Category: Data Visibility & Protection

Back to School – Laptop Theft 101

Stop me if you’ve heard this one before: Did you know that according to Gartner, a laptop is stolen every 53 seconds? It’s not a joke. According to the University of Pittsburgh your laptop has a 1 in 10 chance of being stolen and a nearly 98% chance of never being recovered. Did you also know that nearly HALF of all laptop thefts occur in classrooms?
Most students aren’t likely to to think twice about the value of data on their laptop; they instead think the device itself holds the true value. This couldn’t be further from the truth. The true price of a lost or stolen education device goes far beyond the value of the machine itself. Think of the countless hours and crushing brain energy spent researching and drafting your final thesis, sculpting your musical magnum opus, or the 2,000+ layer Photoshop or Illustrator file you’ve contributed to every week and weekend for the last 4 months of your life. Truth is the data on your device represents irreplaceable concentration, time and effort – invaluable commodities in today’s fast paced digital landscape.
Losing a device is one thing, but losing the data on it – potentially hundreds of hours of work – can drastically interfere with your education goals not to mention cause additional stress during an already difficult time of your life. Don’t take that risk.
Of course there are software ‘solutions’ like popular anti-theft products but they’re bulky, expensive, and stop short of offering TRUE protection. Sure, many can tell you the location of your device but will they actually assist in the RECOVERY of your device once it’s missing or stolen?
What then can be done to protect your device AND it’s data? Beyond protective software, you can start by practicing our top ten recommendations for laptop security:

Never leave your laptop unattended .
Keep your laptop in a secure, hidden place .
Lock doors and windows when you’re not in your room .
Use a discreet laptop case .
Never leave your laptop in your vehicle .
Purchase a Laptop Theft Recovery Solution .
Personalize your laptop’s looks .
Write down your laptop’s serial number .
Use secure passwords and update them regularly .
If someone tries to take it, give it up – it can be replaced… you can’t !

What happens when even these tried and true methods fail, I hear you ask?
Luckily there is one solution that CAN and will go the extra distance; Absolute Home & Office. With features including device locate, remote content lock and delete, as well as a theft recovery team who works with local law enforcement to actually recover your stolen or missing device. It’s also currently on sale for the back to school season. 50% off a PREMIUM 1 year plan, as well as the STANDARD product for just $1.99/month.
Stay safe out there.

Why a Vulnerability Management Program Is Critical For Your Company: All Your Questions Answered

What is a vulnerability management program, anyway?
A vulnerability management program (VMP) is used to identify and manage weaknesses within an organization that could be used to exploit or gain access to the company’s computers and stored data.
Companies must understand that a VMP is much more than just patch or inventory management. While these elements are crucial to a good VMP, even more critical to the program are the employees. 
Why are employees so critical to the success of a VMP?
By training employees not to click on suspicious email links, open unknown documents, or even allow someone to enter a secure area without badging in, companies can go a long way to minimize potential vulnerabilities within the organization.
I often think of the “In this corner we have Dave” cartoon. We all have good intentions and a desire to be effective. Without proper education, our intentions often lead us to very vulnerable places.
In the “User Dave” scenario, you have to educate employees on issues like phishing and things like not letting somebody tailgate and walk into the building behind you. Because at the end of the day, the best tools in the world aren’t going to defeat Dave, who may leave his laptop open as he’s picking up his coffee at Starbucks while he’s VPN’d into the network.
It’s really about the education.
There should be an understanding among employees about why it’s important to accept that patch, why it’s important to have VPN on when you’re at Starbucks, and why you should also the at the very least lock your computer if you’re going to walk away from your laptop.
Where do I even start in developing a VMP?
Start with the NIST cybersecurity framework. If you really peel back the onion on the cybersecurity framework, it’s not about telling you that you must have VPN, or a password that’s 12 pages long and you must change it every 90 days. It’s a tool for you to start getting your organization to ask questions.
For example, how do we feel about this type of vulnerability and how are we doing perimeter management? How are we securing PII and things of that nature?
So if I were going to start anywhere, it would be the higher level of the NIST cybersecurity framework. And then once you’ve gone through that, you can score yourself on where you are risky and where are you not risky. Are you doing patch management and are you rolling it out at the appropriate time?
Then you’ll hopefully have a grasp on the posture of your risk tolerance and can find a program that works for your organization.
That’s where I think the VMP falls into place. If your risk tolerance isn’t matching up to your perceived level of protection, then you need to start looking into how to protect yourself.
Essentially, you need to ask yourself how to best assess your vulnerability management to ensure that you can put your head on your pillow and sleep at night.
Read: NIST CYBERSECURITY FRAMEWORK: FIRST, SEE EVERYTHING
Why is it important for an organization to have a VMP?
Without a VMP, it would be difficult for an organization to determine its posture on cybersecurity risk.
Because without the vulnerability management program, everything else becomes a shot in the dark.
Which elements are a must to include in your VMP?
I can’t stress enough the importance of training everyone connected to the organization, which includes full-time employees, contractors, receptionists, and C-level staff.
But it is also critical to understand the true state of every device connected to your environment.
For instance: How out of date are the browsers being used in your networks? What are employees using multimedia software platforms for? What happened to that laptop that was issued two years ago to the employee who is no longer working for you?
Finally, include an “end of life” strategy for everything and review it regularly. It includes devices, software, cloud service providers, VMPs, etc. Don’t just assume that once you have started a program that everyone is on board and it will be executed properly tomorrow. It needs constant maintenance.
Which company departments should be involved in creating the VMP?
At a high level, to get the proper buy-in for a successful VMP you need stakeholders from HR, legal, governance, IT Ops, security and the C-staff.  Buy-in needs to come from the top and demanded from everyone throughout the organization.
While you may not want frontline employees to dictate policy, getting them involved and encouraging feedback is important. You want a rational conversation where the company can find the right point at which employees feel less productive because of security measures. Once you find that line, you don’t want to step over it.
As long as you have that open dialogue, I think buy-in is easier.
What are the tangible benefits of having a VMP? 
There are three tangible benefits to having a VMP:

