Category: IT Asset Management

Secure More, Work Less

As digital transformation initiatives drive more hi-tech processes and connected devices, the threat landscape is more like a thicket, and IT security teams are already stretched. Device fleet security is already a heavy lift; the clever cybercriminals and skyrocketing vulnerabilities, that’s just a bonus (in reverse).
The Need for ML and AI
Mounting cyber risk is a global concern — the 2019 CEO Imperative Study from Ernst & Young shows CEOs now believe cybersecurity is the top threat to the global economy over the next five to ten years. And the rising cybersecurity skills shortage, as well as potential career burnout by existing IT security staff, makes this an international emergency.
In response to cyber fragility and the need for more effective IT operations, we recruited machines to help us meet this challenge—machine learning (ML) and artificial intelligence (AI). In a report from Capegemini, 69% of executives believe AI will be necessary to respond to cyberattacks and 73% of enterprises are testing use cases for AI for cybersecurity.
In a recent Forbes magazine article, Why AI is the Future of Cybersecurity, Absolute’s CTO Nicko van Someren puts it this way:
“It’s no surprise that Capgemini’s data shows security analysts are overwhelmed. The cybersecurity skills shortage has been growing for some time, and so have the number and complexity of attacks; using machine learning to augment the few available skilled people can help ease this. What’s exciting about the state of the industry right now is that recent advances in machine learning methods are poised to make their way into deployable products.”
The Power of Automation: Absolute Unveils New Updates to Enterprise Resilience Edition
As ML and AI balance the workload and improve response to cyber threats, automation is also the key to endpoint resilience. The Absolute Reach Library — the query and response capability in the Absolute platform —enables IT automation with 118 ready-made commands in the most recent release of the Absolute platform. Nothing is out of reach (pardon the pun), allowing IT and security teams to command any device anywhere, on or off the corporate network.
New Reach ready-to-use workflows introduced this week simplify security policy deployments and remotely manage your devices, including:

Windows Update Command: Pinpoint vulnerable devices with pending or failed Microsoft OS updates
Automated Log Analytics: Detect initial signs of endpoint security exposures and potential incidents by automatically discovering frequent and common issues from event logs
Windows Configuration Enforcement: Audit Windows features and local accounts on devices, as well as modify settings to maximize energy savings and ensure an optimal and consistent user experience

Absolute has also rolled out new Live Chat Support to give enterprise IT and security teams the consumer-like experience to realize endpoint resilience — no tickets, no email, no toll-free numbers. On-demand chat support removes the dependency on outdated modes of technology support, ensuring Absolute customers receive real-time answers and information, so they can focus on their organization’s resilience.
And there’s one, more thing… Policy is the bedrock of any security program. Because at its core, policy says, “This can do that. That cannot do this”. So, Absolute made policy simple and easy. With changes to your Absolute policy groups, you can swiftly and fluidly direct devices to dynamic policies without cycles of enroll/unenroll/reenroll that wastes valuable IT time and brain power.
Read: Creating an Information Security Policy That Works
With easy to manage and staggering speed, IT and security teams get the bedrock protection they demand (airtight policies), without the grind of manual cleanup.
Today’s threat landscape requires the automation of updates, patches and security policies in real-time. Short of that, exposures become exploits and endpoint resilience is lost.
Learn more about Reach and how Absolute enables IT to remote manage devices and seamlessly and fluidly apply and adjust security policies to any endpoint or group of endpoints.

