IT | Security

Resource Center for Remote Work and Distance Learning During the COVID-19 Outbreak

Actionable data and extended functionality to help our customers maintain business continuity

Available Now

Dashboard: Data & Device Usage Trends
Persistent, Self-healing VPN Connection
Remote Device Management
Student Web Usage Analytics
Personal Device Protection
Product Briefing Webinars

Remote work and distance learning insights

The shift to remote work and online learning was sudden and far-reaching, and IT and security teams and educators are rising to the challenge. Our dashboard monitors data and device trends before and during the pandemic, shining a light on areas of potential risk and highlighting how best to adapt to remote work and distance learning programs.

View the dashboard

Persistent, self-healing VPN connection

Extend Absolute’s self-healing capabilities to your critical VPN controls, ensuring they are undeletable. Unrestricted access to Application Persistence for VPN ensures that your employees will have a continuous, secure connection to their data and applications. Available to every customer at no cost, until August 31, 2020.

Get started now

Remote device management at scale

Maintain complete control of every endpoint with a comprehensive library of automated, custom workflows — no scripting required. Reduce the load on your IT and security teams with pre-built commands for enforcing Windows updates, managing device configurations, and resolving issues — from helpdesk tickets to security events. Available to every customer at no cost, until August 31, 2020.

Get started now

Ensure students are actively engaged as distance learning takes off

Measuring student engagement is even more challenging now, as students are learning outside schools in response to the COVID-19 health crisis. To help with the rapid shift to distance learning, Absolute is extending access to Web Usage analytics to all accounts.

Web Usage tracks and categorizes the last seven days of browser data, so schools can benchmark productivity time and direct students towards the right resources. Available to education customers at no cost, until August 31, 2020.

Protection for your team’s personal devices

At times like these, your employees may also be concerned with the security of their personal devices. We’re pleased to extend a 50% discount to your entire staff, to purchase Absolute Home & Office. Take endpoint security home, with the ability to locate, lock, delete and recover. Offer available until August 31, 2020.

Learn more

Product briefings for remote teams

Get the most out of Absolute with on-demand tutorials for remote work and online learning. Whether you’re solving for enterprise or education, our product experts will show you how to quickly manage and secure your remote inventory with the Absolute console.

FAQs - IT Teams

How can I ensure that my employees working from home have their PCs running latest security updates?

You can view the operating system and latest patch level of every PC in your environment by checking the Update Build Revision number. To find this number, use the Operating Systems Report, or expand other reports to include OS information.

For your reference, Microsoft keeps an up-to-date list of each patch and its release date here:
https://docs.microsoft.com/en-us/windows/release-information.

As many employees are working from home, it’s possible some may not be connected to VPN, preventing traditional patch management tools such as SCCM from keeping all PCs updated. With Absolute, you can configure devices to auto-update directly from Microsoft by following these steps:

  1. From any report, you can select the target devices you would like configure, then click the "Run Script" button to use Reach.
  2. Within the “Run Script” dialog box, search for "Windows Update Configuration”, and select that script.
  3. Follow the steps to run it on the selected devices by configuring the desired update day/time, as well as the reboot warning notification for the end user.

The Reach library includes this and 130+ pre-built scripts that require no scripting skills to use. You can learn more about building your own Absolute Reach script here.

How can I identify PCs that have a corrupted or missing VPN agent, and have it automatically remediated?

Absolute lets you configure and set an Application Persistence policy to monitor and automatically heal commonly-used VPN tools. To do this, follow these steps:

  1. Navigate to the Policies tab of your Absolute console and select a target policy group. For many users, this may be the default 'Global Policy Group’.
  2. Select the ‘Settings’ section
  3. Click the ‘Configure’ button to the right of “Application Persistence.” This will open the full list of available applications for your account that you can persist.
  4. Find the VPN application you use and select the “configure” option next to it.
  5. In that dialog box, you can select your current version, as well as the level of persistence you prefer for that policy group.
    • ‘Report’ will alert you if the VPN client is missing or becomes corrupted, leaving you to choose a course of action
    • ‘Repair’ will automatically attempt to repair the agent when corrupted
    • ’Reinstall’ will re-install the application if missing or if an auto-repair is unable to make it healthy. To re-install, you will need to provide a download location and credentials.

