Category: Data Visibility & Protection

The Need for Endpoint Resilience in the Public Sector has Never Been Higher

Regardless of an organization’s industry, size or geography, the challenges behind getting work done today look remarkably similar. COVID-19 has forced a massive, global remote workforce and all businesses are being asked to operate in a new way, despite their level of preparedness to do so. Regardless of sector – private or public, IT teams are now wading through the same challenges – securely standing up a remote workforce; ensuring those employees have access to the apps, data and intelligence they need to be productive; monitoring, managing and measuring the health and resilience of those endpoints.
This is true for federal agencies too, with droves of employees now working from home on networks that may or may not be secure. Reports say more than 53,000 Social Security Administration workers are now home-based and have access to very sensitive data. An association representing the works say productivity has gone up during this time and the agency has been able to lower the backlog of cases, indicating more work from home could be in their future.
Melissa Palmer, Vice President, Federal Sales
But many government agency employees do not work from home including Defense, Homeland Security, the State Department, the US Postal Service and others. This means Federal IT and security teams are grappling with new and distinct challenges of a hybrid workforce. To help government agencies maintain persistent visibility and control over their endpoints and protect sensitive data, Absolute is pleased to welcome Melissa Palmer to the team as Vice President of Federal Sales.
An award-winning IT professional based inside the Beltway, Melissa has deep expertise in the technologies that drive secure government work. She has spent more than 15 years solving problems and creating opportunities within the public sector for infosec brands including VMware, McAfee, Looking Glass and Red Hat. To find out more about the unique challenges IT faces inside the public sector, we sat down with Melissa for a quick conversation.
Q: How are public sector IT teams managing the current landscape?
A: Very few people inside the federal government work from home traditionally – most are used to working in a government facility and sometimes even a classified environment. The pandemic has forced most people into a remote work situation and, as in every other industry, everyone hopes their endpoint security is working. But it is not uncommon for federal agencies to have classified data security issues; this is nothing new. There are air-gapped networks established to prevent classified data from landing somewhere it shouldn’t. The trouble with today is everything is magnified; there are more devices on the move, not to mention applications to manage and secure in new ways.
Q: Outside of COVID-19, what’s the biggest challenge federal agencies face when it comes to securing endpoints?
A: There are many, but one example top of mind is traveling employees and forward deployed troops. Ultimately, these people have to get the work done, especially if they are in the hot zone. If that work includes their laptop and the security agent isn’t working in the moment, they turn the tools off. Or worse they de-install the control agent. Security just isn’t important enough at that time, its all about completing their mission.  Once the moment is over though, the goal would be to get that agent back up and running. But that rarely, if ever happens. Even when the deployment is over and the machine is back “in Garrison”, they rarely get reimaged. IT has little visibility into what’s happening with that laptop; there’s no remote way to ensure the security agents are working or address the problem. Security agents that are broken or have been turned off inadvertently leaves everyone open to malicious threat actors.
Q: Failing, broken security agents are a problem for the public sector then, too?
A: Absolutely. Everyone knows data protection is critically important and as a result, government agencies have layered on many security tools hoping to solve the security problem. But those agents collide with each other. They fail. They degrade over time. They also cost quite a bit. The solution to the security problem set doesn’t have to be more. Instead, why not make their existing tools more resilient? New Absolute research shows sensitive data on enterprise devices has risen 43 percent since the COVID outbreak began. Think about the volume of sensitive data sitting on federal workers’ machines right now and the risks we all face as a result.
Always on, always working security means you’re maximizing 100 percent of what gets the job done for you rather than a lesser percentage of more tools than you know what to do with. Removing some of what doesn’t work for you also means reduced spend and a boost in an individual machine’s efficiency. And Absolute is already embedded in the firmware of Dell, HP, Lenovo and 22 other leading manufacturers.  In this way, federal workers and our military deployed troops have more time to perform their critical duties rather than worry about the performance and or security of their devices. It’s time to enable them with undeletable defense.
What are your federal IT teams doing to protect endpoint devices in the new work from home landscape? Have you started planning your workers return to the office and what that will look like? How can you gain improved visibility into the health of your endpoints, better secure your data, and make your device fleet more resilient? If you’re in federal IT, consider reaching out or drop Melissa a line. We’d love to hear how you’re managing today and what you’re plans are for the future. mpalmer@absolute.com
If you’d like to learn more about the impact of COVID-19 on remote work, visit our new Resource Center.

