Torbay and South Devon NHS Foundation Trust is an integrated organization providing acute health care services from Torbay Hospital, as well as community health services and adult social care. The Health Informatics Service provides support to the Trust, which includes Torbay Hospital as well as five community hospitals. The Trust collectively employs approximately 6,500 staff and, in a typical year, oversees 500,000 face-to-face contacts with patients in their homes and communities and sees over 78,000 people in its Emergency Department (A&E).
The Story
Establishing Visibility of All Devices
Endpoint security is a foundational part of protecting the thousands of devices leveraged by the staff of the Torbay and South Devon NHS Foundation Trust. As part of a review of its device management processes, the Trust turned to Absolute Secure Endpoint to identify unused and unprotected devices and improve overall security.
Using the patented Absolute Persistence® technology, which is embedded in the firmware of more than 600 million devices, the Trust launched an initiative to improve visibility across its laptop estate—comprised of approximately 6,000 devices in total.
Security Needs
Full Device
Visibility
Up To Date
Protections
DSPT
Compliance
"Managing a large fleet of laptop devices – each containing critical confidential data – is an incredibly challenging task and we take information security extremely seriously."
DARREN THOMAS
DESKTOP OPERATION SPECIALIST
TORBAY AND SOUTH DEVON NHS FOUNDATION TRUST
The Solutions
How They Did It
Maximizing Device Resources with Geolocation
With Absolute Secure Endpoint’s geolocation and device tracking capabilities, it became clear that approximately 100 laptops were inactive or unused within the Trust’s network. These laptops were quickly retrieved, updated, and re-deployed for use, saving the Trust thousands of pounds and helping to maximize resources. In addition, the Trust established a system whereby inactive devices that remain unused for a period of 30 days automatically lock.
Keeping Cyber Protections Installed and Up-to-Date
The Trust can now quickly update security scripts across the entire Windows device estate, meaning it can ensure encryption and cyber protection systems are installed, up-to-date, and running.
Ensuring Compliance with Mandatory DSPT Requirements
Furthermore, the IT team has full visibility into the status of the device fleet that is connected to or is off the corporate network, allowing the Trust to comply with the mandatory Data Security and Protection Toolkit (DSPT) requirements by ensuring that devices are secure at all times. In the event of a lost or stolen device, they can take action by locking the device and, if needed, deleting any sensitive files or wiping the device fully to meet NIST standards. The Trust can also produce a certificate to confirm the data wipe and can prove encryption was present at the time of loss or theft.
The Results
Improve Security with Complete Visibility
Unidentified and unprotected devices increase the risk of cyberattacks. With Absolute Secure Endpoint, the Trust has complete visibility into the status of its device fleet, allowing them to ensure every device is fully operational, updated, and protected.
For Torbay and South Devon NHS Foundation Trust, Absolute Secure Endpoint:
- Identified approximately 100 laptops that were inactive or unused within the Trust’s network and quickly retrieved, updated, and re-deployed them for use
- Establishes a policy whereby inactive devices that remain unused for a period of 30 days automatically lock
- Quickly updates security scripts across the entire Windows device estate and ensure encryption and cyber protection systems are installed, up-to-date, and running
- Provides full visibility into the status of the device fleet that is connected to or is off the corporate network, allowing the Trust to comply with DSPT requirements by ensuring that devices are secure
Absolute Platform FAQ
The Absolute® Platform leverages a cloud-based, highly-available and secure multi-tenant architecture that is available across different regions. It’s comprised of a variety of foundational components that power Absolute product features that are being leveraged by the company’s enterprise customers and ecosystems partners (e.g., independent software vendors, original equipment manufacturers, or managed service providers) alike.
The Absolute Platform consists of three core components:
- Absolute Persistence Technology
Absolute Persistence® technology, a unique, patented technology is already embedded in over 600 million devices as a result of Absolute’s partnership with nearly 30 system manufacturers from around the world. Once activated, this technology is fiercely resilient and is the only solution to survive attempts to disable it, even if the device is re-imaged, the hard drive is replaced, or the firmware is updated.
No other technology can do this. Ultimately, it provides a secure, unbreakable, and always-on connection between the Absolute Platform and the endpoint, allowing you to gain unprecedented real-time visibility, control, and remediation capabilities.
- Absolute Resilience Technology
The Absolute Platform utilizes two types of patented Absolute Resilience™ technology to ensure that mission-critical applications remain healthy and operational and to provide end users with the most productive, as well as optimized remote access experience possible:
- Application Resilience™: Monitors mission-critical applications’ health and behavior; detects if missing, corrupted, or not running; and automatically repairs or re-installs components when necessary – without requiring human intervention. Application Resilience ensures security controls are working as expected and provides optimal user experience by fixing unhealthy applications. Currently more than 60 mission-critical applications are enabled for Application Resilience and more are being added frequently.
- Network Resilience™: Monitors and automatically, as well as transparently restores and optimizes unhealthy network connections so networked applications continue to operate without end user-impacting interruptions that would otherwise require manual application restarts, network re-connects, and/or re-authentications. Network Resilience allows for superior connectivity and reliability, allowing end users to focus on their tasks and not network behavior.
- Absolute Intelligence
Absolute ensures a digital tether to each device remains intact, providing you with reliable insights and intelligence from all of your endpoints to the network edge — on or off your corporate network.
Hundreds of data points are gathered and served up as insights, providing guidance on utilization, health, security and compliance posture, as well as a unified view into the entire end user experience. Applying AI-based risk assessment and user entity behavior analytics lets you go beyond the monitoring of resources and applications, allowing for automated remediation and uncompromised user productivity.
Other foundational components of the Absolute Platform that enable the Absolute Secure Endpoint™ and Secure Access™ products are as follows:
- Web console
- Mobile app
- Rules and policy engine
- Alerts
- Dashboards
- APIs
- Application Persistence-as-a-Service SDK
- Third-party integrations (e.g., SIEM, ITSM)
Customers can leverage the Absolute Platform components through Absolute’s packaged products, APIs, and SDKs. The result will be rapid innovation. The Absolute Platform is always included in the product package of choice.
Like what you're hearing?
We’d love to show you how Absolute can secure and empower your organization.
Looking for more information? Join a product overview webinar
Not ready for a demo? Have some questions?