Managing and Securing the Digital Classroom

The use of technology in classrooms has revolutionized the learning environment for both teachers and students. It democratizes education by allowing a greater number of resources to be available to a wider range of students. Textbooks are being replaced by digital devices and virtual classrooms, expanding the idea of the ‘classroom’ and enabling teachers to shift the education model to help students develop the skills needed for the digital future.
While there has never been a doubt that technology is beneficial to learning, there was less certainty about how to manage and secure the devices used by students. Heightening the situation, school districts usually operate with lean IT teams and limited budgets, leaving two big challenges to be solved:
1) how can schools rationalize and maximize technology budgets; and,
2) how can they ensure their technology is safe for students, educators, and staff?
Growing Budget and Keeping It
Finding the funds for technology in an already overburdened budget isn’t easy. Most school administrators know the key to securing funding is found in the results or strong learning outcomes. If students learn more, faster and with greater efficiency, digital classrooms are a no-brainer. The hurdle, however, is translating exactly how technology supports improved student learning and then communicating that fact with credibility.
In education, as is the case in every other industry today, data is required to make a strong business case for increased resources. Detailed student technology analytics is a key component to understanding device use and correlating that use to improved academic performance. Data provides you with the foundation for solid decision-making as well as a way to justify ROI and secure further budget. School boards and other stakeholders want to invest in technology for learning, but schools must prove that they are good stewards of that investment in order for it to continue.
Protecting At-Risk Devices and Data
With new technology comes added risk, including major data privacy concerns. Cybersecurity is now the number one priority for K-12 IT teams according to the latest K-12 leadership survey by COSN. In fact, there have been 479 cybersecurity incidents during the last two to three years, and schools with known one-to-one programs are often targeted by thieves. Kids themselves are also increasingly the victims of theft as they walk to and from school, or even within the school grounds.
In addition, students regularly lose or misplace devices which can lead to exposed sensitive information and/or unauthorized access to the school network. The theft or loss of a device has many repercussions. A stolen student device, school-owned or BYOD, greatly impact that student’s learning ability, as device replacement through insurance can take up to eight weeks.
Within K-12 specifically, the need to ensure that the content accessed by students is also sanctioned. If not adequately protected, the information contained on or accessed through these devices could pose threats that lead to data breaches and fines by the ICO.
Safe, Smart, Secure Schools
In order to sustain digital classrooms, technology must be managed and secured regardless of form, factor or operating system. In our highly mobile environment with devices continuously on-the-move and off the school network, persistent visibility and control is no longer a nice-to-have. It’s a must.
Read: Better Device Security in 3 Steps for Education
With one single solution, IT should be able to determine the status of each device, manage typical IT maintenance requirements, and take immediate security actions when required. This streamlined, automated management option not only provides important security but also improved operational efficiencies that can cut down on hundreds of IT hours.
It may seem like a steep curve, but it is possible to support the shift to digital learning while also helping to protect school districts’ investment in technologies. Absolute’s Persistence technology is embedded in the core of devices at the factory, providing a reliable two-way connection so that education organizations can confidently manage mobility, investigate potential threats, and maintain the safety of students who use these devices. Student Technology Analytics allows schools to prove the positive impact of technology to secure continued investment and ensure no student gets left behind.
It’s an exciting time to be an educator. Learn more about how Absolute is uniquely positioned to help manage and secure your Edtech investment in the IDC commissioned report, Student Technology Analytics: How K-12 Leaders Make the Case for Better Technology in the Classroom.

2019 RSA Conference Takeaways

RSA Conference (RSAC) is a true reflection of the information security industry: the one constant is change. Attendee numbers grow each year, vendors come and go, and the over-arching event theme changes with the times. 2019 was my fifth consecutive RSA Conference and even in those few years, I’ve seen a significant shift in the conference tone, and our industry as a whole.
Ease of Use
A few short years ago, RSAC reflected everything cloud. What is it, what are its advantages and disadvantages and of course, what were the risks? From cloud, conference goers moved into talk about automation, orchestration and threat detection. How could InfoSec practitioners rely on security tools to find and address the overwhelming number of threats out there?
Then came the shift to data. There was, and continues to be, much talk (and a whole lot of FUD) around big data, data analytics, artificial intelligence, and machine learning. Many of us are still trying to sort out how these important data-centric approaches fit with and aide security efforts.
This year, conversations shifted from ‘the what’ of risk to ‘the how.’ And for many, the desire is ease.
There was much less evidence of the-world-is-a-scary-place (think shady hackers in hoodies) and your only hope is dependence upon some cool new widget. Instead, this year, we saw a transition to a call for simplification: reduce complexity to increase security.
Zero Trust Model
One important sub-topic to this year’s conference was zero trust. How can you reduce complexity and improve security using the assumption of zero trust?
Zero trust is the notion there is no trust within your environment across networks, devices, people, applications and, at the center of it all, your data. Data doesn’t trust your device or any other element and conversely, none of the other elements trust the other. At the foundation of zero trust is the assumption that trust is a vulnerability – authentication must take place before trust can be issued.
In my conversations with analysts, Absolute customers, and many other buyers and sellers of security products, the topic of authentication and conditional access came up time and again. Conditional access is a computation that asks questions about worthiness. For example: yes, this user is who he/she says she is. Or, yes, this device is in fact where it should be…
Authentication has its challenges certainly but, in the case of endpoints, you must start with accurate, contextual asset intelligence. You can’t authenticate what you don’t know you have.
Read NIST Cybersecurity Framework: First, See Everything
Asset intelligence is Absolute’s role in this approach; we help orchestrate the zero trust dynamic at the endpoint. Our solution is already embedded in much of the hardware out there today and our platform supports application and security control persistence. Are all of your elements enabled and working? We provide IT with that information quickly and automatically.
Likewise, nearly every RSA vendor also has a role to play in the zero trust approach. Standing on the packed show floor, you got a strong visual of how different vendors approach and provide the authentication that goes to worthiness. Collectively then, you could ask yourself, how could these different tools work together to authenticate access. Most important to the conversations this year at RSAC, was how can IT maximize all of the tools they use to authenticate, secure, and provide confidence (and documentation) that they are all working for the betterment of your organization’s security posture?
RSA is known for bringing together many different perspectives that then drive compelling conversations around the problems we can solve together. This year didn’t disappoint. Effectively solving security issues while also reducing complexity for our IT teams will continue to be a focus in the year to come.
To learn more about how to increase your visibility and control over your endpoints and reduce your risk, read the 2019 Endpoint Security Trends Report

