Secure Endpoint FAQ

Absolute Secure Endpoint is one of our company’s core product lines, which leverages the unbreakable connection provided by Absolute Persistence® to enable IT and security personnel to monitor and address computers' problems and enables the computers and their mission-critical applications to self-heal. This helps with IT management, strengthening a company’s security posture, and maintaining compliance.

The Absolute Secure Endpoint product portfolio contains a variety of product packages:

  • Absolute Visibility
  • Absolute Control
  • Absolute Resilience
  • Absolute Ransomware Response

Other variants, such as Absolute Resilience for Student Devices, may be offered to meet particular use cases or geographic market needs.

Absolute Visibility is the entry service tier in the Absolute Secure Endpoint portfolio. Absolute Visibility collects data about the endpoints' location, security posture, and hardware/software inventory. It provides analysis of software and hardware utilization and identifies potential failure points and suspicious use patterns.

Absolute Control is the mid-service tier in the Absolute Secure Endpoint portfolio. Absolute Control adds to Absolute Visibility’s capabilities to control endpoints over the Internet, allowing for critical functions such as remote file deletion and data wipe, freezing devices on demand when at-risk, end user messaging, as well as establishing geo-fences and alerts.

Absolute Resilience is the top service tier in the Absolute Secure Endpoint product portfolio and the most popular package among customers. Compared to Absolute Control, it adds further capabilities to secure endpoints from threats and vulnerabilities, respond to security breaches and incidents, and enable Application Resilience to automatically monitor and detect unhealthy applications and automatically heal them.

Absolute Ransomware Response is a stand-alone offering, which provides capabilities and services to assess an organization's ransomware preparedness and cyber hygiene across endpoints; ensures mission-critical security applications such as anti-malware and device management tools remain healthy and capable of self-healing; and expedites the quarantine and recovery of endpoints if a ransomware attack occurs.

Customers can easily upgrade/downgrade their service subscriptions between Absolute Visibility, Control, and Resilience. Capabilities are additive and enabled via a software license key.

Absolute Ransomware Response is offered as a stand-alone solution primarily for security-conscious customers. Add-on options are offered for Absolute Control and Resilience customers. Absolute Ransomware Response customers can later easily expand their capabilities by changing their subscription to the Absolute Resilience service tier.

Absolute can be purchased through leading device manufacturers, resellers, and distributors. Contact us and we would be happy to help you with this process.

Secure Access FAQ

Absolute Secure Access is one of the company’s core product lines, which was added through the acquisition of NetMotion in July 2021. The product portfolio provides resilient network connectivity for users to securely access critical resources in the public cloud, private data centers, and on-premises. These products allow users to transition from traditional VPN to a resilient Zero Trust approach, without impairing productivity or admin controls.

Absolute Secure Access encompasses three products:

  • Absolute VPN provides security and confidentiality for data in motion by means of encryption and access controls. It also offers benefits to the end user, such as making tunnel and network sessions resilient and optimizing streaming video and audio.
  • Absolute ZTNA provides a software-defined perimeter via Zero Trust Network Access, creating a context-based, logical access boundary around an application or set of applications – wherever they're hosted. It shields applications from the Internet, making them invisible to unauthorized users. Access policies are enforced at the endpoint, avoiding latency and any data transgression.
  • Absolute Insights for Network™ offers diagnostic and experience monitoring capabilities across endpoints and network, allowing organizations to proactively monitor, investigate, and remediate end user performance issues quickly and at scale, even on networks that are not company-owned or managed.

Absolute Secure Access packages are offered in two flavors, Absolute Core™ and Absolute Edge™ (formerly called Complete) with the included products as outlined below. Regional variations might be available.

  • Absolute Core
    • Absolute VPN
  • Absolute Edge
    • Absolute VPN
    • Absolute ZTNA
    • Absolute Insights for Network

Customers can easily upgrade their subscription between Absolute Core and Absolute Edge. Capabilities are additive and enabled via a software license key.

Absolute Secure Access supports Apple® iPad and iPhone devices (iOS 11 and later), Apple MacOS (10.13 and later), Android devices (running on Android 5.0 or later), Android for Work, Samsung KNOX, Windows Pro Tablets, laptops, and other devices running Windows 8, 10, and 11.

