Category: Endpoint Security

5 Tips for Managing a Remote IT Team

Connecting, collaborating, and getting work done isn’t as hard as you think
Around the world offices have emptied and people are working from home—some of them for the first time. Getting the hang of working remotely is one thing, but managing a team is something altogether different. The good thing is if you hired good people, they will step up. All you need to do is keep everyone on the same path. And for that, here are some tips to make managing a remote team easier.
I first started remote working twenty years ago (we called it “telecommuting” back then) and since then about half my jobs have been partially, or completely, remote. I’ve been a team member, a manager, and part of the leadership team. Across all those roles, there are some basic things anyone can do to make managing remote teams easier.
Everything in this post is time-tested and works. And if you think this is going to be a list of “use this app or that app”, you’re wrong. These best tips have nothing to do with which apps to use and everything to do with how you connect people and get things done.
Earlier this year Vancouver was hit with a sizable dump of snow—sizable for us, laughable for people in Eastern Canada—that shut down the city for a few days. My team got an unexpected dose of remote work, and it didn’t go well. The biggest reason is I didn’t follow any of the tips below. Now that we’re all sheltering in place and working from home, I’ve been following all the tips and my team hasn’t just been productive—we’ve had some significant wins.
Here’s how you can lead a successful team remotely—and otherwise.
1. Morning Sync
Take a page from Agile development and do a quick sync with your team every day—preferably first thing in the morning. You don’t have to be too formal about it, just three simple questions for each person:

What did you get done yesterday
What are you going to do today
Do you need help or have blockers from keeping you from getting work done

That’s it. Maybe fifteen minutes to half an hour you’re done and people should feel in sync. If you’re going over 30 minutes, you need to have a separate meeting for whatever the topic is and move on. Repeating what got done the previous day is important, it lets you know how productive people are and identify blockers. If someone says they will work on x, y, and z today, but nothing more than x ever gets done. You have a red flag to check in with that person to see what’s going on.
When I’ve done morning stand ups in person, they helped people feel connected to each other and gave me a chance to make sure everyone is working the right things at the right time.
As an IT manager leading a remote team the best things you can do are:

unblock people
help them prioritize work

Sometimes you’re going to need to help a shared resource—say your single web developer or graphic designer—figure out who to help first, but that’s all in a day’s work for you. Morning standup syncs are the first and easiest way to help your team.
2. Over communicate
However your company or team does it—Slack, Teams, Skype chat—stay in touch all day. Have a group chat with the whole team, chats for project teams, and one on one chats with individual team members. Check in, say hi, ask what’s for lunch, make sure people are taking breaks, be there for your team just like you would in the office.
Don’t forget to have a chat for the fun, silly, water cooler conversations you would have in person. Right now, these connections to each other are essential. A lot of people aren’t able to be with friends or family. It’s hard. Let people chat and connect with each other. You could even have Friday afternoon happy hour to relax at the end of the week. Stay connected as people, friends, and colleagues to help everyone adjust to not being in the office.
The key to keeping your remote team together is helping them feel they are still part of a team and work needs to get done. Do that, and the rest is easy.
3. The 3 minute rule
Chat is great—perfect for staying in touch, sharing files, and giving updates—but sometimes you need to talk it out. When do you need to talk it out? My rule is if it takes more than three minutes to type it out, talk it out. Stop and have a voice or video call to talk in real time.
I was trying to finish off a website today. Getting those little details like “make this bigger, tighten that space, move this over” and after about 10 minutes of trying to type it all out we switched to a voice call and I shared my screen. We hashed things out in a few minutes and made real progress that wasn’t happening through chat alone.
I’ve followed this rule every day for the past few weeks—and so has my team. My web dev guy calls about a CSS or server issue. My writers work through ideas and edits. My boss and I sync on everything from admin tasks to priorities. We might use chat 90% of the time, but it’s the final 10% that makes a difference.
When in doubt pick up the phone and call.
4. Keep it organized
Whatever project management tool you were using before, double down on it. If you had a big whiteboard managing projects in the office, now is the time to try any of the hundreds of online tools available and make the switch. You need people to get organized and always know what’s the next thing they need to do.
A few weeks ago when the executive team called all senior managers in the day before we shut down the office, their biggest concern was “how will we know work is getting done”. My team had already been using a project management tool for a few months and I cranked how we were using it to 11.
I made a composite project of all the projects we were working on. Then I had everyone create tasks for all things they did during the day—even some of the little tasks like “email white paper draft to design”—and the company leadership team could see how things were going and adjust priorities if needed.

