoft Intune | Requires administrator rights |
Remove or Comment Out a Hosts File Entry | Comments out or removes a value from a device’s hosts file |
*Note: This script will not remove built-in profiles such as “Local Service” or “Network Service.”
To explore Reach for yourself, check out this short video.