Once completed, you will have a better understanding of your organization’s risk posture.
You will be better prepared on how to react when — not if — you have a vulnerability that is exploited.
Your organization can experience a sense of unity in coming together as a team to protect and defend against malicious actors.

What questions should CIOs ask themselves when creating a VMP?
You need to understand your environment.
Do you have a “Single Point of Truth” of the state of your environment? From BIOS up to the latest browser plugin? Can you logically group assets by location, by user role, by privilege?
All of these make it easier for IT Ops and Security to more quickly identify and isolate more critical issues than ones that are less likely to cause concern.
More questions: Is your outside sales organization using an older version of a VPN tool because their systems are regularly missing patch management events? Does this suggest a greater vulnerability than a computer sitting in a training lab with the same old VPN client installed?
Do you have users that are technically savvy enough to change a hard drive, boot from a USB device, or even try to circumvent existing processes to satisfy their own needs? Can you track that behavior today, and if not, how can you ensure that your data and the PII data that you are protecting is safe?
Is a VMP useful for small businesses?
A VMP is useful for all organizations, but it’s understandable to wonder how to get this kind of thing going with limited resources.
But when you think about it, I don’t think any company has enough resources to deal with these problems. Whether you’re a Fortune 500 or Fortune 1 Million you’ve got to make decisions and prioritize how you’re going to act. You still have to make that concerted effort to think about your tolerance to risk management and vulnerability management, and then assess how to prioritize to arrive at the key things that’ll make everybody sleep a little bit better at night.
How can technology help in creating a VMP?
With Absolute, we offer that “Single Point of Truth” that provides visibility into the (approved and unapproved) software on a device, and logically group those devices by location, role, type, software, BIOS and more — to help your organization better understand how the device is being used. Absolute provides visibility and resilience for every endpoint with self-healing endpoint security and always-connected IT asset management to protect devices, data, applications and users — on and off the network.
I want to start with the NIST Cybersecurity Framework. How do I begin?
The threat landscape has evolved, the attack surface has mutated, and everywhere you look, the cybersecurity skills shortage leaves more work to do than there are people to do it. As I mentioned before, the NIST Cybersecurity Framework is a great way to get the ball rolling.
Download our NIST CSF Implementation Overview whitepaper to learn how the NIST Cybersecurity Framework (NIST CSF) supports organizations who want to formalize their security discipline and scale their operations.
 