Tools make all the difference, learn how Absolute improves helpdesk efficiency with proactive solutions that decrease tickets and mitigate risk. Learn more

For the first week working remotely, I had morning and afternoon syncs to make sure everything was on track. I became hyper organized—truth be told we had a lot of projects on the go too—and this helped everyone know what they needed to do and what other people were doing. This extra effort primed us for the success we’ve had in the past two weeks.
After the first week, we didn’t need twice daily syncs. I didn’t need my über project to show everything we did. The leadership team saw work was getting done and they could cross that worry off their list. A couple weeks in, project management has returned to “normal”. We’re not documenting everything, but we’re keeping on track with the right tools for us.
5. Make time for yourself
You can’t manage your team if you don’t have your work in order. Stay in sync with the people you report to. Follow all the tips above yourself and stay in touch with the rest of the leaders in your company. Maybe you don’t need morning syncs, but maybe it’s not a bad idea either.
If you’re new to managing a remote team, you are going to worry people are playing games or watching TV all day. It’s natural. However, if you have a good team, most of them know what they need to do and want to get the work done. When you have your morning check in you’ll see people are working on the projects they had. People are still working together and making sure the business stays running.
You might find, as many of us have recently, you’re getting more done. Which isn’t a bad thing either.
BONUS TIP – Make sure everyone is working securely
This is a good time to make sure everyone on your team has their VPN set up for secure connections to internal servers. It’s also a good time to watch out for scams—I’ve seen an uptick in spam and phishing attempts lately—because the bad guys seem to be bored and figure people aren’t being as careful as they should be. A lot of people may be using personal machines for work, those people need to be reminded about antivirus and malware scanning. The last thing you need right now is ransomware getting injected into your network when you aren’t there to physically pull the plug on servers.
You might like our Cybersecurity 101 post for some tips and how you can up your company’s cybersecurity game.
A crucial part of keeping everyone secure is having solid endpoint security. Learn about new threats on the landscape and how to mitigate them in our latest research: 2019 The State of Endpoint Security Trends.
Remote work could be the new normal for a while
Let’s accept remote work might become the new normal for a while. Some companies find things are better with a distributed team and have more people work at home at least some of the time. We all might find we’re managing teams in a whole new way with some people in the office, some at home, some doing a mix of both. Shelter-in-place aside, which could go on into the summer, there are hundreds of successful companies with entirely remote workforces and for the rest of us to get a taste of it, can’t be a bad thing.

Automated, Custom Workflows to Manage & Secure a Growing Remote Workforce Now At No Cost