3 Actions Education Administrators Can Take Now to Save Time Managing Online Learning Programs

More than 1 billion students around the globe have been impacted by COVID-19. Forced to now learn from home, students of all ages need access to bandwidth, learning devices, applications and more to continue their education in today’s new remote learning environment. This places significant pressure on educators, administrators and specifically, IT leaders to ensure both students and educators have the tools they need.
Some schools had an early start on the online learning front before the pandemic with one-to-one computing programs or device take home programs already in place. While they may have had a slight advantage when learn-from-home was first instituted, every school now faces the same uphill climb. How can you ensure students and teachers have the right tools they need to maximize their learning? What should users do when something breaks? (They can’t after all walk it down to your office for repairs or updates and field IT teams can’t visit classrooms.) And, how can IT teams be sure everyone is using the provided tools for maximum ROI and productivity?
Also Read: Six Things to Do Now to Prepare for Remote Learning
3 Time-Saving Actions
Because there are never enough hours in the day for the small IT teams that serve school districts, time-saving measures for managing your online learning program efficiently are key. We’ve compiled three actions you can take today that will provide great benefits in the months to come.

Activate web usage and device usage analytics. According to recent education insights from Absolute, approximately 40% of the time spent online by students is dedicated to learning including learning management systems and other educational tools. Absolute customers rely on Web Usage so that school leadership and curriculum designers can measure how engaged students are with online curriculum. The reporting provides detailed insight that allows you to drive better learning outcomes by identifying valuable or underused learning resources and direct students toward them. The tool also shows you habits and websites that aren’t student appropriate so you can protect the safety of your students online. You can also compare classes, schools and districts to help you build a budgetary plan for the future.

 

Adopt Absolute’s device collection guide. COVID-19 forced a new normal on schools and now, many are still deciding what to do when the end of the school year comes. Some are allowing students to keep their devices over the summer, or even until the student graduates. Others are requesting they be returned to the school before summer break. Regardless, schools are making the decision most appropriate for their district. Absolute has a step-by-step guide with best practices based on years of working with K12 districts on collecting devices at the end of the school year. It includes how to plan, execute, collect, control and monitor your student devices throughout their lifecycle so you can reclaim student devices with ease.

 

Use Reach scripts for remote IT and helpdesk needs. Not only are devices remote, but so is the IT team responsible for managing these devices. With remote learning, IT teams need to continue to address device IT issues and ensure they are protected against cyber threats. Absolute Reach is a remote scripting solution for Windows and Mac devices that allows you to scan, secure, and enforce updates and configurations even when the device is off your network. Using 120+ prebuilt, automated workflows, you can manage remote devices at scale and resolve issues from the more traditional helpdesk tickets. There’s also a device collection notice script that can be used to notify end users of the key collection information so they can return their device.

To support Absolute education customers through these challenging times, we’ve enabled all customers to access crucial Absolute features at no added cost through August 31, 2020:

Web Usage for insights on student online learning Absolute Reach, our remote scripting solution
Application Persistence for 3 of the most widely-used VPNs apps

Visit our Remote Work & Distance Learning Resource Center for more details.
If you would like more tips on how to save time managing your online learning, listen in to our webinar, 3 Immediate Actions to Save Time While Managing Online Learning.