 
 

Secure More, Work Less

As digital transformation initiatives drive more hi-tech processes and connected devices, the threat landscape is more like a thicket, and IT security teams are already stretched. Device fleet security is already a heavy lift; the clever cybercriminals and skyrocketing vulnerabilities, that’s just a bonus (in reverse).
The Need for ML and AI
Mounting cyber risk is a global concern — the 2019 CEO Imperative Study from Ernst & Young shows CEOs now believe cybersecurity is the top threat to the global economy over the next five to ten years. And the rising cybersecurity skills shortage, as well as potential career burnout by existing IT security staff, makes this an international emergency.
In response to cyber fragility and the need for more effective IT operations, we recruited machines to help us meet this challenge—machine learning (ML) and artificial intelligence (AI). In a report from Capegemini, 69% of executives believe AI will be necessary to respond to cyberattacks and 73% of enterprises are testing use cases for AI for cybersecurity.
In a recent Forbes magazine article, Why AI is the Future of Cybersecurity, Absolute’s CTO Nicko van Someren puts it this way:
“It’s no surprise that Capgemini’s data shows security analysts are overwhelmed. The cybersecurity skills shortage has been growing for some time, and so have the number and complexity of attacks; using machine learning to augment the few available skilled people can help ease this. What’s exciting about the state of the industry right now is that recent advances in machine learning methods are poised to make their way into deployable products.”
The Power of Automation: Absolute Unveils New Updates to Enterprise Resilience Edition
As ML and AI balance the workload and improve response to cyber threats, automation is also the key to endpoint resilience. The Absolute Reach Library — the query and response capability in the Absolute platform —enables IT automation with 118 ready-made commands in the most recent release of the Absolute platform. Nothing is out of reach (pardon the pun), allowing IT and security teams to command any device anywhere, on or off the corporate network.
New Reach ready-to-use workflows introduced this week simplify security policy deployments and remotely manage your devices, including:

Windows Update Command: Pinpoint vulnerable devices with pending or failed Microsoft OS updates
Automated Log Analytics: Detect initial signs of endpoint security exposures and potential incidents by automatically discovering frequent and common issues from event logs
Windows Configuration Enforcement: Audit Windows features and local accounts on devices, as well as modify settings to maximize energy savings and ensure an optimal and consistent user experience

Absolute has also rolled out new Live Chat Support to give enterprise IT and security teams the consumer-like experience to realize endpoint resilience — no tickets, no email, no toll-free numbers. On-demand chat support removes the dependency on outdated modes of technology support, ensuring Absolute customers receive real-time answers and information, so they can focus on their organization’s resilience.
And there’s one, more thing… Policy is the bedrock of any security program. Because at its core, policy says, “This can do that. That cannot do this”. So, Absolute made policy simple and easy. With changes to your Absolute policy groups, you can swiftly and fluidly direct devices to dynamic policies without cycles of enroll/unenroll/reenroll that wastes valuable IT time and brain power.
Read: Creating an Information Security Policy That Works
With easy to manage and staggering speed, IT and security teams get the bedrock protection they demand (airtight policies), without the grind of manual cleanup.
Today’s threat landscape requires the automation of updates, patches and security policies in real-time. Short of that, exposures become exploits and endpoint resilience is lost.
Learn more about Reach and how Absolute enables IT to remote manage devices and seamlessly and fluidly apply and adjust security policies to any endpoint or group of endpoints.
 
 