As companies accelerate remote work policies for the health and safety of employees and their families, IT organizations are facing challenges like never before by keeping work PCs safe and secure while ensuring hackers don’t exploit unsuspecting or distracted users. In response, Absolute announced today, the company will provide all customers with free access to its comprehensive library of custom workflows that enable a more seamless, effective way to secure and manage devices.
The most recent example is the remote code execution vulnerability or ‘wormable’ CVE-2020-0796 that carries the potential to propagate itself from vulnerable computer to vulnerable computer. While Microsoft moved swiftly to warn Windows 10 users and deliver a security update, the difficulties of patching remote devices that may not be connected to the corporate network, as well the probability of failed updates, present a significant risk of exposure to cyberattacks.
Recent data validates the risk exposure presented by unpatched devices and gaps in security policies or applications. Early findings from our coming 2020 State of Endpoint Resilience Report show that more than half of Windows 10 enterprise devices with versions 1903 and 1909 — those that are susceptible to CVE-2020-0796  — are more than four weeks behind installing patches. This is hugely concerning in light of another recent study that found 60 percent of all breaches are linked to a vulnerability where a patch was available, but not applied.
New Reporting and Reach Scripts
To help our customers keep up in today’s challenging times, we have created new report and reach scripts that enables IT to mitigate this vulnerability by identifying all potentially affected devices and disabling access to targeted servers until the patch is installed. In addition to the workaround for CVE-2020-0796, Absolute customers have access to more than 130 custom workflows that allow them to easily run queries or reports and then take widespread remedial action such as enforcing patch installations, turning on or repairing VPN applications for a secure connection for remote devices, and more, with just a few clicks. Because of Absolute’s unique firmware-embedded position, these actions can be enforced and executed on any device connected to the internet, even if off the corporate network.
In support of IT teams working to ensure business continuity and enable remote employees to reliably and securely connect to corporate systems amid the global outbreak of the novel coronavirus, we are providing access to our comprehensive library of custom workflows and Reach scripts for Visibility and Control tier customers at no cost through August 31, 2020.
The silver lining in our current chaotic and uncertain environment is how people across the globe are stepping in to support each other. We’ve seen time and again how organizations are lending help wherever possible and that’s certainly our goal at Absolute. IT desks everywhere are faced with mounting challenges managing and securing more and more devices from relentless cyber-attackers.
This crisis may pose a lot of questions for IT and Security teams. We are monitoring millions of activated devices across our 12,000 customers, and we are continuing to explore every possible way we can provide help to our customers and partners during this trying time. If you have critical endpoint related issues you’re battling in your business – we welcome your input and ideas. Send them our way.
For now, stay well and be safe.

Q&A with Christy Wyatt, CEO of Absolute Software on dealing with COVID-19

In a special interview originally published in The Commentator, Absolute Software’s global CEO Christy Wyatt offers her insights and expertise into the security issues facing businesses amidst the COVID-19 crisis and offers guidance around how companies can continue to operate despite the disruption
With COVID-19 causing havoc for businesses and putting thousands of people at risk, The Commentator interviewed Christy Wyatt, CEO of Absolute Software about how tackle the crisis and the security procedures that can keep companies safe from hackers.
Christy, please can you tell us what lessons are you learning amid the outbreak of the Coronavirus?
While we have been having conversations with customers for a long time about the resiliency of their security controls, the reality is that many users are taking their devices home and working remote – which brings this discussion to a whole new level. We see companies having trial “work from home days”….asking users to stress test their remote working infrastructure and seeing how systems perform with dramatically greater capacity….at a time where every other company is doing the exact same thing.
One of the many things we help customers with is the ability to see where their security controls are in place and ready because businesses of all sizes have a heightened awareness of where their employees are.
As the virus moves quickly and the heat map evolves, knowing where your users are and who is close to risk is critical and important. We are seeing customers having business continuity discussions and taking a good look at where they may be most vulnerable. It is not lost on the security industry that as users work from home, and people are distracted with this pandemic that valuable assets could be compromised. IT, Security, HR and Leadership have to respond in unison to ensure employees are protected and Enterprise Resiliency is intact.
Have you had to make shifts and pivots in daily operations?
We have made our primary focus on protecting our customers and enabling them to have better visibility and control during this critical time. As with any company, we have done our work on business planning, remote work, and security. But in addition, we have to anticipate a fundamental change in how organisations operate – including our own. Employees will be remote, travel is less reliable, and that makes you vulnerable.
For some companies, this level of mobility is unprecedented in their workforce. We started immediately looking at what our technology can add to help our customers see where their employees are, ensure that they are protected by keeping their security controls in place where needed, and are able to take remote action on systems if required.
As a result, we are immediately making Application Persistence available for VPN apps at no charge through August. What this means is that if they are relying on VPN to keep their employees connected, we will monitor the VPN application to make sure it remains undeleted and in force.
As a result of our workforce brainstorming the issue in support of our customers, we are also working on reports for customers that map out where their endpoints are in relation to outbreak hotspots. And since our own workforce is also quite distributed, in many cases, this is about modeling what we need to do, and then automating and making it easier for our customers.
Do you fall back on certain technology due to work at home requirements?
For anyone who spends a lot of time on the road….it is back to the basics. It is audio/video conferencing, mobile productivity and collaboration solutions like Outlook or Slack, and of course, security like VPN to keep the workforce securely connected, and/or identify and access management. One of this biggest risks here is that there are large parts of any organisation that rarely work remote.
So, these controls and applications may not be configured appropriately, or the user may need rapid training on how to use them. I would expect IT Helpdesks is going to be incredibly ‘stress tested’ until there is automation introduced, like Resilience. Another great concern is going to be security itself…..because with devices being more remote, the probability of those controls going offline or devices becoming compromised could increase.
I also expect hear that in the coming weeks how bad actors are opportunistically taking advantage of the situation. Think of it as “Cyber Looting.” Enterprises need to remain vigilant that this global pandemic does not also lead to a global breach pandemic.
How is this situation changing things for you and how you are planning for other possible pandemics in the future?
One thing is for certain, and that is that every company diving into business continuity and looking at Enterprise Resilience and will emerge more prepared going forward. Let’s hope there is not another repeat performance where we get to benchmark this.