COVID-19 Marks Start of Forever-Changed Work and School

Welcome to the new normal. Remote work and distance learning have officially arrived but with it comes some of the more alarming trends we’ve seen since the COVID crisis began. Device usage is up across enterprise and education, but critical security measures are increasingly inactive, missing, or out-of-date. This according to new Absolute Remote Work and Distance Learning Insights Center.
Within a few weeks of the World Health Organization officially declaring COVID-19 a global pandemic on March 11th, an estimated 16 million US employees – or nearly one-quarter of the workforce – were sent home and instructed to work remotely while governments around the world implemented widespread school closures impacting over 90 percent of the world’s student population.
Within this new normal of remote work and distance learning, device usage across the enterprise and within education is up significantly compared to pre-COVID according to Absolute’s new Remote Work and Distance Learning Insights Center. By 49 percent within the enterprise and 62 percent in education. Along with the usage uptick, endpoint security gaps across both sectors are also on the rise, putting sensitive data at greater risk, including:
Employee and student device usage continues to rise post-COVID.
The data shows a nearly 50 percent increase in the amount of heavy device usage – 8+ hours per day – seen across enterprise organizations, jumping to an increase of 62 percent seen in heavy education device usage. The average number of hours education endpoint devices are being used daily is also up 27 percent.
Device health sees slight improvement, but patch management continues to plague both enterprise and education IT teams.
The average enterprise endpoint device running Windows 10 continues to be nearly 3 months behind in applying the latest patch, with that delay spiking to more than 180 days since a patch has been applied to the average student Windows 10 device.
Enterprise organizations are at heightened risk of a breach or compliance violation.
One in four enterprise endpoint devices, on average, has a critical security application (Anti-Malware, Encryption, VPN, or Client Management) that is missing, inactive, or out-of-date.
Sensitive data is piling up on enterprise devices.
The data shows a 46 percent increase in the number of pieces of sensitive data – such as Personally Identifiable Information (PII) or Protected Health Information (PHI) – found to be stored on enterprise endpoints, compared to pre-COVID.
The newly released Remote Work and Distance Learning Insights Center enables enterprises and educational institutions to manage, measure and benchmark the health and security of their remote device programs, pre and post-COVID 19. It represents anonymized data from more than half of Absolute’s nearly 8.5 million activations and will be updated weekly.
Only Absolute can provide total visibility and, with self-healing capabilities, control over your entire device fleet. To learn more about how Absolute customers can more effectively secure and manage both remote work and distance learning environments through a single source of truth, visit our Coronavirus Response Resource Center.

Coronavirus: Keeping Your Company Safe From Cyber Attacks

This article originally appeared in CityAM.
The widespread destruction caused by the Covid-19 outbreak remains difficult to comprehend, with lives lost, businesses destroyed, and communities forced into isolation. Statistics show that even after this terrible disease has been beaten, the economic and social impact will be deep and long lasting, with surging unemployment and shattered dreams brought on by the necessary lockdown measures, preventing many businesses from trading.
We have already seen thousands of promising British start-ups and successful SMEs close their doors for good, and many more employees have been laid off, or placed on the government’s new furlough leave scheme.
Millions of employees working for businesses which have been fortunate enough to continue operations will now be entering the second month of their company’s brand new remote working model. Many are still adjusting to the world of video conferencing calls and cloud-enabled software, in an effort to continue business as usual.
Even those who have made a transition from office-to-home can attest that it hasn’t been easy: training staff on brand new technology via web conferencing service and operating on infrastructure not built for home working are not straightforward tasks.
One key concern which has fallen under the radar during the rush to remote working has been the increased security risk posed to businesses as a result of working from home. Right now, hundreds of companies, government departments and NHS Trusts are ordering in new laptops and tablet computers to enable staff to operate as usual. In many cases this will mean the quick installation of workplace software and apps, with employees often using personal home devices with outdated software – all of which can pose significant security risks.
Unfortunately, opportunistic cyber criminals never miss a trick and are already targeting unsuspecting workers with a variety of phishing and malware attacks. Recent polling of 200 UK decision-makers showed that nearly three quarters of companies believe that the shift to 100% remote working during the COVID-19 crisis has increased the likelihood of a cyber breach. What’s more, 46% had already seen an increase in phishing attacks since implementing a policy of widespread remote working.
Combatting this threat requires a concerted effort across all levels of an organisation. Current predictions suggest that workers could be in lockdown for up to six more months, which is too long for businesses to sit idly by, merely hoping that the wave of cybercrime does not affect them (spoiler alert: it will).
The most important step in securing your company in this new age of online operations, is to enable endpoint security on all devices, both old and new. Devices such as laptops and tablets are access points for opportunistic cyber criminals – and they will stop at nothing to steal, corrupt or hijack extremely sensitive company information. Fortunately for them, although many companies have invested hugely in new devices to facilitate online working, they have failed to implement the accompanying required endpoint security.
If an organisation does find itself facing a breach of information, it’s important they can identify the source and take back control. With Absolute Software’s endpoint security, IT Managers, security executives or indeed any line-manager or operating officer can ensure continued visibility and control of endpoints with a firmware based, persistent digital tether to every device. Absolute ensures that this connection is never interrupted even after a full rebuild of the device. The Absolute platform allows an enterprise to gain an insight into all internet connected devices and their current security compliance against company policy as well as lock, freeze, wipe or automatically remediate a device which has been breached, even if rebuilt with a new operating system; effectively allowing business owners to seize control of their ‘device estate’, which has most likely grown exponentially in the past month.
Similarly, it is extremely important that software, such as Zoom or Microsoft, is patched and updated to the newest version at all time, to protect the company from security vulnerabilities, such as Wormable, Zero Day and others. Unfortunately, with the growing role of home devices in businesses during this difficult time, it can be challenging for IT managers to spot outdated and unsecure applications. Enabling a connected endpoint security control network that includes automated workflows can negate this issue by allowing designated managers to swiftly identify problems and accelerate the remote installations of updates, removal of apps, or system upgrades.
COVID-19 is enough for businesses to worry about without the risk of a severe breach of company, client or even employee data. Therefore, key decision makers must ‘batten down the hatches’ with effective security training and sophisticated endpoint security, ensuring they have a comprehensive network of secure devices to combat the wave of cybercrime slowly impacting what remains of British business.
Learn more about how Absolute is helping all customers keep their remote devices secure on our website.

