December 06, 2023
3 Min Read
In our work-from-anywhere environment, it’s commonplace for IT and security teams to manage and secure devices connected to corporate networks from many different locations, whether it be on-premises from the company headquarters, a client’s office, a local coffee shop, or on-the-go from an airport. While this flexibility provides benefits to employees and organizations, it also presents challenges for practitioners due to inconsistent visibility and control across remote device fleets.
Device, data, and security risks stem from a variety of factors on endpoints. These span theft, loss, sensitive data accumulation, and falling under the control of threat actors. Malfunctioning critical security applications, outdated patches, and tampering can leave them open to attacks and exploits. As a result, practitioners are required to identify such risks early and respond to them in a proactive manner, to stop them from progressing into more serious security events.
The Absolute Secure Endpoint 8.0 product release provides significant enhancements to several capabilities. All allow users to be more proactive in their device and security management practices and to add a more robust level of endpoint resilience across every machine.
The Absolute Console’s navigation flow is revamped to offer a more seamless user experience. The global side navigation bar (left) now includes subpages (e.g., Policy Group, Persistence, etc.) as well as a device search bar. This provides easy access to these pages and the ability to search for specific devices in environments. In addition, a new contextual bar at the top allows you to discover and execute actions that are relevant to the page you are on. Examples include adding widgets to the dashboard, creating a new rule from the Rules page, editing columns, exporting and saving reports.
As a result of remote work, employees are more often utilizing their company laptops as if it were their own personal devices, resulting in an accumulation of sensitive data over time. This includes personally identifiable information (PII) such as social security details, health records, financial details, and personal images, among other items. The Endpoint Data Discovery feature allows administrators to remotely search for files containing such sensitive information across their device fleets and to take swift action to alleviate risk of data exposure. With this release, creating Endpoint Data Discovery rules is more flexible with support for Regular Expressions as well as new operators that make it easier to find specific types of files (e.g., accounting files, healthcare records, etc.) across your devices as well as files having a specific SHA-256 hash value.
The Device Usage feature enables practitioners to identify how often employees are utilizing their laptops, verify end user activity, and potentially identify malicious activity. With the Secure Endpoint 8.0 release, administrators can now access three new device usage events to identify whenever a device undergoes one of the following actions: shutdown, sleep, or wake. This is in addition to the device usage events that were previously available for login, logout, lock and unlock.
With the increase in device mobility due to anywhere work, it is essential for practitioners to keep track of device location and to receive alerts when location policies are violated. With this release, users can now access contextual information on the geotechnologies used (i.e., IP address, Wi-Fi and/or GPS) to determine a device location. This is now displayed on alert emails tied to Geofences as well as the Location History tab under devices’ Device Details page.
Security applications that rely on agents running on the OS-layer fail regularly for a variety of reasons. End users may intentionally or unintentionally remove application components. Malicious insiders and/or hackers typically look to disable mission-critical applications to bypass security controls as part of a cyberattack. Device re-imaging can lead to incorrect software installation. Technical complexity frequently renders them ineffective. Absolute Application Resilience helps customers strengthen security applications deployed across their device fleets by ensuring that they remain resistant to failures.
Application Resilience now includes support for five new applications - JumpCloud™, VMware® Carbon Black EDR, Halcyon, OneBe TrustDelete and Secureworks® Taegis XDR.
Share this article