  • Keep hardware inventory always accurate
  • Streamline hardware audits
  • Optimize lease management
  • Avoid multi-platform segmentation
  • Keep software inventory always accurate
  • Streamline software audits
  • Help ensure end user productivity
  • Detect and eradicate shadow IT
  • Identify and eliminate hardware waste
  • Identify and eliminate software waste
  • Validate expected user behavior
  • Analyze usage patterns and provide return on investment
  • Enable remote device provisioning
  • Provide visibility for streamlined patch management workflow
  • Enforce device returns and secure re-allocations
  • Anticipate device issues
  • Enrich helpdesk tools
  • Solve problems efficiently and at scale
  • Improve time-to-resolution
  • Actively improve the employee experience
  • Deliver reliable connectivity, using tunnel and session resilience
  • Conduct diagnostics on device and network
  • Run network performance analytics outside your firewall
  • Enable seamless remote access
  • Optimize audio and video for end users
  • Assure reliable network application access for end users
  • Deliver resilient connections and apps, even in the most turbulent network conditions
  • Identify network connectivity status and issues
  • Gain access to application metrics and geolocation
  • Assess configuration statuses and impact on overall network connectivity health
  • Analyze usage patterns and provide return on investment
  • Track data usage
  • Reduce data backhaul
  • Shift from VPN to ZTNA without costly infrastructure overhaul
  • Analyze network performance to drive more information decisions
  • Conduct root cause analysis of connection problems
  • Minimize downtime by quickly identifying problems
  • Automatically trigger bandwidth and connection diagnostics
  • Visualize ZTNA policy enforcement effectiveness

Absolute Ransomware Response FAQ

Absolute Ransomware Response enables customers to assess their ransomware preparedness for endpoints, monitors their endpoint cyber hygiene across the device fleet, and allows for an expedited endpoint recovery leveraging Absolute’s always-on connectivity, automated restoration capabilities for key security and management tools (e.g., Microsoft® Endpoint Manager, Ivanti®, Tanium™, SentinelOne®, CrowdStrike™), and library of Absolute Reach scripts.

Absolute Ransomware Response addresses the following negative consequences when it comes to falling victim to a ransomware attack and facing delays in recovery efforts for endpoints:

  • Prolonged shutdown of company’s business operations, specifically user recovery and endpoint restoration.
  • Lower employee productivity due to lengthy recovery efforts for remote devices.
  • Increased support costs from higher volume of help desk tickets by panicked end users when encountering ransom notices on their devices.
  • Financial loss associated with complex remediation efforts.
  • Risk of burn out and high attrition due to the demands being put on hard-pressed IT admin and security teams when it comes to recovery efforts for endpoints.
  • Reputational damages due to extended outages.

The Absolute Ransomware Response product delivers the following capabilities:

  • Check Strategic Ransomware Readiness Across Endpoints
  • Enable Ransomware Cyber Hygiene Across Endpoints
  • Report on Hardware and Software Inventory
  • Assess Device Security Posture 
  • Discover Sensitive Endpoint Data
  • Secure, On-Device End User Communications
  • Freeze At-Risk Devices 
  • Expedite Recovery Tasks 
  • Self-Healing for Endpoint Security Tools
  • Self-Healing for Device Management Tools
  • Assist in Ransomware Recovery for Endpoints

At the beginning of the engagement, a professional services technical consultant will review the existing standard security controls across endpoints, identifying key controls (e.g., anti-virus/anti-malware, endpoint protection, or endpoint detection and response solutions) and device management tools that are required to minimize ransomware exposure and assure expedited recovery efforts.

At the beginning of the engagement, a professional services technical consultant will help establish application resilience policies to ensure that identified mission-critical security applications and device management tools are installed and functioning as intended. In addition, a professional services technical consultant will train customer personnel on how to continuously monitor application health and apply these baseline policies to new devices as they are enrolled.

A professional services technical consultant will remotely help in endpoint recovery efforts for up to two incidents per year, following a pre-defined playbook and leveraging the existing Absolute product capabilities.

Absolute Ransomware Response is available on Windows devices only since it is the most common OS-target for ransomware attacks.

Absolute Ransomware Response yields the following benefits:

  • Check customer’s strategic ransomware readiness
  • Establish a cyber hygiene baseline across endpoints
  • Expedite recovery tasks
  • Provide remote assistance in endpoint recovery efforts by sharing proven expertise, putting less demands on hard-pressed IT admin and security teams.

The Absolute Ransomware Response Add-On for Control customers delivers Ransomware Readiness Check, Ransomware Cyber Hygiene Enablement, Ransomware Recovery Assistance, Reach, Endpoint Data Discovery, as well as Self-Healing for one management application (e.g., Microsoft SCCM, Microsoft Intune) and one anti-malware application.