Expert Tips to Protect Personally Identifiable Information (PII)

Protecting personally identifiable information (PII), while staying audit-ready for a growing number of state, federal, and global data privacy regulations is no easy task for IT teams. While the goal feels frighteningly out of reach at times for many organizations, there are a few back-to-basics data privacy tips that can help you stay ahead of the long chase.
3 Tips to Protect PII

See everything. Reducing your risk exposure starts with comprehensive IT asset management. But when mapping out your long list of IT assets, keep in mind each one represents far more than the visible machine. Beyond the basic hardware, you must consider how the asset encompasses not only devices but also data, apps, and users. Taking it one step further, identify all asset locations, how they’re being used, and by whom.

Read Why IT Asset Management is key to Data Security

Analyze the risk. PII is spread across more endpoints than you think. To identify all the pockets where sensitive data resides, use lexicographic crawling — the equivalent of Google for all of your endpoint data – that will alert you to any data hiding out there in dark corners. This step sees you transitioning from a mindset of traditional IT asset management to one of embracing assets as providing an intelligence service for your organization.
Apply rapid response. You need the ability to find data for individuals who request you delete it, for regulators who require proof of protections, and validation that you are mitigating exposures quickly and, of course, before hackers can gain unauthorized access to it. Make sure you can reach any device with fine-tuned commands to restore privacy protections and meet applicable legal requirements that demand proof of protections and validation that you are mitigating exposures quickly.

Data privacy is continually growing in urgency as hackers get smarter and change their tactics, and global laws – like GDPR – are being created and enforced. So, how should your organization stay on top of this evolution?  Promote a strong data privacy culture across your organization and maintain vigilance over your data privacy strategies.
For more information and expert tips on how to improve your organization’s data privacy efforts, watch the next episode of our Cybersecurity Insights video below. And while you’re at it, watch and subscribe to our full Cybersecurity Insights video series on YouTube.

Video Transcript:
Welcome back! Josh here from Absolute. In our last episode, we looked at the latest in data privacy. Now, let’s consider how to maintain privacy with confidence.
In 2018, 33% of successful attacks targeted personally identifiable information.
At the same time these criminals are doing their thing, data privacy regulations are popping up all over the world.
You’re trying to win the battle on two fronts: defeat would-be attackers and stay audit-ready for regulators. That’s hard.
But here are some tips to meet the challenge for your IT and security teams.
First, see everything. Try to think of IT assets as more than just machines – physical or virtual – and consider a new definition of ‘asset’ that embraces devices, data, users, and apps.
Start by pinpointing all the places these assets are and how they’re being used.
This moves us away from run-of-the-mill IT asset management into a mindset that sees asset management as an intelligence service for your organization.
Having scooped up all that asset intelligence, let’s identify all the pockets of sensitive data.
Now that we can see the landscape, we need to start crawling through the assets to find sensitive data.
The preferred technique is called lexicographic crawling, because the crawler is continuously looking for key data markers like names, addresses, phone numbers, and other personal identifiers. When you get a ‘hit’, you know where the data is camped.
Now that we’ve located sensitive data, we move on to our next step: analyze the risk.
By assessing the risks that are unique to your organization, you’re able to rationalize which follow up actions are needed based on risk tolerance, instead of assumptions or intuition.
This brings us to the final step for protecting data privacy: rapid response. Most of the legal requirements demand proof of protections and validation that you are mitigating exposures quickly.
We need the ability to REACH any device with fine-tuned commands to restore privacy protections.
By automatically regenerating controls, apps, or agents when they’re disabled, you’re positioned to thwart the criminals and bring smiles to the faces of regulators, auditors, and most of all…those individuals whose data you have.
Protecting privacy is a moral concern because it has the potential to cause harm to real-life people, but with the steps we’ve outlined here, you can be audit-ready and withstand the onslaught of cybercriminals.
Pull every asset into view, crawl for sensitive data, analyze the ‘hits’ for risk, and respond in an instant to restore protection.
Be sure to subscribe and don’t hesitate to drop your comments below. I’ll see you next time!

