Absolute Insights for Endpoints FAQ

Absolute Insights for Endpoints offers IT administrators and security practitioners historical device and security trends across their endpoint environments in order to manage endpoints, maintain end user experience, and adhere with internal policies or compliance requirements for the work from anywhere environment. The product enables IT and security practitioners to build custom dashboards according to their organization’s business or compliance needs, perform data aggregations, and run queries to identify and respond to anomalies.

Absolute Insights for Endpoints is available for purchase as an add-on module. It requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. Contact Absolute Sales to learn more.

Absolute Insights for Endpoints is available in three distinct SKU offerings with 30-, 60- and 90-day data storage increments. The higher data storage options are recommended for those customers requiring greater device data point retention due to the variety of IT and security use cases they want to cover/investigate.

Once purchased, your Absolute Insights for Endpoints licenses can be configured and activated through the “Policies” section of the Absolute Console. As the product is an add-on module, its licenses must be tied to base licenses for an active subscription to either the Absolute Visibility, Control, or Resilience service tier. The Absolute Insights for Endpoints add-on licenses can either be assigned to a single policy group or distributed among multiple policy groups, as long as they are tied to base licenses that are distributed similarly as well.

Absolute Insights for Endpoints caters to a variety of IT and security use cases, enabling practitioners to manage devices, maintain end-user experience and comply with internal policies or regulatory frameworks. Examples include tracking software rollouts and usage, proactively identifying hardware issues such as battery health or memory usage, monitoring OS patch and version status, ensuring the health of core applications such as anti-malware and VPN, and identifying vulnerable devices based on geolocation and sensitive data storage, or other risk factors.

Absolute Insights requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. In addition, obtaining insights into various IT and security trends is dependent on the activation of the following policies through the Absolute Console. Note that the availability of these policies may differ based on service tier. • Hardware: captures a variety of asset inventory details across devices

  • Endpoint Data Discovery: identifies files stored on devices having sensitive data (e.g., financial details, personally identifiable information, intellectual property) Absolute Insights™ for Endpoints FAQ FAQ absolute.com 2 FAQ: ABSOLUTE INSIGHTS™ FOR ENDPOINTS 
  • Full-Disk Encryption Status: captures full-disk encryption health status across devices 
  • Device Usage: captures device usage metrics based on device interaction events 
  • Application Health: monitors the health of mission-critical applications such as anti-malware, encryption, and VPN 
  • Geolocation Tracking: captures geolocation details based on Wi-Fi triangulation, GPS location, and IP address. 
  • Installed Applications: captures information about installed applications, including versions, publisher, and app usage details 
  • Web Usage: identifies web content that is most visited by users to optimize web application licenses and identify risks associated with unsecure or unauthorized content 
  • Custom Data: captures custom datapoints defined by customers using the Absolute DataExplorer tool

It can take up to 30 minutes for data from your Absolute console account to be populated and made available to view through the Insights for Endpoints dashboards.

This varies across different Absolute features. For features that already have historical data captured through the Absolute console (e.g. Geolocation Tracking), Insights for Endpoints will populate relevant dashboards to showcase historical trends for the last 30, 60 or 90 days, depending on the add-on SKU purchased.

For features that have static data available through the Absolute console (e.g. Hardware or Full-Disk Encryption Status), data will be stored and populated through the dashboards from the day Insights for Endpoints is configured and activated through policies to showcase historical trends.

Customers can customize dashboards by choosing from a number of visualization types (e.g., table, pie, bar, line chart, etc.), modifying the applicable time period (e.g., month, week, day, or hour) and adding targeted filters (e.g., devices, apps, users, etc.) to gather insights based on specific needs.

Examples of scenarios where leveraging filters to acquire specific device or security related information might be helpful, includes the following:

  • Identify devices in Victoria, B.C. that were unencrypted between Jan 15 to Feb 15, 2022 
  • View versions of a specific app installed across device population (e.g., Firefox)
  • Remove pre-built Windows apps (Photos) from appearing on “Applications Installed” visualization 
  • View IT and security insights for devices in Los Angeles only

Customers can indeed aggregate multiple datasets through targeted commands such as sum, count, mean, median, top values, etc. to identify anomalies and potential device or security risks to ensure they don’t develop into more serious events.

Absolute Insights for Endpoints offers a growing library of pre-built dashboards to help customers get started with the product and make use of a variety of asset- and security-related historical visualizations. Examples of the pre-built dashboards available include the following.

  • Executive Summary

IT Dashboards

  • App Health Status
  • App Total Runtime, CPU, and Memory Usage
  • App Usage
  • Device Inventory
  • Device Status Change
  • Device Usage
  • Software Application Inventory and Versions
  • Web Usage

Risk and Compliance

  • Anti-Malware and Encryption Status
  • Alerts
  • Security Posture Summary

Privacy and Data Risk Dashboards

  • Endpoint Data Discovery
  • Sensitive Files

Dashboards can indeed be shared with others in the organization by generating and sharing permanent links, .PDF reports, or .PNG reports. Absolute Insights for Endpoints offers this capability through the “Share” capability located in the top right-hand corner of the Absolute Console.

New dashboards can be built based on previously built ones using the “Clone” function available in the top right corner of the Absolute Insights for Endpoints Console. Once a dashboard is cloned, it can be tweaked as needed to align with its specific requirements.

Raw datasets that form dashboards can be downloaded as .CSV files to be viewed through other data aggregation and analytics tools.

Financial Services