The Absolute Ransomware Response Add-On for Resilience customers delivers Ransomware Readiness Check, Ransomware Cyber Hygiene Enablement, and Ransomware Recovery Assistance.

Insights for Network FAQ

The Absolute platform is a cloud-based Endpoint Visibility and Control solution that allows you to see all your devices and apps, secure your data, and prove compliance.

Computrace is a former product and brand of Absolute’s, superseded in 2015. The Absolute platform includes newer and enhanced versions of the device tracking capabilities of Computrace, plus numerous new capabilities to help with security and compliance. This includes the ability to remotely execute scripts on devices, scan for sensitive data, and self-heal critical third-party applications. The Absolute platform provides all the popular features of Computrace and much more.

LoJack for Laptops is a former product and brand. Device tracking and recovery features are available for individuals via Absolute Home & Office, and for businesses/schools via the Absolute products listed above. LoJack® is a registered trademark of CalAMP.

Application Persistence is a feature of Absolute Resilience that provides embedded, self-healing capabilities to third-party endpoint controls, such as VPN, anti-virus, encryption, systems management, and other critical applications.

Virtually any app can be automatically reinstalled, regularly checked for version control & integrity, and IT teams alerted the moment anything abnormal occurs.

Application Persistence works with devices on or off your corporate network, and, as Persistence technology is embedded at the factory, it can’t be compromised.

Absolute can be purchased through leading device manufacturers, resellers, and distributors. Contact us and we would be happy to help you with this process.

Yes. Absolute only requires that the device has an internet connection to communicate with the monitoring center. This allows for communication even when devices are not connected to your corporate network.

Yes. Absolute is used by many customers to track and manage all of their devices, data, and apps. This extends beyond traditional IT asset management with analytics to provide Asset Intelligence.

Yes. Whether its GDPR, HIPAA, or other internal or regulatory requirements, Absolute provides current and historical information on the status of the device, including configuration, health of security controls, and presence of sensitive data. Absolute also provides remote remediation capabilities to protect data and secure devices, all helping to maintain and prove compliance. Learn more about how Absolute can help your organization prove compliance.

Many organizations use Absolute to replace existing IT asset management tools and processes, and to supplement many popular security and device management solutions, such as Microsoft SCCM, Microsoft Intune, VMWare Workspace One, MobileIron, and more.

Absolute can be used to report on the health of — and fill gaps in — these applications. Popular complementary features include: self-healing critical security controls, identifying sensitive data, and providing visibility into devices not managed by other solutions.

Absolute Platform FAQ

The Absolute® Platform leverages a cloud-based, highly-available and secure multi-tenant architecture that is available across different regions. It’s comprised of a variety of foundational components that power Absolute product features that are being leveraged by the company’s enterprise customers and ecosystems partners (e.g., independent software vendors, original equipment manufacturers, or managed service providers) alike.

The Absolute Platform consists of three core components:

  • Absolute Persistence Technology

Absolute Persistence® technology, a unique, patented technology is already embedded in over 600 million devices as a result of Absolute’s partnership with nearly 30 system manufacturers from around the world. Once activated, this technology is fiercely resilient and is the only solution to survive attempts to disable it, even if the device is re-imaged, the hard drive is replaced, or the firmware is updated.

No other technology can do this. Ultimately, it provides a secure, unbreakable, and always-on connection between the Absolute Platform and the endpoint, allowing you to gain unprecedented real-time visibility, control, and remediation capabilities.

  • Absolute Resilience Technology

The Absolute Platform utilizes two types of patented Absolute Resilience™ technology to ensure that mission-critical applications remain healthy and operational and to provide end users with the most productive, as well as optimized remote access experience possible:

  • Application Resilience™: Monitors mission-critical applications’ health and behavior; detects if missing, corrupted, or not running; and automatically repairs or re-installs components when necessary – without requiring human intervention. Application Resilience ensures security controls are working as expected and provides optimal user experience by fixing unhealthy applications. Currently more than 60 mission-critical applications are enabled for Application Resilience and more are being added frequently.
  • Network Resilience™: Monitors and automatically, as well as transparently restores and optimizes unhealthy network connections so networked applications continue to operate without end user-impacting interruptions that would otherwise require manual application restarts, network re-connects, and/or re-authentications. Network Resilience allows for superior connectivity and reliability, allowing end users to focus on their tasks and not network behavior.
  • Absolute Intelligence

Absolute ensures a digital tether to each device remains intact, providing you with reliable insights and intelligence from all of your endpoints to the network edge — on or off your corporate network.

