Enhancing IT efficiency and cyber resilience through automation

Remote and hybrid work policies have completely changed the way organizations of all sizes function. Whether it be in large enterprises or small and medium sized businesses, IT and security teams now typically manage endpoint environments that are geographically dispersed. Employees work from a variety of locations today whether it be the company headquarters, the employee’s home office or public locations such as a coffee shop or the airport. This ultimately leads to administrators having varying levels of visibility and control across the endpoint fleet. The result? Increased complexity in monitoring health status and compliance across devices and difficulty maintaining the organization’s security posture. Some common challenges IT and Security teams face:

• Devices breaching approved location boundaries, leaving them vulnerable to fall into the wrong hands.
• Device name changes as end-users look to bypass IT or security controls or policies.
• Device changes in security vitals such as the health of Anti-Malware and Encryption, leaving it vulnerable to being compromised.
• Devices being inadvertently reimaged by end users or malicious actors.
• Complexity in maintaining the organization’s security posture and complying with compliance requirements.

Identifying and responding to device risks can be time consuming and arduous, impacting the efficiency of capacity-strained IT teams. However, threat actors are constantly looking to take advantage of the smallest chink in the armor of corporate environments to initiate the next cyberattack or ransomware event. Hence, it is critical for organizations to maintain endpoint compliance to protect their end users, devices, applications and sensitive data.

In response to these challenges, Absolute Security launched a new and exciting enhancement through its Secure Endpoint product line called Automated Actions. This capability empowers organizations to leverage automation as part of their asset management and incident response practices. Specifically, administrators can now automate the execution of device actions in response to detected events, allowing them to react to routine device or security risks without requiring manual invention. A few use cases or scenarios where this can be beneficial include:

• Sending a message to an end user when their device connects from a remote network.
• Sending an email alert when a device has been reimaged (i.e., device name no longer matches naming convention or OS name / product key changes).
• Remotely freezing a device in response to a location change.
• Remotely freezing a device and moving it to a different policy group if its Encryption Status changes to Unencrypted.

While other Endpoint Management and Endpoint Protection vendors offer automation as part of their product capabilities, Automated Actions is the only solution to utilize “out-of-the-box” device actions uniquely available through Absolute Secure Endpoint. These include freezing devices, running Absolute Reach scripts (over 130 to choose from) and sending tailored messages directly to end users. In addition, Absolute captures a variety of device events such as location, hardware inventory and security vitals that can be used to build conditional policies. The number of actions and events supported through Automated Actions may continue to increase, thereby strengthening the capability and the breath of supported use cases. In addition, like all other Secure Endpoint features, Automated Actions leverages the Absolute Persistence® technology embedded in the firmware of Windows devices enabling an undeletable connection and visibility to the endpoint.

Automated Actions is available through the Absolute Control and Resilience product tiers. For more information about the Secure Endpoint product line and its associated features, check out the following datasheet.