Category: Absolute DDS

Security Posture Dashboards in Absolute DDS: A Deeper Look

As part of the November 2016 release of Absolute Data & Device Security (DDS), we released new Security Posture Reports and a convenient Security Dashboard. With instant access to the health status of critical security layers and aggregate assessments of your entire security stack, you can take firm control of your security posture.
Absolute DDS Provides Visibility into Multi-Layered Security
In today’s constantly evolving cybersecurity landscape, no one security layer alone is sufficient to protect an organization, secure its devices, and safeguard its data. The attack surface is just too vast and the attack vectors are too numerous. Rather, a multi-layered security approach is the best strategy to prevent, assess, and respond to emerging threats.
In such an environment, monitoring and managing your security posture is critical to protecting your organization from a number of security threats. It also has the potential to be overlooked. Often, there are simply not enough resources, not enough cycles, and not enough urgency to keep up with this important exercise.
Absolute DDS offers a Security Dashboard to make proactively monitoring your multi-layered security approach easy. With Absolute DDS, you can determine the status of complementary security applications such as SCCM, encryption, and anti-malware applications. With this visibility, you can take a proactive approach to reducing potential blind spots and can identify and respond to risks early.
Our rich visual dashboards further enhance your ability to assess your security posture. Data is displayed in a convenient security dashboard that visualizes security posture with respect to each security application.
Absolute DDS natively generates predefined status reports for each security application, but can also display this comprehensive data in a Security Dashboard to help you visualize your security posture with respect to each security application. No longer is it necessary to jump from application console to application console or from device to device to ensure security.
Start every day with a picture of your security posture. Start your day with Absolute DDS. 
Learn more about the Security Dashboard available with Absolute DDS Pro and Premium editions here. Start your free evaluation version of Absolute DDS today.

New Device Usage Reports and Security Dashboards

Absolute Data & Device Security (DDS) November 2016 release introduces exciting new capabilities to monitor device usage, maximize device utilization, and gain a deeper level of visibility across your entire device population.
As part of the new release, we’ve also launched a new Security Dashboard to give you an instant, visual assessment of your security posture.
Evaluate Your Security Posture at a Glance
Take firm control of your security posture with the new Security Posture Reports and visual Security Dashboard. Instantly get an accurate health status for critical security layers, as well as an aggregate assessment across the entire security stack. With Absolute DDS, you can easily determine the status of complementary security applications such as SCCM, encryption, and anti-malware applications.
Our rich visual dashboards further enhance your ability to assess your security posture by delivering a comprehensive view of existing vulnerabilities. Data is displayed in a convenient security dashboard that graphically visualizes the health status of each of those security applications.
Rich Device Usage Reporting
Device Usage Reporting is the first in a series of solutions in our new Device Analytics framework. Using this new feature, you can log device usage rates and user activity on managed Windows devices by observing device unlock/login frequency, keystrokes, and mouse movements. This insight can be compared across device groups and time periods. The data is conveniently displayed in bar charts for easy comparisons with other customer-defined variables. You can also drill down to the individual device level in order to access more detailed information such as keystrokes and mouse movements, as well as other software and hardware details.
Device Usage Reporting is particularly valuable to Education customers who need to track effective utilization rates to justify technology funding, form comparisons across districts, schools, and even classrooms, and correlate them with student performance.
Respond to Threats Quickly 
We have also enhanced our device freeze and data delete workflows within DDS 6 to allow you to respond to threats more quickly and easily by freezing multiple devices or deleting multiple at-risk files at once.
The latest release of Absolute DDS also includes the extension of Persistence technology to Android 7 (Android N) devices.
Get started with your free evaluation version of Absolute DDS today.

Cloud Storage Is One of Your Biggest Vulnerabilities

Cloud storage is fast and convenient, but it’s also one of the biggest vulnerabilities you’ll face when it comes to securing your sensitive data. Every day about 83% of your employees are using cloud storage applications to share company information. The majority of these employees (77%) are using third-party cloud applications without the approval or knowledge of their IT departments. In addition, a new survey from NTT Communications reveals a whooping 69% of users are able to access corporate via cloud storage applications after they have left the company. Shadow IT is a big problem in the cloud.
Employees aren’t engaging in Shadow IT to be malicious. The majority of employees simply want to be more efficient and productive at their jobs. In fact, many view their use of Shadow IT will free up IT department time. But their actions are inadvertently putting corporate data at risk.
How to Remediate Threats Before They Become Data Breaches
Earlier this year, Absolute released an update to Absolute Data & Device Security (DDS), which extends the functionality of our unique Endpoint Data Discovery (EDD) feature. While EDD is already set up to detect data at risk on your organization’s endpoints, this has been extended to include visibility into cloud storage applications. Using Absolute DDS, you can now:

identify corporate devices containing files that are synchronized with cloud storage applications
scan for at-risk data with remote capabilities to remediate potential compliance violations

Our Persistence technology extends your visibility beyond the reach of traditional security tools. With this technology, you can scan files for at-risk data and remediate potential threats before they become data breaches or costly compliance violations. Instead, you’ll be able to take immediate steps to remotely delete sensitive data, enforce data security policies and train employees to become more powerful allies in data security.
Reclaim visibility and control. Extend your endpoint data security controls beyond your network and into the cloud. Learn more here.