Hundreds of data points are gathered and served up as insights, providing guidance on utilization, health, security and compliance posture, as well as a unified view into the entire end user experience. Applying AI-based risk assessment and user entity behavior analytics lets you go beyond the monitoring of resources and applications, allowing for automated remediation and uncompromised user productivity.

Other foundational components of the Absolute Platform that enable the Absolute Secure Endpoint™ and Secure Access™ products are as follows:

  • Web console
  • Mobile app
  • Rules and policy engine
  • Alerts
  • Dashboards
  • APIs
  • Application Persistence-as-a-Service SDK
  • Third-party integrations (e.g., SIEM, ITSM)

Customers can leverage the Absolute Platform components through Absolute’s packaged products, APIs, and SDKs. The result will be rapid innovation. The Absolute Platform is always included in the product package of choice.

  • Detect failing security applications
  • Detect configuration deviations
  • Detect vulnerable OS or applications
  • Report on compliance with regulations and industry standards
  • Make security applications self-healing
  • Enforce standard configurations
  • Remediate vulnerable OS or applications
  • Provide visibility for streamlined patch management workflow
  • Spot suspicious device use or movement
  • Identify missing devices
  • Sense device tampering
  • Identify sensitive data at risk
  • Remotely protect sensitive data files
  • Investigate stolen or suspicious devices
  • Remediate compromised devices
  • Communicate effectively with end users to minimize exposure
  • Avoid breach notifications after incidents
  • Find root cause to prevent future similar events
  • Aid recovery efforts (e.g., ransomware recovery)
  • Check strategic ransomware preparedness
  • Shield SaaS, on-premises, or private cloud resources from intruders and attacks
  • Treat resources equally, regardless of where they are hosted
  • Block lateral movement between applications
  • Conduct continuous real-time risk assessment
  • Limit user exposure to online threats and inappropriate content
  • Allow for complete control, inside and outside the firewall
  • Block automatically phishing and smishing attacks
  • Provide frictionless security via granular policy enforcement at the endpoint
  • Ensure remote device configuration
  • Enforce device returns and secure re-allocations
  • Streamline remote device decommissioning
  • Assure the health of the end user device
  • Take proactive measure to avoid device failures
  • Assure mission-critical applications are always working as intended
  • Know how many devices are being used
  • Know how many Web apps are being used
  • Monitor overall tech adoption
  • Assure most efficient license utilization
  • Enable seamless remote access
  • Optimize audio and video for end users
  • Assure reliable network application access for end users
  • Deliver resilient connections and apps, even in the most turbulent network conditions
  • Provide mobile-first remote access platform
  • Optimize audio and video for end users
  • Assure reliable network application access for end users
  • Deliver resilient connections and apps, even in the most turbulent network conditions
  • Assure field workers have reliable connectivity
  • Assure proper services fees are applied based on geolocation
  • Identify and resolve failures and outages quickly
  • Enforce network providers’ service level agreements

Absolute Insights for Endpoints FAQ

Absolute Insights for Endpoints offers IT administrators and security practitioners historical device and security trends across their endpoint environments in order to manage endpoints, maintain end user experience, and adhere with internal policies or compliance requirements for the work from anywhere environment. The product enables IT and security practitioners to build custom dashboards according to their organization’s business or compliance needs, perform data aggregations, and run queries to identify and respond to anomalies.

Absolute Insights for Endpoints is available for purchase as an add-on module. It requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. Contact Absolute Sales to learn more.

Absolute Insights for Endpoints is available in three distinct SKU offerings with 30-, 60- and 90-day data storage increments. The higher data storage options are recommended for those customers requiring greater device data point retention due to the variety of IT and security use cases they want to cover/investigate.

Once purchased, your Absolute Insights for Endpoints licenses can be configured and activated through the “Policies” section of the Absolute Console. As the product is an add-on module, its licenses must be tied to base licenses for an active subscription to either the Absolute Visibility, Control, or Resilience service tier. The Absolute Insights for Endpoints add-on licenses can either be assigned to a single policy group or distributed among multiple policy groups, as long as they are tied to base licenses that are distributed similarly as well.

Absolute Insights for Endpoints caters to a variety of IT and security use cases, enabling practitioners to manage devices, maintain end-user experience and comply with internal policies or regulatory frameworks. Examples include tracking software rollouts and usage, proactively identifying hardware issues such as battery health or memory usage, monitoring OS patch and version status, ensuring the health of core applications such as anti-malware and VPN, and identifying vulnerable devices based on geolocation and sensitive data storage, or other risk factors.