Automated, Custom Workflows to Manage & Secure a Growing Remote Workforce Now At No Cost

As companies accelerate remote work policies for the health and safety of employees and their families, IT organizations are facing challenges like never before by keeping work PCs safe and secure while ensuring hackers don’t exploit unsuspecting or distracted users. In response, Absolute announced today, the company will provide all customers with free access to its comprehensive library of custom workflows that enable a more seamless, effective way to secure and manage devices.
The most recent example is the remote code execution vulnerability or ‘wormable’ CVE-2020-0796 that carries the potential to propagate itself from vulnerable computer to vulnerable computer. While Microsoft moved swiftly to warn Windows 10 users and deliver a security update, the difficulties of patching remote devices that may not be connected to the corporate network, as well the probability of failed updates, present a significant risk of exposure to cyberattacks.
Recent data validates the risk exposure presented by unpatched devices and gaps in security policies or applications. Early findings from our coming 2020 State of Endpoint Resilience Report show that more than half of Windows 10 enterprise devices with versions 1903 and 1909 — those that are susceptible to CVE-2020-0796  — are more than four weeks behind installing patches. This is hugely concerning in light of another recent study that found 60 percent of all breaches are linked to a vulnerability where a patch was available, but not applied.
New Reporting and Reach Scripts
To help our customers keep up in today’s challenging times, we have created new report and reach scripts that enables IT to mitigate this vulnerability by identifying all potentially affected devices and disabling access to targeted servers until the patch is installed. In addition to the workaround for CVE-2020-0796, Absolute customers have access to more than 130 custom workflows that allow them to easily run queries or reports and then take widespread remedial action such as enforcing patch installations, turning on or repairing VPN applications for a secure connection for remote devices, and more, with just a few clicks. Because of Absolute’s unique firmware-embedded position, these actions can be enforced and executed on any device connected to the internet, even if off the corporate network.
In support of IT teams working to ensure business continuity and enable remote employees to reliably and securely connect to corporate systems amid the global outbreak of the novel coronavirus, we are providing access to our comprehensive library of custom workflows and Reach scripts for Visibility and Control tier customers at no cost through August 31, 2020.
The silver lining in our current chaotic and uncertain environment is how people across the globe are stepping in to support each other. We’ve seen time and again how organizations are lending help wherever possible and that’s certainly our goal at Absolute. IT desks everywhere are faced with mounting challenges managing and securing more and more devices from relentless cyber-attackers.
This crisis may pose a lot of questions for IT and Security teams. We are monitoring millions of activated devices across our 12,000 customers, and we are continuing to explore every possible way we can provide help to our customers and partners during this trying time. If you have critical endpoint related issues you’re battling in your business – we welcome your input and ideas. Send them our way.
For now, stay well and be safe.

Six Things to Do Now to Prepare for Remote Learning

The novel Coronavirus has caused widespread school closures with 138 countries closing schools globally, affecting over 1.3 billion students. With little notice, schools must now provide reliable and accessible online learning while ensuring their security controls stay in place.
Based on years of experience enabling remote education, we’ve put together a few ways you can leverage your existing Absolute tools to keep your students, staff, and devices safe during this period.