The Importance of the CMDB

A Configuration Management Database (CMDB) is the core of ITIL processes. CMDB is a database of information related to all the components of an information system; it contains information about the configuration items (CI) in the IT infrastructure. CIs can be hardware, software, personnel or documentation. As it relates to IT Asset Management, a CMDB is a comprehensive ‘map’ of your entire IT, helping you to keep track of the state of endpoint devices, software and data, useful to detection and response to security incidents.
The CMDB describes CIs using three configurable attributes: technical, ownership and relationship. In plain terms, the CMDB is like the index for the components in the IT environment, helping understand their attributes, relationships and configurations. A key success factor in implementing a CMDB is the ability to automatically discover information about the CIs and to track changes as they happen. CMDBs are important in IT decision making, allowing users to identify dependencies among processes, people, applications and IT infrastructure to find opportunities for change, faster resolution of incidents fewer errors and more.

Unlike a traditional database, the CMDB pulls in data from other sources in such a way that original sources retain control of said data. The CMDB can help you understand data in an organized way, examining it from a multitude of perspectives. According to the ITIL recommended specifications, there are four tasks involved in configuration management:

Identify the CIs to be put in the CMDB
Control the data so that it is only changed by authorized individuals
Ensure the current status of incoming CI is always recorded and updated
Maintain data accuracy through audits and reviews

A CMDB may be accessed by many individuals, so many companies find it useful to make it more user-friendly by adopting a web interface.
How to Automate Your CMDB (Configuration Management Database)
Automation is the name of the game for IT teams struggling to keep up with a range of seemingly countless manual tasks. Some of these tasks are tedious and others are increasingly complicated as companies push toward digital transformation. Asset management is one area where IT is finding success with the automation of time-consuming tasks, particularly in updating the Configuration Management Database (CMDB) for an accurate asset inventory.
Whether you call it a CMDB or not, everyone has ‘a list’ of company-owned assets. This includes hardware, software licenses, documentation and even personnel. Depending upon your organization, your CMDB may go so far as to serve as a map of all that is IT. More likely though, your CMDB is a static spreadsheet that lists devices and pre-loaded software given to a new employee on their first day.
CMDB in a Perfect World
In its truest form, a CMDB is a database of all configurable items in your IT infrastructure, including laptops, desktops, phones, printers, servers, and more. Going beyond a simple inventory of items however, the database should also include three configurable attributes for each item: technical details (including the software running on them), user information and the asset’s relationship with other people, processes and technologies in the organization.
An accurate, up-to-date CMDB can be thought of as the anchor of your IT asset management program. When done well, it should:

Provide you and any auditor who asks with an accurate, efficient, at-a-glance view of company assets, where they are, what they are running, and inter-dependencies on other organizational assets.
Serve as a financial tracker so you aren’t buying more of what you already have or aren’t using. It can also help leadership build out an organizational valuation.
Help you meet compliance requirements including GDPR, HIPAA and several other regulations related to personal data privacy.
Improve your security posture. Because you can’t secure what you can’t see or don’t even know you have in your environment, an up-to-date CMDB will give you the confidence that you are securing all of your endpoints. Pushing security updates to an outdated list of assets will leave you with many vulnerabilities.

The Trouble with Manual Updates
While CMDBs should outline what’s listed above, they usually don’t when updates are left to manual, human effort. Firstly, it’s simply too much to keep up with. Secondly, manual processes aren’t a solution for devices that fall off the corporate network. You can’t accurately inventory and monitor what you can’t even see.
Read more about: Cybersecurity 101
Automation is both an effective and efficient way to maintain an up-to-date CMDB, as long as the solution you rely on doesn’t require your endpoints to have a network connection. Another common challenge with most endpoint management solutions is that the health of the agent is not stable. If the agent you rely on is disabled or corrupt when a device is off the network, your visibility into that device is typically gone.
Employees, their devices, and the data that resides on them are always on the move; you need to be able to track the devices (and their security controls) as they travel. Manual effort toward this goal is time wasted, especially when you consider the numerous other tasks left undone while you are trying to keep an updated inventory.
To automate your CMDB, start with your assets. Learn more about how Absolute helps with Asset Intelligence.