Absolute Insights requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. In addition, obtaining insights into various IT and security trends is dependent on the activation of the following policies through the Absolute Console. Note that the availability of these policies may differ based on service tier. • Hardware: captures a variety of asset inventory details across devices

  • Endpoint Data Discovery: identifies files stored on devices having sensitive data (e.g., financial details, personally identifiable information, intellectual property) Absolute Insights™ for Endpoints FAQ FAQ absolute.com 2 FAQ: ABSOLUTE INSIGHTS™ FOR ENDPOINTS 
  • Full-Disk Encryption Status: captures full-disk encryption health status across devices 
  • Device Usage: captures device usage metrics based on device interaction events 
  • Application Health: monitors the health of mission-critical applications such as anti-malware, encryption, and VPN 
  • Geolocation Tracking: captures geolocation details based on Wi-Fi triangulation, GPS location, and IP address. 
  • Installed Applications: captures information about installed applications, including versions, publisher, and app usage details 
  • Web Usage: identifies web content that is most visited by users to optimize web application licenses and identify risks associated with unsecure or unauthorized content 
  • Custom Data: captures custom datapoints defined by customers using the Absolute DataExplorer tool

It can take up to 30 minutes for data from your Absolute console account to be populated and made available to view through the Insights for Endpoints dashboards.

This varies across different Absolute features. For features that already have historical data captured through the Absolute console (e.g. Geolocation Tracking), Insights for Endpoints will populate relevant dashboards to showcase historical trends for the last 30, 60 or 90 days, depending on the add-on SKU purchased.

For features that have static data available through the Absolute console (e.g. Hardware or Full-Disk Encryption Status), data will be stored and populated through the dashboards from the day Insights for Endpoints is configured and activated through policies to showcase historical trends.

Customers can customize dashboards by choosing from a number of visualization types (e.g., table, pie, bar, line chart, etc.), modifying the applicable time period (e.g., month, week, day, or hour) and adding targeted filters (e.g., devices, apps, users, etc.) to gather insights based on specific needs.

Examples of scenarios where leveraging filters to acquire specific device or security related information might be helpful, includes the following:

  • Identify devices in Victoria, B.C. that were unencrypted between Jan 15 to Feb 15, 2022 
  • View versions of a specific app installed across device population (e.g., Firefox)
  • Remove pre-built Windows apps (Photos) from appearing on “Applications Installed” visualization 
  • View IT and security insights for devices in Los Angeles only

Customers can indeed aggregate multiple datasets through targeted commands such as sum, count, mean, median, top values, etc. to identify anomalies and potential device or security risks to ensure they don’t develop into more serious events.

Absolute Insights for Endpoints offers a growing library of pre-built dashboards to help customers get started with the product and make use of a variety of asset- and security-related historical visualizations. Examples of the pre-built dashboards available include the following.

  • Executive Summary

IT Dashboards

  • App Health Status
  • App Total Runtime, CPU, and Memory Usage
  • App Usage
  • Device Inventory
  • Device Status Change
  • Device Usage
  • Software Application Inventory and Versions
  • Web Usage

Risk and Compliance

  • Anti-Malware and Encryption Status
  • Alerts
  • Security Posture Summary

Privacy and Data Risk Dashboards

  • Endpoint Data Discovery
  • Sensitive Files

Dashboards can indeed be shared with others in the organization by generating and sharing permanent links, .PDF reports, or .PNG reports. Absolute Insights for Endpoints offers this capability through the “Share” capability located in the top right-hand corner of the Absolute Console.

New dashboards can be built based on previously built ones using the “Clone” function available in the top right corner of the Absolute Insights for Endpoints Console. Once a dashboard is cloned, it can be tweaked as needed to align with its specific requirements.

Raw datasets that form dashboards can be downloaded as .CSV files to be viewed through other data aggregation and analytics tools.

Absolute Persistence FAQ

Absolute Persistence® is unique, patented technology embedded in the firmware of 600+ million devices that provides a secure, unbreakable, and always-on connection between the Absolute Platform and the endpoint. The Persistence technology is installed in the firmware of most endpoint devices at the factory. Each device leaves the factory with the Persistence technology in place, waiting to be activated. Activation occurs when a customer purchases an Absolute product that supports Persistence and installs the necessary software agent.

Persistence technology is factory-embedded into the core of most endpoint devices. Once activated, it gives you unrivalled visibility and control to confidently manage your endpoints, protect at-risk data, as well as investigate and remediate potential threats. Persistence is the only firmware-embedded solution that will survive attempts to disable it, even if the device is reimaged, the hard drive is replaced, or the firmware is updated.