For more details on ensuring your security tools are installed and functional, visit this page.

How do I provide/remove local admin rights for a user to deal with a device issue from home?

  1. Select the devices you would like configure within the Assets tab
  2. Select the button labeled "Run Script" to use Reach
  3. Within the “Run Script” dialog box, search "Add or Remove Domain User/Group to Local Group”, and select whichever option you searched for
  4. Enter ‘Remove’ in the Add/Remove box
  5. Enter ‘Local Administrators’ in the ‘LocalGroup’ Box
  6. Enter the desired’ username into the UserOrGroup box

The Reach library includes this and 130+ pre-built scripts that require no scripting skills to use.

How do I update device settings normally enforced by GPO when the device is not on my network?

You can configure several different local computer settings using out-of-the-box scripts in the Reach Library.

  1. Select any number of devices you would like to configure within any report, then select the button labeled "Run Script" to use Reach
  2. Within the “Run Script” dialog box, search for the desired script.
    Widely-used scripts include Add Firewall Application Rules, Remove Windows File Share, Delete Aged User Profiles, Enables or Disables USB Removable Media, Enables or Disables USB Removable Media, and Enable or Disable a Windows Service.
  3. Select the desired script and follow the steps and input variables to execute.

The Reach library includes this and 130+ pre-built scripts that require no scripting skills to use.

How can I identify unused devices?

If a device has not connected in over 30 days, you can find it in the "Dark Devices" report. The Dark Devices report includes information about devices with an active Absolute agent that have not checked into the Absolute Monitoring Center for 30 days – or have never checked in at all. More information on Dark Devices can be found here.

Alternatively, you can also monitor device usage rates by using the Device Usage widget on the home dashboard, and then click on "Not used" to create a filtered Device Usage report.

FAQs - Security Teams

How do I ensure that my Security tools are healthy and functioning on remote devices?

You may find that your mission-critical applications have a limited ability to remotely verify that they’re deployed, secure, and compliant. Over time, they may become non-functional or non-compliant without your knowledge, potentially exposing your organization to data breaches, regulatory non-compliance, and a loss of employee productivity.

To automatically monitor the health of security applications, or remediate them when they are not running in a healthy state, follow these steps:

  1. Navigate to the Policies tab of your console, and select a target policy group. For many users, this might be the default 'Global Policy Group.’
  2. Select the ‘Settings’ section
  3. Click the ‘Configure’ button to the right of “Application Persistence” to open the full list of available persisted applications for your account.
  4. Find your application, then select the “configure” option beside it to open a dialog box
  5. In that dialog box, you can select your current version, as well as the level of persistence you prefer for that policy group.
    • ‘Report’ will alert you if the VPN client is missing or becomes corrupted, leaving you to choose a course of action.
    • ‘Repair’ will automatically attempt to repair the agent when corrupted.
    • ’Reinstall’ will re-install the application if missing or if an auto-repair is unable to make it healthy. To re-install, you will need to provide a download location and credentials.

You can also monitor the encryption status of your entire fleet with the Encryption widget, found on the Home Dashboard, and the Encryption Report.

For the anti-malware status of your devices, you can use the Anti-Malware widget on the Home Dashboard or the Anti-malware Report.

More details on ensuring that the security tools are installed and functional can be found here.

Is remote working leading to an increase in sensitive data being at risk on devices? Can I identify and remediate that risk?

You can use Absolute’s Endpoint Data Discovery to determine if you have sensitive data on remote devices. To do this, you first need to configure your policy to scan for and classify locally-stored data by looking for matches to known or custom lexicons, such as PII, PHI, etc.