Maintain visibility of all devices in your fleet. Manage and control all devices from one console. Track and be alerted when missing devices call in.  Report stolen devices to Absolute’s Investigation team, and we’ll work with law enforcement to recover them.
Monitor device utilization. Absolute’s Device Usage report lets you see when, for how long and how frequently your Chromebook, Windows, and Mac devices are used. You can identify students who are not getting the full benefit from their devices or if devices aren’t being used at all.
Know if students or staff are in high-risk areas. With geofencing alerts you can set custom boundaries and be alerted when devices cross them. When students or staff are at risk, you can check in and advise on precautions.
Maintain your district’s security controls. Absolute’s self-healing capability can be extended to AV, encryption, VPN, or any other application that you depend on — so they’re always installed, up-to-date, and working correctly.
Fix vulnerabilities remotely. With Absolute, your IT team can remotely execute scripts to repair, patch, and remediate devices.
Know where your sensitive data is at all times. As teachers, support staff, and administrators work remotely, they might take sensitive data and store it locally. With regular EDD scans, you can maintain compliance with FERPA, HIPAA, and other privacy requirements.

If your district or school has new devices to enroll, you can learn how to set up new policy groups, assign licenses to groups, and activate policies in the console by visiting Absolute’s Learning Hub.
If you need any assistance or support, please contact sdrs@absolute.com

Q&A with Christy Wyatt, CEO of Absolute Software on dealing with COVID-19

In a special interview originally published in The Commentator, Absolute Software’s global CEO Christy Wyatt offers her insights and expertise into the security issues facing businesses amidst the COVID-19 crisis and offers guidance around how companies can continue to operate despite the disruption
With COVID-19 causing havoc for businesses and putting thousands of people at risk, The Commentator interviewed Christy Wyatt, CEO of Absolute Software about how tackle the crisis and the security procedures that can keep companies safe from hackers.
Christy, please can you tell us what lessons are you learning amid the outbreak of the Coronavirus?
While we have been having conversations with customers for a long time about the resiliency of their security controls, the reality is that many users are taking their devices home and working remote – which brings this discussion to a whole new level. We see companies having trial “work from home days”….asking users to stress test their remote working infrastructure and seeing how systems perform with dramatically greater capacity….at a time where every other company is doing the exact same thing.
One of the many things we help customers with is the ability to see where their security controls are in place and ready because businesses of all sizes have a heightened awareness of where their employees are.
As the virus moves quickly and the heat map evolves, knowing where your users are and who is close to risk is critical and important. We are seeing customers having business continuity discussions and taking a good look at where they may be most vulnerable. It is not lost on the security industry that as users work from home, and people are distracted with this pandemic that valuable assets could be compromised. IT, Security, HR and Leadership have to respond in unison to ensure employees are protected and Enterprise Resiliency is intact.
Have you had to make shifts and pivots in daily operations?
We have made our primary focus on protecting our customers and enabling them to have better visibility and control during this critical time. As with any company, we have done our work on business planning, remote work, and security. But in addition, we have to anticipate a fundamental change in how organisations operate – including our own. Employees will be remote, travel is less reliable, and that makes you vulnerable.
For some companies, this level of mobility is unprecedented in their workforce. We started immediately looking at what our technology can add to help our customers see where their employees are, ensure that they are protected by keeping their security controls in place where needed, and are able to take remote action on systems if required.
As a result, we are immediately making Application Persistence available for VPN apps at no charge through August. What this means is that if they are relying on VPN to keep their employees connected, we will monitor the VPN application to make sure it remains undeleted and in force.
As a result of our workforce brainstorming the issue in support of our customers, we are also working on reports for customers that map out where their endpoints are in relation to outbreak hotspots. And since our own workforce is also quite distributed, in many cases, this is about modeling what we need to do, and then automating and making it easier for our customers.
Do you fall back on certain technology due to work at home requirements?
For anyone who spends a lot of time on the road….it is back to the basics. It is audio/video conferencing, mobile productivity and collaboration solutions like Outlook or Slack, and of course, security like VPN to keep the workforce securely connected, and/or identify and access management. One of this biggest risks here is that there are large parts of any organisation that rarely work remote.
So, these controls and applications may not be configured appropriately, or the user may need rapid training on how to use them. I would expect IT Helpdesks is going to be incredibly ‘stress tested’ until there is automation introduced, like Resilience. Another great concern is going to be security itself…..because with devices being more remote, the probability of those controls going offline or devices becoming compromised could increase.
I also expect hear that in the coming weeks how bad actors are opportunistically taking advantage of the situation. Think of it as “Cyber Looting.” Enterprises need to remain vigilant that this global pandemic does not also lead to a global breach pandemic.
How is this situation changing things for you and how you are planning for other possible pandemics in the future?
One thing is for certain, and that is that every company diving into business continuity and looking at Enterprise Resilience and will emerge more prepared going forward. Let’s hope there is not another repeat performance where we get to benchmark this.