Quantifying K-12 Device Use with Absolute

K-12 schools across the country rely on technology to further individualized learning but quantifying the efficacy of this effort and maintaining the fleet of devices that one-to-one computing requires comes with unique challenges. With funding opportunities on the decline, schools are increasingly challenged to prove that technology has had a meaningful impact on student outcomes.
Loudoun County Public Schools (LCPS) is the third largest school division in the Commonwealth of Virginia with more than 78,000 students in 89 facilities. In order to support their personalized learning initiative, the district invested heavily in a one-to-one program for students and staff, adding thousands of devices for use in-classroom, at home, or by teachers who travel.
The Challenge: Demonstrate Device Use and Keep Them Secure
In order to secure the budget for the purchase of tens of thousands of devices, Dr. Rich Contartesi, CIO for LCPS, was tasked with demonstrating device utilization rates, no matter if the device was on or off the school network, to drive consensus that teachers did need a laptop and that students were benefiting from using laptops in the classroom. The Board also needed assurances that security of sensitive data and device theft recovery were prioritized to safeguard the investment in these devices.
Read: Student Technology Analytics Key to K-12 Digital Learning
The Results: Increased Device Utility and Minimized Risk
Using Absolute, LCPS was able to provide quantitative information on device utilization rates right away. With security in mind, LCPS chose to purchase Dell laptops, which are protected from the factory with Absolute Persistence. Out of the box, these devices are able to withstand tampering and may be tracked no matter where they travel. With Absolute, the LCPS IT team now receives automated alerts on anomalies, so they can focus on reviewing potential security issues and taking action to ensure endpoint protection and data privacy.
“We were able to provide the board with quantitative information about device utilization that derives consensus so the budget could be approved. Also, peace of mind with security, privacy and theft recovery,” Contartesi said.
With Absolute, LCPS now has peace of mind of endpoint security, device theft recovery and data privacy. They have minimized their risk and increased the value and utility of their devices.
Learn more about how Absolute enables personalized learning at Loudoun County Public Schools by minimizing risk and increasing device utility.

How Businesses Can Protect Devices from Cyber Attacks

Christy Wyatt, CEO of Absolute Software, spoke on Yahoo Finance’s web show, The Final Round, on June 19, 2019 to provide her expert opinion on endpoint security, the IPO market, what it’s going to take to out-innovate bad actors, and how to protect your data.
“Security is a journey. It’s not like there’s a checklist: you do ten things and it’s covered,” Wyatt informed viewers. “While we’re spending more and more on security, $124B this year as an industry, and a lot is going on these devices, it’s the fact that we have so many security controls that are creating a vulnerability that conflict with one another and decay over time.”
To learn more about the inevitable degradation of endpoint security controls, download the “2019 Endpoint Security Trends Report – New data security threats revealed from global study of six million devices.”
 

Absolute Named Top 10 Cybersecurity Company to Watch in 2019

Absolute was recognized this week by Forbes magazine in the Top 10 Cybersecurity Companies to Watch by Louis Columbus. As the cybersecurity industry continues to experience unprecedented growth, endpoint resilience, visibility and control is more important than ever. Here’s an excerpt:
“Enterprises rely on Absolute to cut through the complexity to identify failures, model control options and refocus security intent. Rather than perpetuating organizations’ false sense of security, Absolute enables uncompromised endpoint persistence, builds resilience and delivers the intelligence needed to ensure security agents, applications, and controls continue functioning and deliver value as intended. Absolute has proven very effective in validating safeguards, fortifying endpoints, and stopping data security compliance failures.” – Forbes Magazine

In short, security agents fail reliably and predictability. Without visibility into the army of security agents you have running – you simply don’t know what’s working and what isn’t.
A Growing Need
As mega breaches continue to dominate headlines and the number of qualified personnel lags behind explosive job growth, Gartner predicts worldwide IT security spending will exceed $124 billion this year. This is more than double the $60 billion price tag reached just three years ago. The need for innovative responses to combat the barrage of cyber threats is reaching emergency levels, especially as data security regulations evolve and clean-up costs climb. One research firm estimates the global cost of cybercrime will reach $6 trillion annually by 2021.
Chief security officers are scrambling to build solid defenses while also championing the critical need for better data security across their organizations. Likewise, security vendors are building solutions that stop attackers in their tracks, particularly at the endpoint where 70% of breaches begin. But because cyber criminals are notoriously tenacious and there’s always more than one way in, organizations are forced to layer on multiple security tools to protect their data including encryption, anti-virus, anti-malware, patch management and others. While this approach certainly isn’t wrong, there are gaping holes in that theory too.
False Sense of Security
Complexity at the endpoint causes significant problems and often provides organizations with a false sense of security, not to mention negative ROI on the security dollars they worked so hard to secure. Too many agents — 10 on average according to our 2019 Endpoint Security Trends study of more than 6 million devices — will cause failure regularly and predictably. They are extremely fragile, degrade quickly, and create unnecessary friction for users so it’s inevitable that these agents will collide, be disabled by users, or go unpatched. These blind spots hinder the visibility of IT and security leaders and leave endpoints — and the organizations to which they belong — increasingly vulnerable over time.
Get our 2019 Endpoint Security Trends Report for more on how endpoint security agents fail.
Before layering on more tools, it’s important to first validate what you have and how well they are working. Without this critically important first step, a security team’s best efforts (and your budget) are likely wasted. The Motley Fool recently published an article on the importance of cybersecurity and, noting the rising costs of damages and a persistent need for security, the opportunities for Absolute are sizable. We couldn’t agree more.