Ensuring a Safe and Secure Remote Workforce Amid Spreading Coronavirus

The global outbreak of COVID-19 has already resulted in travel bans, quarantines, and major conferences being cancelled. Now, authorities at the Center for Disease Control (CDC) have cautioned that mandated “workplace social distancing measures” such as “replacing in-person meetings with teleworking” may become increasingly necessary.
In light of this, organizations of all sizes and all across the globe have been rapidly introducing new policies to ensure the safety and well-being of their workforce, while minimizing the disruption of their business operations or academic activities. More and more employers are encouraging employees to work remotely to ensure the health and well-being of the greater workforce.
With this new reality, secure and seamless connectivity is a primary concern, and the use of Virtual Private Networks (VPNs) is the most common choice. However, the challenges installing, configuring, and maintaining VPN tools on remote devices, and the technical faults within the tools that are used to enable this distributed model, can cause the goals of distributed organizations to fall apart when organizations cannot perform their tasks without interruption.
Continuously Monitor VPN with Absolute
Using Absolute, any enterprise, government, or school can ensure their VPN clients are always healthy on their devices. Absolute Application Persistence will continuously monitor and report the health of the VPN client and repair and reinstall it as required without any human intervention, thereby avoiding unnecessary productivity losses or security gaps.
This automation increases endpoint resilience and protects sensitive information for the organization, reduces downtime, and maximizes productivity for the end user while also reducing the workload for IT and saving time for higher-value tasks as they continue to work through the new challenges that a distributed organization faces.
In order to help IT teams globally adjust to the new situation safely and efficiently, as of today, Absolute has made Application Persistence for VPN available to all customers until August 31st, 2020. This includes out-of-the-box support for Cisco AnyConnect Secure Mobility Client, F5 BIG-IP Edge Client, and Pulse Connect Secure, including the ability to repair and reinstall them when necessary.
All Absolute customers can now leverage this functionality. Simply configure and turn on the Application Persistence policy for the desired VPN client on your endpoints. To learn more about how to leverage Application Persistence for these VPN apps, please follow these instructions.
 