What is Endpoint Management?

At a high-level, the definition of endpoint management is the process an organization undergoes to detect, provision, deploy, update, and troubleshoot its endpoint devices. Sounds simplistic, and it is.
What is an endpoint?
To get a good grasp of endpoint management, the first step is to ensure we have a solid understanding of what constitutes an endpoint.
An endpoint is essentially any remote device that sends and receives communications with the network to which it’s connected.
Endpoints can include:

POS Systems

The critical issue surrounding endpoints is that they represent one of the key areas of vulnerability for businesses, and can be an easy entry point for cybercriminals.
Through endpoints, attackers may execute code and exploit vulnerabilities on and with our assets. Today, the workforce is more mobile than ever, with employees connecting to internal networks from outside the office and from endpoints anywhere in the world.
Read: Absolute Named the Leader in the G2 Crowd Grid® Report for Endpoint Management
Now that we’ve established the “what,” we can move on to the “why.”
Why is endpoint management so critical in 2019?
It all starts on the endpoint.
Perhaps the most pressing reason for endpoint management is that most successful breaches begin at the endpoint. In fact, according to an IDC study, the endpoint was the cause of 70 percent of successful breaches.
This stat is no surprise since endpoints represent all the devices connecting to your network. Therefore, if those devices are not well-managed, attacks can quickly morph from a brushfire to a widespread blaze.
Maintaining visibility and control of your endpoints is crucial.
Not enough resources to keep up
The definition of a secure endpoint has changed over the years and is much more complex in 2019 than it was even a few years ago.
New critical threats materialize all the time, and for most IT and security teams, it’s a constant struggle to prioritize the threats that can cause the most harm. When your company lacks sufficient visibility into potentially infected enterprise endpoints, vulnerabilities are patched haphazardly, leaving you more vulnerable.
It’s probably no surprise that in a recent Ponemon study, a mere 37 percent of companies surveyed said they had sufficient resources to minimize risk, despite 69 percent of them acknowledging that endpoint security risk has significantly increased.
Not your typical malware.
Attacks aimed at endpoints are hurtling toward us at an unprecedented rate. In 2019, the attackers are getting stealthier. Bad actors (hackers) may not be changing the strains of their attacks, but their tactics, techniques, and procedures are more sophisticated than ever.
Expect to see more zero-day attacks (where a security hole known to the software vendor exists without a patch in place to fix the flaw) this year. Another attack to watch out for is a file-less attack – which avoids downloading malicious executable files by leveraging exploits or launch scripts and macros from memory in order to circumvent detection by antivirus solutions.
The Ponemon study mentioned above, The State of Endpoint Security Risk, found that “76 percent of successful attacks leveraged unknown and polymorphic malware or zero-day attacks, making them four times more likely to succeed in compromise compared to traditional attack techniques.”
Risks of selecting the wrong type of endpoint management system
Investing in any security solution is a critical decision requiring careful consideration. Think about it – you’re going to be trusting the provider with your critical data. The team behind the endpoint management system you choose is essentially a partner that will help you secure all of your endpoints — preferably for the long-term. After all, who wants to go through the process of evaluating, rolling out, and deploying a solution more than once?
One of the most significant ramifications for choosing the wrong product would be if your endpoint management has promoted a false sense of security within your organization. Assuming you’re secure when you are not may be just as disastrous as not having a solution at all.
In your selection process, make sure the solution is easy to manage and isn’t too complicated. Anything with too much complexity may suit highly-trained IT staff, but most businesses don’t have the time or resources to navigate the choppy waters of an overly confusing management console.
The next generation of endpoint security
We’ve learned that what constitutes a secure endpoint has changed over time. As our endpoints also become weaker over their lifespan, the problem compounds. When you add bad actors to the mix, we have a recipe for potential disaster and an exponential curve downward toward decay.
The next generation of endpoint management is one of self-healing. OS manufacturers may make their operating systems more restorative, but they won’t be self-healing. Next-generation solutions will be organization-specific and customized to your business with its unique set of endpoints.
Read: Comprehensive Security and Why Self-Healing is Imperative
Now, where do I start with endpoint management?
Getting started with endpoint security is not simple, nor is it something you can do in a single day – it takes a lot of time, planning, resources, training, and practice to build a solid foundation.
To help you along, download our whitepaper: Four Essential Strategies For Endpoint Security And Protection.
To see how our endpoint management platform can work in your organization, request a demo or contact our sales team.