Reducing Data Security Complexity: Avoiding Endpoint Bloat

According to Gartner, worldwide IT spending is projected to total $3.76 trillion in 2019, an increase of 3.2 percent from 2018. Today, 24 percent of the overall spend is allocated to endpoint security tools.
But there’s a dangerous downside to this investment: when tools collide, when they battle for resources, all fail. This reality renders systems and assets unprotected and vulnerable. Meanwhile, the organization is left with a false sense of security.
Complexity is the single largest contributing factor to the rising security failure rate. For starters, devices can have 10 or more endpoint security agents, and still, 70 percent of breaches originate on the endpoint and 100 percent of devices will experience an encryption failure within a year.
Recent research, which analyzed more than six million enterprise devices over a one-year period to uncover what causes security tools and agents to fail, found that nine out of 10 agents installed are from the same five technology categories: encryption, unified endpoint management (UEM), endpoint detection and response (EDR), endpoint protection platform (EPP/AV/AM), and virtual private network (VPN).
Ultimately, this means that multiple technologies exist on any given endpoint to perform the same task and the likelihood that these agents will conflict and collide with one another is high. But why? The answer lies in the fact that every control, app, and agent is tapping into hardware and software resources — a zero-sum game in which some feast while others starve.
Endpoint complexity also puts a strain on resources. A report by Ponemon found that 50 percent of companies require more than 35 full-time employees to manage their endpoints. The same report found that 425 hours are wasted weekly on false security alerts, likely due to conflicting endpoint agents sending convoluted signals back to SIEM solutions.
Fortifying the Endpoint
Today, endpoints are fragile, degrade quickly, and create unnecessary friction amongst each other. But investing more money on more security tools does not protect enterprises from threats. It triggers risk. Here are three tips to fortify the endpoint:

Reduce Complexity: Rather than spending more, IT and security teams should strive to reduce complexity on the endpoint and focus on ensuring that existing security tools are fortified, more resilient, and less inclined to fail. Measuring IT complexity entails identifying redundancy that is self-imposed by overloaded endpoints. Begin with these questions: Where is there agent creep, driver creep or app creep within your endpoints? What are all the OS types, device types, and client types within your organization? What is the lifecycle process?

Maintain Visibility:Once the complexity problem is reeled in, it is critical to achieve ongoing and true visibility across all device activity within and outside of your network.

Get Encryption Right: Encryption is the staple security tool most often taken for granted. While it can certainly provide protection, it is not a “set it and forget it” solution — whether disabled by users or through malfunction, encryption is regularly broken, disabled, misconfigured, or missing entirely. In fact, research shows, at any given point in time, over 42 percent of endpoints experience encryption failures.

Visibility is Key
In order to strengthen endpoint security and avoid endpoint bloat, enterprises need to unlock value from existing investments. Investing more money into exciting new technologies is pointless if basic measures – visibility, control, and resilience – are not operating effectively first. Specifically, IT and security leaders must create an environment which fosters a path to:

Intelligence: Knowing what’s happening across their device fleets

Command: Seamless and automated responses to security decay

Resilience: Regenerated broken/disabled controls, apps, and agents – security immortality

Take a moment to consider your own environment. Do you have an understanding that spans time and space (intelligence histories and universal sight to all devices)? Can you validate exposures are mitigated? Can you withstand the reliable and predictable march of security decay?
These are the questions our newly minted environments are ready to answer: Yes, I know the inner workings of each device and can model moves throughout the population. Yes, I can seize command, never lose my grip, and instantly reclaim security slides and yes, my security agents are now immortal, because I have taken steps to halt endpoint entropy with the unflinching power of persistence.
Whether agents, particularly security control agents, persist over time is the only metric worth our attention, because it puts a spotlight on the greatest hidden danger of all: the naturalness of security decay. Things fall apart. Rust never sleeps. Agents topple over.
Decay is the fate of all security agents. But if these serve as the foundation of our security goals or most technical expression of security intent, then what could possibly be more important? It’s also not a question of whether security decay is happening in your environment, you can rest assured it is. What must be asked is, will you persist through it? This question demands an answer.
Ideally, organizations reduce their overall security costs by monitoring how their endpoint controls work (or don’t) to reduce endpoint security decay. They validate safeguards and eliminate compliance failures. And they respond to threats and exposures with the confidence to control devices from anywhere.
As a result, organizations can eliminate spending on ineffectual technology, and reduce the number of agents, while ensuring that endpoints are more secure than ever. Sometimes less really is more.
Originally printed in Information Management
For more information on endpoint security tool degradation, download the 2019 Endpoint Security Trends report. 