Through our partnership with system manufacturers, the Persistence technology is embedded in the firmware of endpoint devices at the factory. Persistence leverages Absolute’s secure channel from the cloud-based console down to the firmware. In doing so, it maintains an always-on digital tether between device and Absolute Console, ensuring two-way communication so you can reliably query information and run actions remotely.

Persistence technology remains dormant in the firmware until the Absolute Agent is installed. Once the Absolute Agent is installed, it initiates a call to the Absolute Platform and Persistence is then activated. This means that the status of the software agent is monitored and if it is missing, a reinstallation will automatically occur.

All Absolute products support Persistence technology. The software agent is installed on computers in the operating system by running an installer or when the device is imaged. The software agent sends information from each device to the Absolute Platform for IT administrators and security professionals to assess risks and to take appropriate action.

The Absolute Agent makes regularly scheduled calls over the Internet to the Absolute Platform, where customers access their account via the cloud-based Absolute Console. Telemetry collected includes device, data, application, and user information. Customers can define conditions and receive alerts if the conditions occur, allowing them to respond immediately to any potential security incident. The software agent also supports remote actions such as the running of scripts through Absolute Reach™ and self-healing of critical security applications through Application Resilience™.

No. If the Persistence technology has been enabled, the self-healing capability will repair the Absolute Agent, or any other applications supported by Application Resilience™. The computer will still be protected. The enable/disable state of the Persistence technology is stored in a part of the BIOS that cannot be flashed to remove it.

The communication between the software agent and the Absolute Platform is encrypted. Optionally, you can also enable FIPS-140 certified communication. The Federal Information Processing Standard (FIPS) Publication 140-2 is a US government security standard that specifies the security requirements for cryptographic modules protecting sensitive information. The National Institutes of Standards and Technology (NIST) publishes the list of vendors with validated FIPS 140-1 and 140-2 cryptographic modules. The Absolute Encryption Engine is validated FIPS 140-2.

Absolute APaaS FAQ

Absolute provides two main components that get integrated with the installation utility for your product. Additionally, we also provide a standalone installer that is self-contained and will enable Absolute’s Persistence technology without any additional integration work required on your end. Depending on which way you choose to proceed, the overall development, integration and testing of APaaS usually runs anywhere from 2-4 weeks. Once you’ve become a partner, we will provide an Absolute APaaS Partner Success guide that outlines the steps involved regarding integration and launch.

Absolute APaaS vendors get quarterly standardized reports on the performance of their products in the field and additional analytics.

Every time there is a new version of your product it must be sent to Absolute in order to keep it current. Detailed steps are outlined in the Absolute APaaS Partner Success guide.

We are currently working with the following organizations and certifications are currently in progress: 

https://www.av-test.org/en/   

https://www.mrg-effitas.com/

Absolute APaaS data collection is anonymized and does not collect Personal Identifiable Information (US standard). Furthermore, encryption of the data is enabled. As part of providing Self-Healing for partner applications, Absolute collects and analyzes data in for the following categories:  

  • BIOS Persistence Management – These fields are used as part of activation and deactivation actions  
  • Device Identification – Fingerprinting elements to individually identify a managed device, including minor physical changes to the device  
  • Analytics – Device configuration and structural elements of a device to identify patterns for an ISV application across a large population of devices  
  • Communication – Header and Call Information  
  • Health Monitoring – Specific datapoints monitoring the health of the ISV Agent  

FAQs

The Absolute Computrace Agent is a piece of software that is packaged with Absolute’s Persistence technology embedded in over 1 Billion devices. The agent provides for visibility and control of the device by creating a digital tether between the device, and the Absolute Monitoring Center.

Log into the Absolute console and go to Assets > Devices. In the report, go to the settings area and edit columns in the report to show the Agent column. This column will report on the version of the agent that is deployed to devices under Absolute management.

Absolute manages the agent upgrade process as part of our service. If your device is regularly calling into the Absolute Monitoring Center then the upgrade to our latest agent will happen automatically. If you are still seeing an outdate agent on a device under management, contact the Absolute support team for assistance.

Absolute Missing Device Reclamation Service FAQ

Collecting missing devices at the end of a school year is a stressful and time-consuming undertaking that often overwhelms school districts’ IT staff. The Absolute Missing Device Reclamation service includes a team of Absolute reclamation experts to track, locate, and secure devices, including contacting users to get devices back. Through regular communication channels with parents and students— combined with the ability to remotely manage, lock, and track a device with Absolute — our experts manage the entire process to minimize device loss and save time for IT teams.