Growing Need for Resilience-Focused Security Approaches Revealed by Absolute Survey at RSA Conference 2020

To find out where security and IT leaders are focusing their security investments, strategies, and resources with the ever-increasing number of users and endpoints (including desktops, laptops, and mobile devices) accessing corporate networks, we conducted a survey of this year’s RSA Conference attendees. Of the nearly 100 respondents, with most holding the position of a manager/supervisor or C-level executive, more than 50 percent agreed that they were very concerned about the security of corporate endpoints given the prevalence of sophisticated attack vectors like ransomware, disruptionware, phishing and more.
Rising Security Spend and Data breaches
2019 saw a record number of more than 5,000 breaches as well as an unprecedented and unrelenting barrage of ransomware attacks in the U.S. that impacted at least 966 businesses, government agencies, educational institutions and healthcare providers at a potential cost of more than $7.5 billion. It’s no surprise, then, that global cybersecurity spending continues its steep incline – estimated to reach $174 billion by 2022 – as organizations work to thwart attackers and mitigate breaches with additional layers of security controls.
When it comes to how organizations are spending these dollars to protect sensitive data and devices, more than 80 percent of Absolute’s survey respondents at RSAC reported the use of endpoint security tools and multi-factor authentication. More than half of them also relayed that prevention remains the core area of security focus and investment, even though a recent study shows that 60 percent of data breaches are the result of vulnerabilities that the enterprise already knew about but failed to address.
Minimize the Impact with Resilient Strategies
The unfortunate reality is that cybersecurity concerns and spend continue to rise, and yet so do breaches. To best prepare for the inevitable, companies need to look for capabilities that allow their endpoints to quickly heal and bounce back if they should become compromised or removed during an attack. The organizations that adopt such a resilience-based strategy will be the ones who are able to respond and recover quickly and minimize the impact of a breach.
Other key findings from the survey included:

Nearly three in four respondents were familiar with the concepts of ‘cyber resilience’ and ‘endpoint resilience.’
A significant population – more than one in three – noted incident response, recovery, or resilience as the most important element of their organization’s strategy, while 55 percent said prevention was key.
More than three in four respondents reported their organizations are using endpoint security tools, multi-factor authentication, and employee training and education to protect data, devices, and users, while less than half noted the use of tools focused on tracking missing, lost, or stolen devices or ensuring vendor / partner security.

Organizations need complete visibility and real-time insights in order to pinpoint the dark endpoints, identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. Rather than perpetuating a false sense of security, Absolute provides a single source of truth and the diamond image of resilience for endpoints.
For more on how IT and security administrators grapple with increasing complexity and risk levels, while also facing mounting pressure to ensure endpoint controls maintain integrity, availability and functionality at all times, and deliver their intended value, download our Endpoint Security Trends Report.
 
 
 

The Importance of Endpoint Resilience at RSA Conference 2020

Will you be one of the 45,000 people who are expected to attend RSA Conference 2020 in San Francisco next week? Like the topic of cybersecurity in general, the industry’s largest conference continues to increase in relevance as hackers evolve their tactics and organizations invest more in numerous security approaches to stop them.
Around the world, Absolute has been busy preparing for the big event – from executive leadership to customer success, product management to engineering, our entire team has a very full RSA schedule. This is partly because our message of endpoint resilience is now more critical than ever before.
To thwart attackers, organizations continue to layer on security controls. Despite astronomical investments being made however, research shows 100 percent of endpoint controls eventually fail and more than one in three endpoints are unprotected at any given time. Organizations need complete visibility and real-time insights in order to pinpoint unprotected or ‘dark endpoints,’ identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. This is endpoint resilience and it will be front and center at RSA Conference.
Absolute Monitoring Internet Activity in the SOC
One of the places you’ll find Absolute at RSA is in the Security Operations Center (SOC). Using our endpoint resilience solution, our team will be onsite protecting RSA attendees by monitoring internet activity in real-time at the Moscone Center. Be sure to stop by, say hi, and see how it works.
CEO, Christy Wyatt Speaks About 5G
Huawei’s potential domination of 5G markets brings with it significant economic and national security risks. Concerns of unfair trade practices and compromise of 5G networks by China are intertwined and these two problems need to be treated independently: deter unfair trade practices, but also devise smart industrial policies to encourage 5G and national security review of foreign 5G equipment. Our CEO Christy Wyatt will moderate a panel of experts as they discuss #5G and the need for a new approach to looking at securing the critical capabilities that impact us as a nation on Feb. 25. Register for the event here.
The Resilience Happy Hour
Mark your calendars for our Absolute Resilience Happy Hour February 25 from 5:30 – 7:30 PM at Hotel Zetta. Come rest those conference weary feet over a drink and some appetizers with our team. RSVP today.
Find a Green Umbrella!
From London to Austin, Vancouver to San Francisco, Absolute endpoint resilience has you covered with the visibility and control you need over your endpoints. Meet us at RSA by finding one of our green umbrellas and find out how we are dedicated to providing the best endpoit resilience platform around the world.
From all of us at Absolute, safe travels to SFO. We look forward to seeing you!