  1. Navigate to the Policies tab of your console, and select a target policy group. For many users, this might be the default 'Global Policy Group’.
  2. Select the ‘Settings’ section.
  3. Click the ‘Configure’ button to the right of ‘Endpoint Data Discovery’ to open a dialog box.
  4. In the dialog box, choose the out-of-the-box lexicons you wish to include in your policy, then set the scan schedule and any other policy restrictions.
  5. After the policy runs on devices, data will start populating the ‘Match Score Summary’ in the Reports tab. This will highlight devices with the most matches by category, allowing you to drill down into each device – including the individual sensitive files the scan has identified, as well as historical data from previous scans.
  6. Additionally, you may choose to perform a remote Data Delete from the Device Actions menu.

Additional Details on how to configure and review your existing visibility tools can be found here.

How do I remediate known vulnerabilities if devices are not on my network?

Vulnerabilities are most common in older, unpatched systems. As a user of the Absolute console, you can view the operating system and latest patch level of every PC in your environment by looking at the Update Build Revision number.

For your reference, Microsoft keeps an up-to-date list of each patch and its release date here:
https://docs.microsoft.com/en-us/windows/release-information/.

As employees work from home, some may neglect to connect to VPN, preventing traditional patch management tools such as SCCM from ensuring all your devices are up to date. With Absolute, you can configure devices to auto-update directly from Microsoft:

  1. From any report, select the target devices you would like configure.
  2. Select the button labeled "Run Script" to use Reach.
  3. Within the “Run Script” dialog box, search for "Windows Update Configuration” and select that script.
  4. Follow the steps to run it on the selected devices by configuring the desired update day/time, as well as the reboot warning notification for the end user.

The Reach library includes this and 130+ pre-built scripts that require no scripting skills to use. To learn more about building your own Absolute Reach script, please click here.

How do I notify all end users of an emergency?

The End User Messaging feature lets administrators communicate with end users of managed devices through custom or URL messages. End User Messaging occurs during the agent call to the Monitoring Center. Administrators can also solicit information from end users through end user messaging that populates Custom Device Fields.

  1. On the navigation bar, click Settings > Data > End User Messaging.
  2. The End User Messaging page shows a list of end user messages, and you can create your own by selecting “Create New End User Message.”
  3. On the resulting page, find the Message information area and select the Message Name field.
  4. Enter a descriptive name for the new message – it’s for your reference only and is not shown to the end user.
  5. The ‘Send To’ area contains a field called ‘Message Destination.’ In that field, indicate the appropriate option that defines the devices that receive the message:
    • ‘All Devices’ to message all devices, including future activations
    • ‘Specific Device’ lets you select a single device to receive the end user message
    • ‘Specific Group’ to choose a group, and then select the Group Name you want to receive the end user message

Administrators can create any number of end user messages. Details on how to enable End User Messaging can be found here.

FAQs - Education

How can I track and manage all devices remotely?

You can review a specific device's location using the Location History report under the Reports section. This report will also provide a map of where the device has been over a defined period of time. To see where all your devices are right now, visit the Last Known Locations report in the Reports section.

To pinpoint devices that need OS or anti-malware updates, view the Assets section and the Reports section. These reports provide you with an overview of key inventory data like OS patch levels, anti-malware status, encryption status, and username.

To quickly resolve problems on devices that are off network, use Absolute Reach to execute PowerShell or BASH scripts using the library of 130+ prebuilt scripts, or create one of your own. To learn more about building your own Absolute Reach script, please click here.

How can I identify and manage a lost or stolen device?

If a user's device has not connected in over 30 days, you can run the "Dark Devices" report. The Dark Devices report includes information about devices with an active Absolute agent that have not checked in to the Absolute Monitoring Center for 30 days — or have never checked in at all. More information can be found on here.

If you’re unable to locate a device, you can flag it as Missing. The next time it connects, you will automatically be sent an alert. If you suspect there has been criminal activity – for instance, if the last known location is suspicious – you can file a police report and create a theft report. The Absolute Investigations team will work with local law enforcement to investigate and recover the device.

How can I maintain and repair critical security controls remotely?