How L.A. Tourism Secures a Distributed Workforce

The structure of work is changing rapidly. Driven by technology advancement, a global economy and a constant push for more productivity, there is a fast-moving trend toward enabling a distributed workforce. A 2018 study by Upwork illustrates the prevalence of remote work:

63 percent of companies now have remote workers (homebound employees, partly homebound employees, freelancers and those that co-work)
48 percent of companies use freelancers and work done by freelancers increased 168 percent in one year
3 times as many people over the previous year believe offices will become temporary anchor points versus daily travel destinations

Remote work is already status quo for the Los Angeles Tourism & Convention Board. As the official marketing and sales organization for the City of Los Angeles, the L.A. Tourism inspires travelers around the world to visit L.A. for leisure, business, conventions, and events. The very nature of their business requires a highly distributed workforce. To do their jobs effectively, sales and marketing teams must be able to work collaboratively from every corner of the globe.
To accommodate out of office workers, the entire organization recently moved to a 100 percent mobile device fleet model. This enabled productivity but, as work increasingly gets done outside the corporate network, securing the devices and the apps and data that resides on them became exponentially more difficult. The organization knew they needed a comprehensive IT asset management program for full visibility, global asset intelligence, regulatory compliance, and lease management.
The Power of Absolute
By taking advantage of Absolute’s endpoint visibility and control platform, L.A. Tourism now has an unbreakable connection to their entire device fleet at all times. This level of visibility allows their IT team to know where their endpoints are located, understand when users drop off the network or the domain, or inadvertently change the device configuration. In addition, they now have enhanced levels of control that enable them to fix device issues remotely.
With the power of the Absolute platform, L.A. Tourism has a stronger security posture and increased team efficiency. The transparency and connection to the devices they use allows L.A. Tourism to better understand where their sensitive data is stored and prove compliance with data security standards and regulations.
Additionally, whenever a laptop is misplaced or stolen, or an employee or a contractor leaves the organization, L.A. Tourism’s IT team is now able to freeze the device to render it useless or wipe it clean remotely to protect any sensitive data that it may contain.
For more on how L.A. Tourism gained a clear view of their global endpoint population, download the full story: Red Carpet Event: L.A. Tourism Secures Endpoint Population with Absolute. For additional insight, learn practical guidelines for securing public sector data with the whitepaper, Implementing the NIST Cybersecurity Framework in Government.  

Why IT Asset Management Is Key to Data Security

Information security is a growing concern for many organizations and while the ways you access and protect your data continue to evolve, the reasons for it stay the same – your data is the driving force of your organization. To effectively protect it, you need visibility and control over all your assets.
IT asset management is the foundation of many risk management frameworks for good reason. Having an informed understanding of your IT environment – your expectations for performance, configuration, and behavior – across the complete lifecycle of your assets will improve not only your operational awareness but your security posture too.
It’s tempting to consider IT asset management as mundane work. And that would be true if your approach to it was creating a simple device register and then setting it aside for your next inventory audit. In reality, though, true IT asset management is your key to managing the explosion of devices and systems your organization is likely experiencing.
It also serves as your canary in a coal mine. A strategic IT asset management program will help you identify risk earlier in the event of a security breach and deliver a quick, effective response.
3 Objectives of an Asset Management Program
When thinking through an IT asset management program, it helps to first break it down into three primary objectives:
1.      Plan and organize your devices
Setup your asset management tools to reflect your organization’s plan. Consider all of your devices no matter whether they are on or off your corporate network. Then, document the purpose of each device. What business functions do they perform? How and where are they used? Who is responsible for them? Also, document the expected lifespan of each device including the refresh cycles, lease date or end of life warranty.
Last but certainly not least, determine whether or not it might hold or access sensitive, confidential information. If it’s to be used by the CEO or HR, for example, the answer is yes.
Establishing your expectations before you place devices in the hands of your end users ensures that you can detect and control unexpected changes as they happen, minimizing their impact and increasing your effectiveness.
2.      Keep devices visible and healthy
Developing and implementing your IT asset management plan ensures that you have a living baseline to measure your population against. With this knowledge, you can effectively monitor your devices’ performance, health, and risk exposure, and make informed decisions about changes to your environment.
Are your security applications working and up-to-date?  Users regularly delay patches, remove and/or disable applications, unwittingly putting the devices at risk. How are you able to identify the scope of unexpected changes in your environment and how can you address them at-scale when they occur?  What’s your action plan if a device is lost or stolen? How will you discover that it’s gone?
Also Read Lost or Stolen Devices: What to Do in 4 Steps.
3.      Retire devices
To have an effective IT asset management plan and a capable information security practice, you need to trust your data and ensure that the devices important to you are monitored and protected. This means that your devices need a retirement plan. Establishing a process for your devices’ end of life from the time they first enter your environment means that your devices are collected, secured, sanitized, and removed from your environment when the time comes. It also means that the information you rely on to make critical information security and IT operations decisions is accurate and the alerts you receive when something unexpected happens are real.
How will you manage device returns when employees leave or change roles? How do you manage timely and secure device end-of-life? How can you confirm that are they safely decommissioned from your organization? Having a process in place enables you to answer these questions.
As the population of devices your organization comes to rely on grows and the volume of data you hold rises, it’s critical you maintain visibility and control. Proactive IT asset management is how you accomplish that goal.
If you would like more information on how to effectively manage your growing number of assets across their lifecycle as well as how to deploy, manage, monitor, and decommission your IT assets using Absolute, join our webinar: Effective Lifecycle Management with Absolute.