Absolute Missing Device Reclamation service is either part of the Absolute Resilience for Student Devices offer or available for purchase as an add-on. For the latter, it requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. It’s available in North America only.

The Absolute Missing Device Reclamation service runs once per year for all devices licensed to Absolute Resilience for Student Devices or with Absolute Missing Device Reclamation Add-On, in North America only. Any additional instances require an Absolute Professional Services engagement. License pricing is based on one execution per customer per year. 

Absolute will provide the following tasks once per year to support Customer missing device reclamation for devices identified by the Customer as missing: 

  1. If supported by and licensed to device, Absolute will send End User Messages directly to Missing Customer Devices, providing instructions for returning missing devices with appropriate contact information using the Absolute End User Messaging capabilities.
  2. As necessary, Absolute will additionally contact end users of missing devices directly via letter, phone, and email based on Named Contact Info provided by Customer for Missing Customer Devices. Users will be given return instructions and contact information.
  3. Device will be rendered inoperable by user (Device Freeze) at Customer’s approval with return and contact information provided in Device Freeze messaging.
  4. Upon notice of a Missing Customer Device’s return by Customer to Absolute, Absolute will update Missing Device Report.
  5. If a Missing Customer Device is identified as stolen by Customer, Absolute will coordinate with local law enforcement at customer’s request to perform Stolen Device Investigation.

To ensure the success of this professional services project, the Customer will be required to provide time and resources in pursuit of project goals, as well as accurate, timely, and complete information. Customer must ensure the following project constraints or assumptions are met: 

  • Customer has completed onboarding of the Absolute Platform. Devices not properly onboarded cannot be reported as missing or investigated.
  • Customer will create login for Absolute asset administrator to access the account.
  • Customer will provide device end user email, last known address, and phone numbers for contact if necessary, during the reclamation process.
  • Absolute’s project team will work with one primary IT administrator Customer team.

Customer must undertake the following activities and tasks: 

  • Project management of Customer activities, and co-ordination with Absolute.
  • If Customer request sharing of device information with local authorities, Customer will provide authorization to Absolute for sharing of such information.
  • Customer will approve of Absolute asset administrators proposed end user messaging within three business days.
  • Customer provides shipping costs for all device shipments to return devices.
  • Customer will provide device information including serial numbers to locate missing or stolen devices.

The Absolute Missing Device Reclamation Add-On SKU is available on Windows, Chrome OS, and Mac devices.

Yes, the Absolute Missing Device Reclamation Add-On service SKU can be added to other licenses (Visibility, Control, or Resilience) on non-student devices.

Insights for Endpoints FAQ

Absolute Insights for Endpoints offers IT administrators and security practitioners historical device and security trends across their endpoint environments in order to manage endpoints, maintain end user experience, and adhere with internal policies or compliance requirements for the work from anywhere environment. The product enables IT and security practitioners to build custom dashboards according to their organization’s business or compliance needs, perform data aggregations, and run queries to identify and respond to anomalies.

Absolute Insights for Endpoints is available for purchase as an add-on module. It requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier.

Absolute Insights for Endpoints is available in three distinct SKU offerings with 30-, 60-, and 90-day data storage increments. The higher data storage options are recommended for those customers requiring greater device data point retention due to the variety of IT and security use cases they want to cover/investigate.

Absolute Insights for Endpoints caters to a variety of IT and security use cases, enabling practitioners to manage devices, maintain end user experience and comply with internal policies or regulatory frameworks. Examples include tracking software rollouts and usage, proactively identifying hardware issues such as battery health or memory usage, monitoring OS patch and version status, ensuring the health of core applications such as anti-malware and VPN, and identifying vulnerable devices based on geolocation and sensitive data storage, or other risk factors.

Absolute Insights requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. In addition, obtaining insights into various IT and security trends is dependent on the activation of the following policies through the Absolute Console. Note that the availability of these policies may differ based on service tier.

  • Hardware: captures a variety of asset inventory details across devices
  • Endpoint Data Discovery: identifies files stored on devices having sensitive data (e.g., financial details, personally identifiable information, intellectual property)
  • Full-Disk Encryption Status: captures full-disk encryption health status across devices
  • Device Usage: captures device usage metrics based on device interaction events
  • Application Health: monitors the health of mission-critical applications such as anti-malware, encryption, and VPN
  • Geolocation Tracking: captures geolocation details based on Wi-Fi triangulation, GPS location, and IP address.
  • Installed Applications: captures information about installed applications, including versions, publisher, and app usage details
  • Web Usage: identifies Web content that is most visited by users to optimize Web application licenses and identify risks associated with unsecure or unauthorized content
  • Custom Data: captures custom datapoints defined by customers using the Absolute DataExplorer tool

Customers can customize dashboards by choosing from a number of visualization types (e.g., table, pie, bar, line chart, etc.), modifying the applicable time period (e.g., month, week, day, or hour), and adding targeted filters (e.g., devices, apps, users, etc.) to gather insights based on specific needs.