Can AI and ML Bridge the Cybersecurity Skills Gap?

It is estimated there will be more than 3.5 million vacant cybersecurity jobs by 2021. As companies face an ever expanding threat landscape and pressure to be able to detect and mitigate threats faster, bridging this skill gap is critical.
Without humans to fill the void, organizations have been turning to the potential of using artificial intelligence (AI) or, more aptly, machine learning (ML) to scale out the capabilities of their existing, limited teams.
It’s not that we don’t have plenty of people working hard on solving cybersecurity problems, but that they need leverage and magnification, and machines offer that potential.
Machines deliver on speed and scale 
Machine learning has the ability to conduct the data analytics that humans find challenging or time-consuming when dealing with massive volumes of data. When properly trained, it is able to find patterns and identify the signals that matter when it comes to threat detection and recognizing anomalies. Machines can do this faster than humans, and in a world where cybercriminals also use AI and ML, speed and scale are everything.
If we take the behaviors of cybersecurity professionals and the data they’ve acted upon in the past, and train a machine using machine learning to identify those patterns and behaviors, and put them together, we can build something very powerful. This doesn’t even require full-fledged AI;  it merely requires machine learning and in fact, in most cases it probably just requires a little bit of statistics. But by doing that, we get to magnify the capabilities of that core set of people we do have, to help fill that skills gap.
We humans don’t know which signals matter until we are able to detect patterns by analyzing large volumes of data. This takes time. Machines can achieve this far faster, giving cyber security teams the advantage of speed. With Absolute, we have collected more than a petabyte of data. With such a massive volume of data, we have the wherewithal to sift through that and look for the signals. Most of this will come from software and hardware inventories, the signals about load on the system, behavior of users, finding what’s a pattern and what’s an outlier.
Using Absolute to tighten endpoint security
Organizations use Absolute as part of their endpoint security posture. Absolute Persistence is installed in the BIOS at the manufacturer and cannot be uninstalled by a user even if they uninstall the operating system. Absolute Resilience provides complete visibility into the endpoint, giving organizations details on device usage, location, which apps are installed, and the ability to freeze and wipe data if a device is compromised or lost.
A big struggle for a lot of organizations is that they’ve bought various solutions, they lay it on and have a dozen different agents installed on the endpoint. But each of these controls get deconfigured and deinstalled, and often you don’t know what you don’t know. Having a single source of truth with the persistence that it will always be able to draw the data from the endpoint no matter what the user does, that is what Absolute does to give organizations to determine what value they are getting from these tools and to improve their security posture.
Learn how Absolute Resilience can secure your endpoints and help you bridge the cybersecurity skills gap.
 
 
 

Strengthening Device Management and Endpoint Security Just Got Easier with Absolute Power of Resilience