The Complexity Gap

It’s no secret – the demand for trained, experienced cybersecurity professionals far exceeds supply. Enterprise Strategy Group (ESG) has been one of several organizations tracking the cybersecurity skills shortage and they have been sounding an alarm for many years. While a few tactical programs have attempted to address this shortfall, most view them more as lip service rather than a real solution.
Alarmingly, the situation appears to be getting much worse — as positions get filled with inadequately trained personnel or don’t get filled at all and the IT environment gets more complex, we increasingly experience a ‘complexity gap.’
Rise of Security Controls
As manpower dwindles, the threat landscape is rapidly expanding. IT environments today have an overwhelming number of distributed devices and a worldwide mobile workforce. Device resilience now requires exponentially more effort. Why? Because every control, app, and agent depends upon the same hardware and software resources on a device. They are in a zero-sum competition: some controls feast while others starve.
Read: 2019 Endpoint Security Trends Report
Consider how labor-intensive it is to see, control, respond to, and secure endpoints. The metrics involve IT and IT security staff, users, devices, and the growing number of controls within those devices. Each of these considerations come together in what can be called, “Device Hygiene Care.” Namely: what must be accounted for to keep devices secure and operating effectively? As the graph illustrates, ensuring that endpoints have sufficient hygiene has become increasingly difficult as device distribution grows and the skills shortage worsens.
In 2000, the value for Device Hygiene Care (C) was 2. IT resources were 2x higher than the level of effort required for device hygiene. In short, IT and IT security teams once had bandwidth: there weren’t too many controls, devices, or data distributed among worldwide users. Today, bandwidth is a thing of the past for nearly all IT and IT security groups. Personnel resources would have to be multiplied 12x (C-12) to have adequate coverage to achieve device resilience.
Widening Divide of Tools and People
Dealing with rising IT complexity risk is no easy task. Add to that the growing divide between IT complexity management and the personnel resources to support it and you get what I call the “Complexity Gap.” The graph below shows how the rise of more controls and devices is dramatically outpacing the staff needed to manage them all.
 

Where does this lead? According to ESG, 63% of IT professionals admit that the staff/skills shortage in their organization has had negative impact to security operations. Additionally, 40% stated that their cybersecurity team is too small and cannot keep up with the work demanded by the business, “the biggest contributor to security incidents.”
Growing Insecurity
The skills shortage and the complexity gap feed on each other and this leads to negative outcomes like data breaches, data integrity and compliance failures, criminal prosecution, limited value from existing tools, and delays to respond to the business’s needs.
When no one is minding the control switches, breaches happen.
For more information on the complexity gap, watch the video below. While you’re at it, subscribe to our full Cybersecurity Insights video series on YouTube.

 
Video Transcript
Hello! Josh here from Absolute. Today’s IT environments are brimming with complexity, let’s see what we can do about it.
Today, IT complexity is just part of the game.
This tangled web has turned endpoint resilience into a riddle. But how did that happen?
No more than 10 years ago – securing devices was straightforward; there were fewer agents, all sharing a device home without too much drama. Those days are long gone…
Now, device resilience requires 12 times the effort. Why? Because every control, app, and agent depends on hardware and software resources. They are in a zero-sum competition: some feast while others starve.
This agent friction leads to some startling results:

At any given time, 28% of antivirus/antimalware agents fail.
42% of encryption agents go to an early grave.
..in an era where patching is already a struggle, 1-in-5 patching agents break every month.

