How to Keep Your Endpoint Security Applications Healthy

By: Neeraj Annachhatre | 11/26/2018

From healthcare to professional services, and every industry in between, organizations are pressed to secure their ever-growing number of endpoints, including laptops, tablets, mobile phones, IoT devices and more. According to a new study by Ponemon Institute, nearly two-thirds of enterprise organizations have been compromised in the last 12 months by attacks that originated on endpoints. This is a 20 percent increase over last year, researchers say.

Attacks from outside intruders are a daily challenge, but internal threats are too. Of particular concern, are employees disabling or tampering with the critical security applications that IT teams rely on to secure devices and data. Whether out of negligence or malice, employee behavior can put organizational information at risk and cause malware intrusion, corrupted registry files and drivers, disabled services, and the need for reimaging when they interfere with system management, patch management, anti-virus, anti-malware, encryption, and other important security tools. Not only does it put the organization at risk for a breach, but it also creates additional work for IT who are already spread far too thin.

With device fleets growing in size and scattering in geography, there isn’t a manual solution for preventing users from disabling or tampering with critical security tools. Automation is the name of the game today. More and more organizations are relying on tools to monitor their security applications and remediate problems when necessary. Absolute's Application Persistence® is one such solution. Its patented, unique technology maintains a direct, two-way connection with the endpoint and enables report only, report and repair, and report, repair and reinstall policies.

Just Announced: Dell Persisted Applications

This week, Absolute Application Persistence was released for Dell Data Guardian and Dell Endpoint Security Suite Enterprise (ESSE) which includes both Advanced Threat Prevention and Dell Encryption applications. Application Persistence leverages Absolute’s Persistence technology which is embedded in the firmware of Dell products and therefore cannot be disabled or tampered with.

Application Persistence runs periodic health checks across the device fleet and seamlessly remediates applications that are either not installed, not running, or missing critical operational files or directories. It also sends regular updates on device status so the administrator can monitor the entire device fleet without having to worry about individual instances of application issues.

New Reach Scripts

To help IT and security teams ensure the integrity of their endpoints and data, Absolute has released new scripts for Reach, a powerful custom query and remediation feature that is part of the Absolute platform. Because Reach lets you ‘reach’ any device — even if these devices are off your network and outside the bounds of traditional tools — you can still take action on these devices. The full list of new Reach scripts is below:

New Script Name Description
Enable/Disable Removable Media This script enables or disables USB removable media on a system.
Change Share Permissions This script is designed to add or revoke share permissions for a Windows File Share.
Enable/Disable User Account This script will enable disable a user account on a computer.
Share Windows folder This script shares a Windows folder on a device.
Start Windows Application This script is designed to start a windows application.
Start Process This script starts a process on a device that will execute and then close.
Start/Stop Windows Service This script is designed to start, restart, or stop a Windows Service on a system.
Change volume license activation from MAK to KMS This script changes volume license activation on a device from MAK (Multiple Activation Key) to KMS (Key Management Service).
Report failed Windows updates This script is designed to report the failed installation of Windows Updates on a system.
Mute sound on a computer This script mutes the sound on a computer.
Clear SCCM Cache This script is designed to clear the SCCM Cache using the UIResourceMGr.
Force SCEP/Windows Defender check-in This script forces System Center Endpoint Protection (SCEP) or Windows Defender to check in and get the latest definitions.
Force SCCM Machine Policy Evaluation This script is designed to force an SCCM Machine Policy Evaluation (Machine SCCM Check-in).
Financial Services