Lost or Stolen Devices: What to Do in 4 Steps

A lost or stolen device is a dreaded, but highly likely situation for most people to have to face. It’s not so much the device itself–that is replaceable–but that data that the device contains that causes alarm. Forrester’s State of Data Security and Privacy Report 2018 to 2019 claims that lost or stolen devices represent 15 percent of all confirmed data breaches. To make matters worse, 35 percent of all devices contain sensitive, corporate data that then pose a significant risk to you (and your organization) when lost/stolen.
Missing laptops, tablets, phones and other endpoint devices are a very real problem. But what should you do when a device goes missing? Your response to a missing device should begin with answers to these four questions.

Where is it?

When a device goes missing, you might think immediate quarantine is your first logical step. After all, you want to cut off anyone unlawfully trying to gain access to it and/or your network via the device. While that’s true, shutting down access assumes you already have accurate visibility into where the now-missing device is located. Having the ability to precisely pinpoint your device’s true location must be your first step in protecting it, and you.

What’s on it?

Once you’ve discovered a device has gone missing, your next question should be ‘what’s on it’ and therefore, ‘how big of a risk’ is the lost or stolen device to you. This is where good asset intelligence comes into play. Asset intelligence is more than a simple catalog of your devices; it also outlines the business function associated with each device. What is the device used for? Having a pre-defined understanding of asset intelligence is critically important for rapid, effective security incident response. Detailed asset intelligence will tell you if the missing device contains sensitive, personal, regulated data and knowing the answer to that will tell you what your next step needs to be.

What’s protecting it?

In addition to knowing what’s on the missing device, you also need to understand how the information is currently being protected. Compliance calls to mind encryption because it’s a requirement of GDPR. If sensitive data resides on the missing device and it wasn’t encrypted, your next step, as outlined by the EU data privacy regulation, is a breach notification. However, there’s much more to data protection than a simple yes or no checkbox for encryption. Are other protection tools you implemented like anti-virus, security agents and apps still in working order? Good endpoint cyber hygiene is the most important control function you can take. ‘Hygiene’ is a manifestation of your security intent and all the defining attributes of the machine, combined and tracked for conformity throughout the device’s lifecycle. Conduct a regular scan of your devices and see how each conforms to your pre-defined hygiene benchmark.

What can you do to secure it?