The Importance of Endpoint Resilience at RSA Conference 2020

Will you be one of the 45,000 people who are expected to attend RSA Conference 2020 in San Francisco next week? Like the topic of cybersecurity in general, the industry’s largest conference continues to increase in relevance as hackers evolve their tactics and organizations invest more in numerous security approaches to stop them.
Around the world, Absolute has been busy preparing for the big event – from executive leadership to customer success, product management to engineering, our entire team has a very full RSA schedule. This is partly because our message of endpoint resilience is now more critical than ever before.
To thwart attackers, organizations continue to layer on security controls. Despite astronomical investments being made however, research shows 100 percent of endpoint controls eventually fail and more than one in three endpoints are unprotected at any given time. Organizations need complete visibility and real-time insights in order to pinpoint unprotected or ‘dark endpoints,’ identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. This is endpoint resilience and it will be front and center at RSA Conference.
Absolute Monitoring Internet Activity in the SOC
One of the places you’ll find Absolute at RSA is in the Security Operations Center (SOC). Using our endpoint resilience solution, our team will be onsite protecting RSA attendees by monitoring internet activity in real-time at the Moscone Center. Be sure to stop by, say hi, and see how it works.
CEO, Christy Wyatt Speaks About 5G
Huawei’s potential domination of 5G markets brings with it significant economic and national security risks. Concerns of unfair trade practices and compromise of 5G networks by China are intertwined and these two problems need to be treated independently: deter unfair trade practices, but also devise smart industrial policies to encourage 5G and national security review of foreign 5G equipment. Our CEO Christy Wyatt will moderate a panel of experts as they discuss #5G and the need for a new approach to looking at securing the critical capabilities that impact us as a nation on Feb. 25. Register for the event here.
The Resilience Happy Hour
Mark your calendars for our Absolute Resilience Happy Hour February 25 from 5:30 – 7:30 PM at Hotel Zetta. Come rest those conference weary feet over a drink and some appetizers with our team. RSVP today.
Find a Green Umbrella!
From London to Austin, Vancouver to San Francisco, Absolute endpoint resilience has you covered with the visibility and control you need over your endpoints. Meet us at RSA by finding one of our green umbrellas and find out how we are dedicated to providing the best endpoit resilience platform around the world.
From all of us at Absolute, safe travels to SFO. We look forward to seeing you!

Can AI and ML Bridge the Cybersecurity Skills Gap?