3 Strategies to Stop Data Bleed in the Cloud

The Insider Threat already lives in the cloud. Right now, IT lacks visibility into the data being used in the cloud. A recent survey revealed that that “shadow data” is a major threat. This unmanaged data, stored in the cloud, is broadly shared among employees and external parties. Another report indicated that only 49% of organizations know when and where sensitive data is being downloaded from the cloud.
Storing files in the cloud is common practice for backing up or sharing files with co-workers. These files may include intellectual property, confidential business information, usernames, passwords, or highly regulated information such as healthcare, personal, or financial details.
Users who place critical data in cloud-sync apps like Dropbox, Google Drive, or Box are essentially just as much of a threat as those placing that data in a regular folder on their devices. But the potential risk of a security breach is much higher. Data stored in the cloud can inadvertently travel further and faster. With just one errant link, anyone can access unprotected sensitive data synced in the cloud: no phishing, no malware, and no cyberattack required. For an organization governed by stringent compliance regulations, this is a perfect storm.
New Whitepaper on Cloud Data Risk
In our new whitepaper, At-Risk Data in the Cloud: 3 Strategies to Stop the Data Bleed, we look at how true visibility can unmask the threat of the cloud. We talk about:

Why drives employees to the cloud
The mistakes made by different kinds of employees, either seeking productivity, through naive actions or maliciously
The importance of education
The benefits to routine scans of devices
How to combat malicious insiders
The importance of “light-speed” response

In many cases, total lack of visibility from IT’s standpoint becomes a roadblock to combat the insider threat. If you’re able to run routine endpoints scans on cloud-sync application folders you can detect the existence of sensitive data. This will give you actionable insight into threats and allow you to take preventative action or remediate threats before they continue.
With Absolute DDS, we bring you the power of awareness. Only Absolute Data & Device Security (DDS) is capable of scanning devices for sensitive pieces of information and encrypting or erasing data off the company network, so you can respond quickly.
Download the full whitepaper to learn more about how to stop the data bleed in the cloud.

Your Corporate Data is Hiding in the Cloud

The number of cloud apps in use across enterprises is soaring, and it was already a lofty number. On average, employees use 917 different cloud apps within a given enterprise organization. Out of that total, unsanctioned apps represent 95% of an enterprise’s total cloud app footprint. Security and auditing are not at the core of most of these apps, and only 6% of them would be considered “enterprise ready.” A growing portion of corporate data is entering the cloud, and given this insight, that’s a pretty scary thought.
Trends in mobility and cloud use increase the insider threat, because existing data security policies and technologies often fail to address the data moving through or stored in cloud apps. At this year’s RSA conference, only 37% of respondents indicated that their organization had a solid policy to address cloud-based threats. A recent Gemalto survey found that half of all cloud services and corporate data stored in the cloud is not controlled by IT. In fact, only a third of sensitive data encrypted in cloud-based apps.
Defense-in-Depth Meets Public Cloud Storage
As we see with mobility, there is a definite lag among organizations to respond to the data security threats that the cloud represents. While organizations struggle to meet the demands of employees, by enabling mobile and cloud use, the threats multiply. The solution, as with all approaches to data security, requires that organizations adopt a defense-in-depth approach. With this type of strategy, policies, procedures and education are supplemented with layers of technology to protect data, wherever it resides. Moreover, security updates and alerts should be automated as much as possible to speed up time-to-detection.
Absolute recently released an update to Absolute DDS which extends our Endpoint Data Discovery (EDD) functionality. Now you can detect at-risk data in cloud storage applications  like Dropbox, Box, iCloud and One Drive. Using our application, you can determine which cloud applications are being used and if sensitive data is being stored in those applications. Together, this adds visibility to a growing area of data security. To learn more, visit Absolute.com