Every missing device calls for a custom response that is based on the circumstance. For this reason, you need to be able to automatically reach every device, quickly, in an informed manner so you can tailor every response for best results.
With so many untethered endpoints out there, devices are bound to be lost or even stolen – it’s just a matter of when. Following these four steps will help you prepare for this reality, guide your response and ultimately, better protect your data. For more information on how you can protect yourself from lost and stolen devices, watch this short video below. And while you’re at it, watch and subscribe to our full Cybersecurity Insights video series on YouTube.
Lost, Stolen Devices
Video Transcript:
Hey! Josh here from Absolute. Today, we’ll cover something we all experience but rarely talk about: missing devices.
Isn’t it amazing to see how businesses have evolved?
Our workforce is global. Laptops, tablets, mobile phones are scattered around the world, the term ‘user’ includes customers, partners, contractors, among others, and data hides ‘out there’ on endpoints that regularly go out-of-sight.
35% of endpoints contain sensitive corporate data.
What happens when one of these machines goes missing?
Well, we begin by answering 4 questions:
1) Where is it?
Some may say that isolating or scanning or quarantining a device is the first step, but that assumes you have visibility to the machine. So, pinpointing the device’s location is the first step.
2) What’s on it?
Buried within these devices are regulated data like health data, financial records, or personal information. A sure bet to be non-compliant when the device goes AWOL. So, we need to scan the device with lexical crawlers to confirm or disconfirm any sensitive data.
3) What’s protecting it?
Here, we need to see if any of our protective technologies (Anti-virus, encryption, security agents and apps) are working or if they have failed. By extracting this kind of asset intelligence, you can set priorities and act quickly.
4) What can we do to it?
Every scenario calls for a tailored response based on the circumstance. This is why it is so important to have flexibility to reach any device – on or off your corporate network – with any command, script, playbook fine-tuned to the moment.
With so much movement and complexity, you can bet your sweet bitcoin that some of these devices Will. Go. Missing.
In a real-world with a boundless workforce, paired with distributed devices, data, and apps the recurring episode of missing machines is part of the game.
But we can ask ourselves those four questions:
– Where is it? And we can Track & Trace
– What’s on it? Extract Asset Intelligence
– What’s protecting it? This puts the finger on the pulse of Endpoint Cyber Hygiene
– What can we do to it? We can automate our response for a rapid recovery.
Be sure to like this episode, and subscribe to our channel, because next time we will discuss another heart attack problem: Data Privacy. I will see you then!

Weighing Privacy with Security Under GDPR

Weighing privacy and security has long been a delicate balancing act. With the adoption of GDPR this year, the scales have again shifted and the stakes for failing to get it right are dramatically higher. This is especially true as other similar data protection mandates continue to evolve around the globe like PIPEDA in Canada and new regulations being debated in Australia, Brazil and just about every state in the U.S.
Generally speaking, GDPR stresses prevention over detection. For example, an organization should prioritize blocking employee access to certain websites or tools over continuously monitoring employee communication. Continuous monitoring, under GDPR, is considered overly invasive and an encroachment to an employee’s privacy.
GDPR also requires organizations conduct regular Data Protection Impact Assessments (DPIA) as a way to help identify threats to the privacy rights of EU citizens. Beyond just identifying the potential threats, organizations must also build effective responses to threats the DPIA identifies. Technical controls such as encryption and personal data anonymization are most common and these types of responses address both customer and employee data privacy concerns as well as secures an organization’s IP, finances and much more.
IT Asset Management
The problem for most IT departments who are attempting to comply with GDPR or any other privacy regulation for that matter, is you can’t secure what you don’t know you have. Fortifying your network with your very best data protection efforts are largely wasted if you’ve got a single endpoint in the wrong hands with inadequate protection. Thoughtful asset management that includes an inventory of devices, who they are registered to, and what that user has access to is the first step in effective data protection.
The mechanics of securing the vast amount of data across all those devices must also be aligned with privacy concerns and that gets trickier still.
When it comes to managing your data and devices, IT should be enforcing policies already put in place by organizational leadership. Acceptable use and/or device use policies should be established by leadership and then effectively communicated by IT. It’s important to have a clear understanding among all stakeholders what data must be tracked.
For example, say your policy says devices aren’t supposed to leave a pre-defined range. A laptop just doesn’t drift out of range on its own, rather an employee might unwittingly take a device with them when they travel. And that laptop grants access to both employee records and customer lists. In this scenario, that employee must first know the policy of where that laptop may be taken – awareness is one layer of protection. Then, geolocation alerts may be set up for when that device leaves the acceptable range so IT knows it’s gone. As a final step, your asset inventory should tell you if the out of range laptop contains sensitive data that must be protected.
Under GDPR, you likely wouldn’t use geolocation alerts all the time – constantly monitoring the location of the laptop (and therefore the employee) would be considered invasive. But alerts, as per policy, do help maintain security of the data and device. This is an example of the concept of proportionality, or weighing the risk of harm to an individual with legitimate purpose.
There are technical solutions that can help you validate that your organizational policies are working as intended. Absolute Reach allows you to create and execute fast asset management queries to speed inventorying and audits and execute custom remediation actions to address vulnerabilities and threats when needed.
How protected are your endpoints? Do you know? Get a free evaluation of your endpoint exposure with this quick assessment.