Oh, and when patching agents — like Tanium, SCCM, AirWatch, Ivanti — do fail, they are repeat offenders, with more than 5 failures every month.
The maniacal pursuit to stuff endpoints with controls, apps, and agents creates new breeds of risk. Spending more on security tools does not make us safer; it increases exposure.
So, IT complexity expands attack surface. Risks are hidden. And the garrison meant to keep us safe are tumbling into one another and shattering at every moment.
Unless we PERSIST them, apps, and agents die. With failures as predictable as a clock.
Risk is not a bug…it’s a feature of IT complexity.
To be RESILIENT, we must first admit much of the trouble is self-inflicted. Endpoints have become a knife fight in a phone booth filled with agents duking it out for survival. When they collide the friction causes failure, so, we must regenerate them, bring them back to life. This is persistence.
And when the time comes to demonstrate, prove, and validate our security posture, we can be audit-ready, and close the complexity gap, with ceaseless visibility and control.
Remember to like, subscribe, and share (oh, and comments below are always a good way to keep the conversation going).
I’ll see you next time!
 

Managing and Securing the Digital Classroom

The use of technology in classrooms has revolutionized the learning environment for both teachers and students. It democratizes education by allowing a greater number of resources to be available to a wider range of students. Textbooks are being replaced by digital devices and virtual classrooms, expanding the idea of the ‘classroom’ and enabling teachers to shift the education model to help students develop the skills needed for the digital future.
While there has never been a doubt that technology is beneficial to learning, there was less certainty about how to manage and secure the devices used by students. Heightening the situation, school districts usually operate with lean IT teams and limited budgets, leaving two big challenges to be solved:
1) how can schools rationalize and maximize technology budgets; and,
2) how can they ensure their technology is safe for students, educators, and staff?
Growing Budget and Keeping It
Finding the funds for technology in an already overburdened budget isn’t easy. Most school administrators know the key to securing funding is found in the results or strong learning outcomes. If students learn more, faster and with greater efficiency, digital classrooms are a no-brainer. The hurdle, however, is translating exactly how technology supports improved student learning and then communicating that fact with credibility.
In education, as is the case in every other industry today, data is required to make a strong business case for increased resources. Detailed student technology analytics is a key component to understanding device use and correlating that use to improved academic performance. Data provides you with the foundation for solid decision-making as well as a way to justify ROI and secure further budget. School boards and other stakeholders want to invest in technology for learning, but schools must prove that they are good stewards of that investment in order for it to continue.
Protecting At-Risk Devices and Data
With new technology comes added risk, including major data privacy concerns. Cybersecurity is now the number one priority for K-12 IT teams according to the latest K-12 leadership survey by COSN. In fact, there have been 479 cybersecurity incidents during the last two to three years, and schools with known one-to-one programs are often targeted by thieves. Kids themselves are also increasingly the victims of theft as they walk to and from school, or even within the school grounds.
In addition, students regularly lose or misplace devices which can lead to exposed sensitive information and/or unauthorized access to the school network. The theft or loss of a device has many repercussions. A stolen student device, school-owned or BYOD, greatly impact that student’s learning ability, as device replacement through insurance can take up to eight weeks.
Within K-12 specifically, the need to ensure that the content accessed by students is also sanctioned. If not adequately protected, the information contained on or accessed through these devices could pose threats that lead to data breaches and fines by the ICO.
Safe, Smart, Secure Schools
In order to sustain digital classrooms, technology must be managed and secured regardless of form, factor or operating system. In our highly mobile environment with devices continuously on-the-move and off the school network, persistent visibility and control is no longer a nice-to-have. It’s a must.
Read: Better Device Security in 3 Steps for Education
With one single solution, IT should be able to determine the status of each device, manage typical IT maintenance requirements, and take immediate security actions when required. This streamlined, automated management option not only provides important security but also improved operational efficiencies that can cut down on hundreds of IT hours.
It may seem like a steep curve, but it is possible to support the shift to digital learning while also helping to protect school districts’ investment in technologies. Absolute’s Persistence technology is embedded in the core of devices at the factory, providing a reliable two-way connection so that education organizations can confidently manage mobility, investigate potential threats, and maintain the safety of students who use these devices. Student Technology Analytics allows schools to prove the positive impact of technology to secure continued investment and ensure no student gets left behind.
It’s an exciting time to be an educator. Learn more about how Absolute is uniquely positioned to help manage and secure your Edtech investment in the IDC commissioned report, Student Technology Analytics: How K-12 Leaders Make the Case for Better Technology in the Classroom.