It is estimated there will be more than 3.5 million vacant cybersecurity jobs by 2021. As companies face an ever expanding threat landscape and pressure to be able to detect and mitigate threats faster, bridging this skill gap is critical.
Without humans to fill the void, organizations have been turning to the potential of using artificial intelligence (AI) or, more aptly, machine learning (ML) to scale out the capabilities of their existing, limited teams.
It’s not that we don’t have plenty of people working hard on solving cybersecurity problems, but that they need leverage and magnification, and machines offer that potential.
Machines deliver on speed and scale 
Machine learning has the ability to conduct the data analytics that humans find challenging or time-consuming when dealing with massive volumes of data. When properly trained, it is able to find patterns and identify the signals that matter when it comes to threat detection and recognizing anomalies. Machines can do this faster than humans, and in a world where cybercriminals also use AI and ML, speed and scale are everything.
If we take the behaviors of cybersecurity professionals and the data they’ve acted upon in the past, and train a machine using machine learning to identify those patterns and behaviors, and put them together, we can build something very powerful. This doesn’t even require full-fledged AI;  it merely requires machine learning and in fact, in most cases it probably just requires a little bit of statistics. But by doing that, we get to magnify the capabilities of that core set of people we do have, to help fill that skills gap.
We humans don’t know which signals matter until we are able to detect patterns by analyzing large volumes of data. This takes time. Machines can achieve this far faster, giving cyber security teams the advantage of speed. With Absolute, we have collected more than a petabyte of data. With such a massive volume of data, we have the wherewithal to sift through that and look for the signals. Most of this will come from software and hardware inventories, the signals about load on the system, behavior of users, finding what’s a pattern and what’s an outlier.
Using Absolute to tighten endpoint security
Organizations use Absolute as part of their endpoint security posture. Absolute Persistence is installed in the BIOS at the manufacturer and cannot be uninstalled by a user even if they uninstall the operating system. Absolute Resilience provides complete visibility into the endpoint, giving organizations details on device usage, location, which apps are installed, and the ability to freeze and wipe data if a device is compromised or lost.
A big struggle for a lot of organizations is that they’ve bought various solutions, they lay it on and have a dozen different agents installed on the endpoint. But each of these controls get deconfigured and deinstalled, and often you don’t know what you don’t know. Having a single source of truth with the persistence that it will always be able to draw the data from the endpoint no matter what the user does, that is what Absolute does to give organizations to determine what value they are getting from these tools and to improve their security posture.
Learn how Absolute Resilience can secure your endpoints and help you bridge the cybersecurity skills gap.
 
 
 

Strengthening Device Management and Endpoint Security Just Got Easier with Absolute Power of Resilience

With the increasing number and types of endpoint devices worldwide, establishing a tight knit security strategy to protect them, your users, and your data is now more critical than ever. A major cause for heartburn among IT and Security Operations teams is the consistent security and non-compliance failures occurring at the application layer.
This week, we announced that the power of Absolute’s Resilience solution and patented Absolute® Persistence™ technology now extends to more than 30 critical security applications – including, most recently, VMware® Carbon Black and Workspace OneTM as well as Crowdstrike® Falcon.
Failures at the Application Level
Organizations have long invested in Device Management, Encryption, VPN, Data Protection and other Endpoint Security tools to manage and secure devices within their fleet, protect sensitive data and maintain user productivity. The Absolute 2019 Endpoint Security Trends Report shows there are an average of 10 security agents deployed on each device at any particular point in time. A majority of these agents are easily tampered with or disabled negligently, causing multiple failures. On average, 13 percent of endpoints require at least one repair event of their AV tool every 30 days. Statistics are even more concerning for Encryption tools; 42 percent of endpoints have encryption failures at any given point in time.
Apart from inadvertent user behavior, application health is also affected by devices being reimaged, corrupted registry files, potential malware intrusions as well as the different agents essentially colliding with each other and reducing effectiveness. A majority of security events – 70 percent to be precise – originate at the endpoint.
Now more than ever, it is critical to ensure that the agents organizations invest in to maintain endpoint compliance and protect their environments remain healthy at all times.
Persisting at the Firmware Level
Most security tools in the market today operate at the operating system layer and so can be tampered with or disabled. The only way to truly secure your applications is to go to the firmware of a device to maintain connectivity and visibility across multiple security data points. Absolute Application Persistence is embedded in the firmware of close to 1 billion devices and actively monitors and remediates the health of the most-used security applications in the market today. This digital tether in the firmware ensures that Absolute’s OS agent and the agents of other security tools remain healthy and tamper proof to maintain compliance of the device and fleet overall.
AI based Endpoint Detection and Response (EDR) tools such as Carbon Black and Crowdstrike detect malware, identify unusual activity occurring on the device, and provide remediation guidance. Unified Endpoint Management (UEM) tools such as Workspace One manage devices as well as enhance end user experience through the deploying of applications, email, Wi-Fi, security settings and the provisioning of corporate resources as required.
Through automation, Application Persistence now ensures the policies and settings set through the three applications remain active to protect the device fleet from the ever-increasing list of external threats.
For more information about Absolute’s patented Persistence technology, see a complete list of the vendors and applications that make up the Absolute Resilience ecosystem. To see how Absolute’s firmware-embedded, self-healing technology ensures Greenville Health has continuous visibility and automated remediation for applications across 14,000 devices, download the case study.

Loading

Categories