With the increasing number and types of endpoint devices worldwide, establishing a tight knit security strategy to protect them, your users, and your data is now more critical than ever. A major cause for heartburn among IT and Security Operations teams is the consistent security and non-compliance failures occurring at the application layer.
This week, we announced that the power of Absolute’s Resilience solution and patented Absolute® Persistence™ technology now extends to more than 30 critical security applications – including, most recently, VMware® Carbon Black and Workspace OneTM as well as Crowdstrike® Falcon.
Failures at the Application Level
Organizations have long invested in Device Management, Encryption, VPN, Data Protection and other Endpoint Security tools to manage and secure devices within their fleet, protect sensitive data and maintain user productivity. The Absolute 2019 Endpoint Security Trends Report shows there are an average of 10 security agents deployed on each device at any particular point in time. A majority of these agents are easily tampered with or disabled negligently, causing multiple failures. On average, 13 percent of endpoints require at least one repair event of their AV tool every 30 days. Statistics are even more concerning for Encryption tools; 42 percent of endpoints have encryption failures at any given point in time.
Apart from inadvertent user behavior, application health is also affected by devices being reimaged, corrupted registry files, potential malware intrusions as well as the different agents essentially colliding with each other and reducing effectiveness. A majority of security events – 70 percent to be precise – originate at the endpoint.
Now more than ever, it is critical to ensure that the agents organizations invest in to maintain endpoint compliance and protect their environments remain healthy at all times.
Persisting at the Firmware Level
Most security tools in the market today operate at the operating system layer and so can be tampered with or disabled. The only way to truly secure your applications is to go to the firmware of a device to maintain connectivity and visibility across multiple security data points. Absolute Application Persistence is embedded in the firmware of close to 1 billion devices and actively monitors and remediates the health of the most-used security applications in the market today. This digital tether in the firmware ensures that Absolute’s OS agent and the agents of other security tools remain healthy and tamper proof to maintain compliance of the device and fleet overall.
AI based Endpoint Detection and Response (EDR) tools such as Carbon Black and Crowdstrike detect malware, identify unusual activity occurring on the device, and provide remediation guidance. Unified Endpoint Management (UEM) tools such as Workspace One manage devices as well as enhance end user experience through the deploying of applications, email, Wi-Fi, security settings and the provisioning of corporate resources as required.
Through automation, Application Persistence now ensures the policies and settings set through the three applications remain active to protect the device fleet from the ever-increasing list of external threats.
For more information about Absolute’s patented Persistence technology, see a complete list of the vendors and applications that make up the Absolute Resilience ecosystem. To see how Absolute’s firmware-embedded, self-healing technology ensures Greenville Health has continuous visibility and automated remediation for applications across 14,000 devices, download the case study.