Absolute Detects Sensitive Data Stored on Cloud Applications

Absolute has introduced the capability to detect data at risk on endpoints associated with cloud storage applications such as Box, Dropbox, iCloud, and OneDrive. With the latest release of Absolute Data & Device Security (DDS), you can now determine which cloud applications are being used and if sensitive data is being stored within those applications. This important functionality offers unique visibility to a growing area of concern for IT.
Where is Your Data Hiding?
According to a Ponemon study, the biggest gaps in current endpoint security models exist in unprotected mobile devices, the insider threat, and the use of third-party cloud applications. A report earlier this year indicated that as much as 45% of corporate data is held on the endpoint in some form, including on cloud applications. This data is often unprotected by even the most basic security protections. The need for remote access off the company network, the rise of BYOD policies, and the limiting restrictions around the size of email attachments, often cause employees to turn towards Shadow IT practices such as the use of cloud data storage applications. This leads to data being used or stored outside the control of IT. This data is at the greatest risk of being breached due to employee negligence (or misuse) and outside attack.
Earlier this year, Absolute launched Endpoint Data Discovery – a new feature of Absolute DDS – to help organizations shine a light on dark data on the endpoint. With Endpoint Data Discovery, organizations can:

Identify and track sensitive data across endpoints
Take proactive action
Enforce corporate data policies
Take action if the data is at risk

We are proud to extend the innovative capabilities of Endpoint Data Discovery to include the detection of at-risk data on common cloud storage applications including Dropbox, Box, iCloud and One Drive.
New Functionality Now Available in Absolute DDS
Using Endpoint Data Discovery, you can now determine which cloud applications are being used and what information is being stored. Maintain visibility of PHI, PII, payment information, or intellectual property stored in folders associated with cloud applications by leveraging Persistence, and remotely delete that data at the source, even when the endpoint is off your corporate network. Reduce your potential blindspots and take a proactive stance to enforce security policies, identify risks, or prove compliance in the event of a security incident.
The extension of Endpoint Data Discovery data monitoring to cloud applications is available today in the latest version of Absolute DDS.
Get started with your free evaluation version of Absolute DDS today.

Get a Point-in-Time Assessment of Your Endpoint Security

Absolute Endpoint Risk Assessment Services provide a point-in-time assessment of the security posture of your workstations. Get critical insight into existing threats and security vulnerabilities for devices on and off your corporate network.
Use the Endpoint Risk Assessment (ERA) before a formal audit to identify and fix deficiencies. Alternatively, initiate an ERA after a security incident to ensure that new security measures are effective. The ERA can also be used on a regular basis to help enforce existing IT security policies. The information delivered through our ERA typically replaces many custom in-house scripts or multiple tools. A single tool to assess your endpoint makes our ERA easy to run and easy to understand. With a well-rounded picture, you can better assess the effectiveness of your endpoint security.
In addition, your ERA report will include information on everything from operating systems and status of security tools to notable suspicious files, applications reports (including use of cloud sharing and peer-to-peer apps) alongside actionable recommendations.
As part of the ERA process, the Absolute DDS agent will be deployed to your workstations for a period of four weeks, if not currently deployed. Critical security data will recollected from workstations, aggregated and analyzed for critical security issues and vulnerabilities.
To learn more, download our Endpoint Risk Assessment Services data sheet or sample report.
About Absolute Professional Services
With Absolute Professional Services, you can accelerate your product adoption. Once you’re up-and-running, we can help you manage, enhance, and customize your deployment for optimal business outcomes. Our Information Security Services can help you strengthen your security posture while optimizing the effectiveness of your existing security team. Our services include help with implementation, optimization of large or complex deployments, incident response or endpoint risk assessment.

How to Identify Data at Risk on Your Endpoints

Data lost through malicious or negligent behavior can be harmful to an organization. We’ve been talking a lot lately about the risks that Shadow IT and the Insider Threat pose to your organization. The most recent studies indicate that insider threats, the endpoint and unsanctioned cloud use are the top data security risks. And data breaches are more costly than ever before. By gaining visibility into all of your devices, you can more actively avoid the loss of intellectual property or other sensitive data. With more oversight, you can not only minimize your data at risk and the costs associated with a data breach, but potentially eliminate it.
We recently put together a document on Identifying Data at Risk with Absolute DDS. In this datasheet, we introduce some of the advanced reporting and remediation capabilities of Absolute DDS, including our new Endpoint Data Discovery (EDD) feature.
Get Advanced Reporting on Your Data
In the document, you will learn how Absolute DDS can silently scan files stored on your devices to detect content that is confidential or at risk. Since EDD scans require no user interaction, you’ll be able to investigate potential insider threats. You can also perform remediation activities on devices at risk once discovered. We offer a variety of custom data points to scan for, but you can create custom searches as well. In our document, we provide several screenshots of Endpoint Data Discovery at work. Check out the level of detail available in our reports as well as the value of our history reports.
Based on device or user activity, you can quickly assess and respond to risks. This in turn allows you to prove to regulators that no sensitive data was stored on a device, even if a device is beyond your control and never recovered.
You don’t have to worry about a data breach if no data was at risk. With the level of visibility and control available to you with Absolute DDS, you can find out data at risk, identify insider threats, and take preventative actions to regain control over your endpoint and the data they contain.  Learn more at Absolute.com