Examples of scenarios where leveraging filters to acquire specific device or security related information might be helpful, includes the following:

  • Identify devices in Victoria, B.C. that were unencrypted between Jan 15 to Feb 15, 2022
  • View versions of a specific app installed across device population (e.g., Firefox)
  • Remove pre-built Windows apps (Photos) from appearing on “Applications Installed” visualization
  • View IT and security insights for devices in Los Angeles only

Customers can indeed aggregate multiple datasets through targeted commands such as sum, count, mean, median, top values, etc. to identify anomalies and potential device or security risks to ensure they don’t develop into more serious events.

Absolute Application Resilience FAQ

Absolute Application Resilience™ delivers the ability to monitor application health and automatically repair and/or re-install unhealthy third-party applications listed in the Application Resilience catalog to restore them to healthy operations.

Absolute Application Resilience leverages Absolute Persistence® technology already in embedded in over 600 million devices, to remotely remediate an application, making it resilient whether it is uninstalled, disabled, or corrupted. As a result, mission-critical applications running on the endpoint self-heal to maintain the endpoint’s security posture.

Application Resilience is currently available to the security industry ecosystem, including enterprises, security vendors (via Absolute Application Persistence-as-a-Service™ offering), and system manufacturers worldwide. Organizations of all sizes have already taken advantage of this technology to self-heal critical applications such as VPN, endpoint protection, device management, data protection, as well as other security and business applications.

The Absolute Agent must be installed on each endpoint to activate Application Resilience. Based on the specific software application to be made resilient and the policy determined by the administrator, the Absolute solution deploys policy files to the device to support the automatic, zero-touch remediation. Once setup is completed, Application Resilience will repair or reinstall the software agent and other critical application components whenever they are removed or tampered with on a device.

Here is how it works:

  1. The device calls into the Absolute Platform every 15 minutes.
  2. A custom agent script is retrieved and executed on the device.
  3. Whenever an Absolute Application Resilience policy is activated or updated through the Absolute Console, an XML policy file, configured specifically, is downloaded to the device.
  4. This policy file validates specified pre-deployment conditions (e.g., device type, operating system, device group):
    1. If conditions are met, the correct application is already present on the device.
    2. If conditions are not met, the application components are downloaded and installed as per policy file.

The remediation actions that the Application Resilience engine takes in cases of an unhealthy application can be summarized by the three following options. The administrator can choose any one of the three options when configuring the Application Resilience policies within the Absolute Console:

  • Report Only: Every 15 minutes, the Application Resilience engine runs health checks on the endpoint to determine whether the application is installed and running correctly. This includes, but is not limited to, checking if the application is listed in the Windows registry, if the application folder has all critical files and operational subdirectories intact, as well as if the application’s services are running smoothly. The Application Resilience engine sends the application’s health status back to the Absolute Platform. Payloads are sent whenever application health changes occur between scans or at a minimum once every 6 hours whenever no changes take place.
  • Report and Repair: If the Application Resilience engine detects an unhealthy application status during the Report phase, it will attempt to remediate the application through steps taken within the confines of the endpoint device. This includes, but is not limited to, restarting the application’s services, primary agent, and remediating corrupted registry files.
  • Report, Repair, and Reinstall: If the Repair phase fails to remediate the application’s health, the Application Resilience engine will attempt to download the application’s installer from a pre-set URI on a customer-hosted Web server, or from Absolute’s cloud servers, if a customer chooses for Absolute to host the installer on their behalf as part of the Application Resilience configuration. It will then perform a hash check to authenticate the binary contents of the downloaded installer and run a fresh installation on the endpoint device.

Currently, Application Resilience is supported on devices running Windows 7 and higher. The Absolute team continues to investigate methods to extend this capability to other desktop, laptop, and mobile platforms.

Application Resilience is available for all supported applications through an Absolute subscription. Application health reporting is available through Absolute Visibility or Control, while application remediation is available with Absolute Resilience.

Absolute is continuously adding to its catalog of supported applications. If you have a particular application that you would like to make resilient, contact Absolute Sales to make a request.

Financial Services