New Year, New Cybersecurity Goals

This article originally appeared on the VMWare blog.
While the cybersecurity landscape may look daunting as the new year progresses, organizations should focus on building the proper strategies for protecting our valuable data and mitigating the endpoint security risks that 2020 promises to bring. This means taking a critical look at the past 12 months, and identifying the changes a security team can make now, that will be most impactful in the 12 months to follow.
Let’s explore some important enterprise security goals for an organization to consider, as 2020 advances.
Measuring Success within the New Year
One of the big buzz words of 2019 was “Zero Trust” – with the thought that the end user should have as little access to the device they are working on as necessary. We as an industry need to start measuring and scoring the trustworthiness of the products that we install in our environments. Exactly how do these products perform in the real world and not just in a lab? How do we know from day one that we can trust a product to perform in production? It is easy enough to allow security technology to win through traditional commerce, but truly successful products will win because customers decide to invest in renewals, and the poorly performing products will die. I expect that in 2020, we will start looking at the trustworthiness of applications and de-emphasize the focus on being impressed by marketing costs.
Calling a Time-out on Security Spending
When discussing the importance of a time-out on security spending, the following questions are important to consider: “Am I utilizing my security dollars efficiently,” and “How do I ensure that my organization is resilient based on the acquisition of new security?”
Companies have stuck to the same old playbook for years now, and it has one directive: buy more products. This isn’t going to result in the protection that enterprises require to combat hackers. As the new year approaches, businesses need to ensure that what they are already spending money on and deploying in the enterprise is actually working and protecting the environment. Today, organizations can expect to be compromised, but their ability to bounce back from such an attack will matter most to the company, its customers and partners.
This resiliency will also affect how the role of the CIO and CISO will develop within the next few years. CIOs are going to have to prove exactly how existing products are living up to their full potential. If they can’t show how current products will prevent and repair damage due to a cyberattack, then future investments will become even more scrutinized. As a result, we’re going to witness the introduction of protection level agreements guaranteeing that the strategies implemented will protect against certain severity levels of a cyber attack. With this in mind, it will become essential that CIOs and CISOs put a hold on any security spending, and take the time to reevaluate their security landscape to ensure the products they currently use are actually worth the investment.
Overcoming Vulnerabilities within the Education Industry
The most significant challenge for the education industry will rely on the identification and attraction of security professionals into the K-12 field. Budget constraints and advancement opportunities within the education sector for security specialists are generally not a great combination for attracting talented security professionals. Budget constraints may lead to the industry purchasing products that are tailored specifically to education use cases, but fail to follow secure development processes. This causes additional problems for the IT professional in the education system.
With this in mind, the education industry will also need to invest in personal development as 2020 continues. The industry as a whole is grossly under investing in its employees, and its IT department is no exception. Training courses must become a priority, not only to ensure all employees are keeping cybersecurity top of mind, but to help promote IT careers in the education sector. Without this focus, key IT players will soon discover better opportunities within another industry.
Striking a Balance Between Patient Care and Cybersecurity
In 2020, it’s going to be important for the healthcare industry to focus on building significant trust among healthcare professionals and IT security/privacy best practices. The balance of a patient’s life, accessing data quickly but accurately, and privacy concerns can be very conflicting, which puts cybersecurity on the backburner. In the new year, healthcare IT will need to provide greater and more robust security and privacy practices within their environments and better identify who requires certain privileges and access to patient data and systems.
It will also be important for the healthcare industry to better understand their environment and validate that their existing purchases are performing as expected – allowing better budget spend moving forward. Once this foundation is established, there is an opportunity for the industry to build on it, using tools that have already proved their worth and ensure a more seamless experience for the patient.
For more on the state of endpoint security, download the Endpoint Security Trends Report. 

Absolute is a Top 10 Cybersecurity Company to Watch For Second Consecutive Year

Absolute has again been recognized by Forbes Magazine as a Top 10 Cybersecurity Company to Watch in 2020. Written by Louis Columbus, this is the second consecutive year Absolute has made the top spot.
As worldwide spending on information security and risk management systems continues to grow and cybersecurity professionals are increasingly overwhelmed, organizations have an urgent need to improve endpoint security and resilience. Here’s an excerpt:
Absolute serves as the industry benchmark for endpoint resilience, visibility and control. Embedded in over a half-billion devices, the company enables more than 12,000 customers with self-healing endpoint security, always-connected visibility into their devices, data, users, and applications – whether endpoints are on or off the corporate network – and the ultimate level of control and confidence required for the modern enterprise.
Organizations need complete visibility and real-time insights in order to pinpoint the dark endpoints, identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. Rather than perpetuating a false sense of security, Absolute provides a single source of truth and the diamond image of resilience for endpoints.
Rising Complexity
To thwart attackers, organizations today often layer on many security controls. Gartner estimates that more than $174B will be spent on security by 2022 and of that, $50B will be dedicated to protecting the endpoint. The Absolute Endpoint Security Trends Report finds that in spite of the astronomical investments being made, 100 percent of endpoint controls eventually fail and more than one in three endpoints are unprotected at any given time.
All of this has IT and security administrators grappling with increasing complexity and risk levels, while also facing mounting pressure to ensure endpoint controls maintain integrity, availability and functionality at all times, and deliver their intended value.
Clear Line of Sight
Rather than wondering if your endpoints are safe, organizations need a clear line of sight into every device, at all times. Fortifying your security posture with the power of Absolute Persistence means a persistent, self-healing connection to all devices, whether they are on the network or not. This is true endpoint resilience and the foundation of improved security.
For more on how Absolute fortifies your security with endpoint resilience and provides a single source of truth into whether or not your existing security controls are working as intended, read what our customers have to say.

Loading

Categories