A Case for Updating Your Outdated Mobile Security Policy

Data loss is undoubtedly a growing concern within many organizations and your outdated (or nonexistent) mobile security policy may not cut it. Your current mobile security policy may be too restricting for certain types of business activity and could be putting your company at risk of a data breach.
The reality is, your employees need to be mobile to carryout certain job functions, and you need to protect your sensitive data. Therefore, your mobile security policy may need to be updated to accommodate these new requirements. However, with this policy update, another issue arises — you now need to be able to securely track and monitor devices and the data they contain.
Do Your Employees Understand Your Mobile Security Policy?
A report earlier this year indicated that as much as 45% of data is held on the endpoint, often without corporate knowledge or security oversight. Indeed, another report suggests that 37% of employees believe they currently access sensitive data they shouldn’t be accessing. Right now, exploited mobile devices account for one third of cyber security incidents, not to mention the myriad of other ways employees intentionally or accidentally put data at risk on the endpoint.
As an organization, you’re responsible for this noncompliance, and yet you currently have no way to track and monitor your endpoints or the data they contain.
This lack of control places your organization at risk for:

Loss of proprietary information, intellectual property, and sensitive data
Reputational and financial risk
High costs of trying to ensure data protection due to manual processes
Loss of competitive advantage due to data loss

Verify User and Device Activity with Absolute
With Absolute DDS 6, we provide an unprecedented level of visibility into data on the endpoint. Absolute Endpoint Data Discovery (EDD), a feature of Absolute DDS, allows organizations to specify the sensitive or proprietary information that they want to keep track of so it can be tracked, on any endpoint, with the ability to take preemptive or remedial action if needed. Most of our customers are pretty surprised at the results of their first scan: sensitive data is everywhere.
EDD allows organizations to shine a light on dark data at endpoints, allowing organizations to create custom data tracking, set risk profiles for user behaviors and specific device activity that would all trigger a risk warning, such as a device outside an expected geographic area, the presence of sensitive data, the disabling of encryption, or other evidence of unusual behavior or device activity. These automatic alerts allow IT to take rapid response to external or internal security threats, remotely deleting data, even when you don’t have control over the device.
Of course, EDD has obvious applications for heavily regulated industries in proving compliance, but we believe it has relevance beyond that, particularly when it comes to addressing the insider threat. Our patented Persistence technology allows you to extend your endpoint monitoring and protection capabilities beyond the limitations of traditional software solutions. With Absolute, you’re always in control. Get started with a free evaluation version of Absolute DDS today.

Shine a Light on Dark Data at Endpoints

With the recent launch of Absolute DDS 6, we unveiled a new feature that provides an unprecedented level of visibility into data on the endpoint. Absolute Endpoint Data Discovery (EDD), which comes as part of Absolute DDS, allows organizations to specify the at-risk or proprietary data that they want to identify so it can be tracked, on any endpoint, with the ability to take actions oon those endpoints if needed.
Channel Buzz recently covered the release of Absolute EDD, which has been an exciting launch for us here at Absolute. This release reflects the needs of our customers, addressing the pain points they had with doing inventory of data on their endpoints. Organizations don’t know how much at-risk data resides on the endpoints, and this becomes even more of an issue when employees take endpoints home or on the road. As pointed out recently here on InTelligence, nearly half of corporate data is floating around the endpoint. With Absolute EDD, you can now identify and track that data, and do so with a persistent connection to the endpoint, even if the endpoint is not connected to your corporate network.

How we shine a light on dark data at #endpoints for our customers: https://t.co/mX9wmaOtRW pic.twitter.com/4vASRVDHHB
— Absolute (@absolutecorp) May 17, 2016

EDD allows organizations to shine a light on dark data at endpoints, allowing organizations to easily create policies to identify the type of data that’s important to them as an organization. In addition to providing built-in rules, we also offer customers the ability to define their own definition of at-risk data. By defining data that’s important, you can then track it across all endpoints and take proactive action, to enforce corporate data policies, or take remediation action if the data is threatened. With Absolute DDS, we allow organizations to prioritize risk, allowing for rapid response to security threats. You can do a data delete, even when you don’t have control over the device.
Of course, EDD has obvious applications for heavily regulated industries in proving compliance, but we believe it has relevance beyond that, particularly when it comes to addressing the insider threat. Have a read through the rest of my article for a preview of EDD and then get started with a free evaluation version of Absolute DDS today.

Loading

Categories