3 High-Maintenance Endpoint Agents

Without the proper intelligence and control, high-maintenance endpoint security agents fail us more often than we know.
Not all endpoint agents are created equal. With some, you can take a set-it-and-forget-it approach. With others, like endpoint security, you need a more thoughtful maintenance strategy to ensure your devices are protected and not creating data security risks for your organization.
Recent research has demonstrated that fundamental endpoint security tools — encryption, client management tools, antivirus, antimalware, and so on — are more high-maintenance than they appear. Without the proper controls and maintenance in place, these agents degrade over time — and fail us often.
High-Maintenance Endpoint Agents

42% of a device population has encryption failure at any point given time.
20% of devices require at least one client/patch management repair monthly.
28% of devices have missing or outdated AV/AM tools.

Source: 2019 Endpoint Security Trends Report
Endpoint security agents require continuous monitoring
Absolute’s 2019 Endpoint Security Trends Report documents how three of our most conventional and widely-trusted security tools — encryption, client management tools (CMT), and anti-virus/anti-malware (AV/AM) are also the most high-maintenance agents on the endpoint. The research studied more than six million devices over a one-year period and examined one billion change events to see how security solutions performed.
Here’s what we discovered:
1. Encryption gives us a false sense of security
Encryption is often considered to be the most important security solution on the endpoint. We put so much trust in it to protect intellectual property, protected health information, and other sensitive data stored on the endpoint.
Absolute’s study found that encryption tools are regularly broken, disabled, misconfigured, or missing entirely from the endpoint. At any given point in time, over 42 percent of endpoints had an encryption failure and 100 percent of devices experienced encryption failure within one year.
Encryption recovery times are equally as concerning — the average window of vulnerability for unencrypted devices was 12 days, but 30 percent of devices remained unencrypted for more than two months.
The bottom line is that while encryption is important and necessary, it is also a high-maintenance agent that requires persistent controls and continuous monitoring to ensure it is operating effectively at all times. It only takes one failure on the wrong endpoint at the wrong time to cause a data breach.
2. Client and patch management tools are as vulnerable as the clients and agents they patch
The 20 most common client applications published over 5,000 vulnerabilities in 2018. If a device had just half of these applications, it would experience up to 55 vulnerabilities. Thankfully client and patch management tools exist to ensure vulnerabilities are addressed as they arise, right? Wrong. Like encryption, client management and patching tools such as Tanium, Ivanti, SCCM, and AirWatch also break reliably and predictably.
In fact, almost 20 percent of endpoints required at least one client/patch management repair monthly. Of those patching agents requiring repair, 75 percent reported at least two repair events and fifty percent reported three or more repair events.
Client patch management agents are even more high-maintenance than encryption, failing at double the rate encryption agents do.
3. Anti-virus/anti-malware are complex and leave almost one third of devices unprotected at any time
Anti-virus/anti-malware is a must-have security solution on any endpoint. Absolute’s research revealed that, at any point in time, 21 percent of AV/AM tools are outdated and 7 percent are missing altogether. In other words, 28 percent of all endpoints are unprotected on any given day.
The research also found that, on average, there is 1.2 AV/AM agents present on any device. This increases the risk of these agents colliding with or overriding one another. These unsafe interactions among components create dangerous blind spots which make endpoint infrastructures increasingly vulnerable over time.
Enhanced endpoint intelligence leads to more resilient devices
The high-maintenance nature of our most important endpoint security agents is concerning, especially since in the last 12 months, two-thirds of companies have been compromised by attacks that originated on their endpoints.
If basic visibility, control, and resilience measures are not in place, investment in encryption, CMT, AV/AM, or any other security solution is a waste of time and money. Absolute estimated that as much as 40% of all endpoint security spend is squandered on agents that fail often.
Organizations must address the root of this failure by ensuring that existing security controls remain in place and functioning correctly at all times. That’s where Absolute can help. Absolute’s technology is embedded in the firmware of more than 70 percent of the world’s endpoint devices. Because it’s the only embedded security solution, it is the only cloud-based platform that maintains a constant, persistent connection to devices, regardless of user behavior or device performance.
This always-on connection ensures high-maintenance endpoint agents always performing as they should.
Interested in taking a deeper dive into the current state of endpoint security? Read the full report: 2019 Endpoint Security Trends Report.
 

Loading

Categories