As an admin user of the Absolute console, you can configure and set an Application Persistence policy to monitor and automatically heal common security applications, including VPN tools:

  1. Navigate to the Policies tab of your console and select a target policy group. For many users, this might be the default 'Global Policy Group’.
  2. Select the ‘Settings’ section.
  3. Click the ‘Configure’ button to the right of “Application Persistence”. This will open the full list of available persisted applications for your account.
  4. Choose the “configure” option again next to the application title you use.
  5. In the resulting dialog box, you can select from your current version, as well as the level of persistence you prefer for that policy group:
    • ‘Report’ will alert you if the VPN client is missing or becomes corrupted, leaving you to choose a course of action.
    • ‘Repair’ will automatically attempt to repair the agent when corrupted.
    • ’Reinstall’ will re-install the application if missing or if an auto-repair is unable to make it healthy. To re-install, you will need to provide a download location and credentials.

More details on ensuring that the security tools are installed and functional can be found here.

How can I protect the district's data, including student and health records?

As an admin user of the Absolute console, you can determine if you have sensitive data on remote devices by looking at the Endpoint Data Discovery results. To do this, you first need to configure your policy to classify local data and look for matches to known or custom lexicons, such as PII, PHI, etc.

  1. Navigate to the Policies tab of your console, and select a target policy group. For many users, this might be the default 'Global Policy Group’.
  2. Select the ‘Settings’ section.
  3. Click the ‘Configure’ button to the right of ‘Endpoint Data Discovery’.
  4. In the resulting dialog box, choose the out-of-the-box lexicons you wish to include in your policy, and set the can schedule or any other policy restrictions.

After the policy runs on devices, data will start populating the ‘Match Score Summary’ in the reports tab, which will highlight devices with the most matches by category and allow you to drill down into the detail of each device.

For additional details on how to configure and review the existing visibility tools, please click here.

How can I remotely ensure that devices are being used?

With Absolute, you can see the device usage of both individual devices and device groups by navigating to the Device Usage report. This report shows the average daily usage of each device.

  • You can narrow the view to a single device by entering the serial number, ESN, or username in the search box.
  • You can also use this report to find a list of devices which are used very little. To do this, add an Average Daily Usage filter by clicking the + at the top of the report.
  • With the Device Analytics report, you can compare device usage by device group. If you have a device group for each school, for example, then you can easily compare device usage by school by navigating to the Device Analytics report and selecting the device groups you want to compare.

To take advantage of the device usage reports, make sure that Device Usage is enabled by navigating to the Policies section and ensuring Device Usage is enabled for every Policy Group that you want to track.

Information on the "Device Usage" report can be found here.

How can I identify if students or staff are in high-risk areas?

You can find at-risk users by seeing if they have traveled outside of their local area recently. Absolute offers three different options to determine location of devices:

  1. You can create geofences and alerts that would notify you when a device has left a defined area. To learn how to create a geofence alert, please read page 22 of the Absolute User Guide.
  2. To review the specific location of a device, visit the Location History report under the Reports section. This report will also provide you a history of where a specific device has been over a defined period of time.
  3. To view where all of your devices are located, visit the Last Known Locations report in the Reports section. This will give you a view of where your devices are currently located.

My students don’t pay attention to emails. How do I ensure that I can communicate with them in case of an emergency?

The End User Messaging feature lets Administrators communicate with the end users of managed devices through custom or URL messages. End User Messaging occurs during the agent call to the Monitoring Center, so users will see the message as soon as their device boots up. Administrators can also solicit information from end users through End User Messaging that populates Custom Device Fields.

  1. On the navigation bar, click Settings > Data > End User Messaging.
  2. The End User Messaging page shows a list of end user messages, and you can create your own by selecting “Create New End User Message.”
  3. On the resulting page, find the Message information area and select the Message Name field.
  4. Enter a descriptive name for the new message – it’s for your reference only and is not shown to the end user.
  5. The ‘Send To’ area contains a field called ‘Message Destination.’ In that field, indicate the appropriate option that defines the devices that receive the message:
    • ‘All Devices’ to message all devices, including future activations.
    • ‘Specific Device’ lets you select a single device to receive the end user message.
    • ‘Specific Group’ to choose a group, and then select the Group Name you want to receive the end user message.

Administrators can create any number of end user messages. Details on how to enable End User Messaging can be found here.

Need assistance with set-up and configuration?

Our support team is on hand to answer your questions.

Contact Support