Over the last several years, the security industry has devoted much attention to the vulnerability of organizations fostering a BYOD program for employees. The task of protecting data and sensitive company information as it travels with the employee back and forth to work creates risks many security directors are just not ready to address.
But as almost every school district across the United States is requiring laptop computers, tablets, and other mobile devices to become an integral part of the learning process for both students and teachers, the threat of personal and school computers walking out the door in the hands of thieves is steadily increasing. Gone are the days of the walled approach to data security and IT administrators controlling each access point. Data now resides in the cloud, on mobile networks and in almost every device touched by the Internet, thereby magnifying the risk.
One company out of Vancouver, Canada has been providing a unique solution to not only schools, but healthcare facilities, public safety and government agencies, and of course, large corporate organizations that need to protect data that resides on the devices of students, teachers and employees. Keeping this endpoint vulnerability secure is what Absolute Software Corporation’s Persistence technology does by creating computer theft recovery, data protection, and Secure Asset Tracking solutions.
Absolute Data & Device Security (DDS), formerly Absolute Computrace software is embedded in the core of computers by global leaders, including Dell, HP, Lenovo, MPC, Toshiba and Fujitsu, and the company has reselling partnerships with these OEMs and others, including Apple and Sony. Once activated, it provides organizations with comprehensive visibility into all of their devices enabling them to confidently secure mobility, investigate potential threats, and take action if a security incident occurs. Most importantly, they can apply remote security measures to protect each device and the data it contains.
This week the company announced the release of Endpoint Data Discovery (EDD), a new feature within Absolute Data & Device Security (DDS) that allows organizations to identify and protect sensitive data stored on an endpoint. EDD provides a unique counter to the insider threat by identifying devices and users accessing sensitive information in contravention of data access policies.
Leveraging its Persistence technology, a reliable two-way connection is maintained with each device. If suspicious activity is detected, a customer can determine if any sensitive data is at risk and take appropriate measures to protect it. The presence of sensitive data on an endpoint is an important factor in determining how to respond to a security incident. Additional insight is provided through detailed user and device telemetry collected by Absolute DDS. This contextual approach to data security allows the organization to respond based on the actions of the user, the behavior of the device, and the data that is at risk.
With EDD, IT oversight is extended with a persistent endpoint connection to include devices located beyond the corporate network, a key differentiator from traditional data scanning technologies which typically lack this depth of visibility.
EDD also provides detailed reporting for regulatory compliance to prove no sensitive data was stored on a compromised device at the time of a security incident – definitive proof that no data was breached.
In the case of a stolen device on a school or university campus – or even a healthcare facility – the Absolute investigations team will work with local law enforcement in recovering the device. According to the company, its investigation team has helped recover more than 38,000 mobile devices from 112 countries and leveraging its strategic relationships with more than 7,600 police agencies worldwide.
“Absolute Data & Device Security (DDS) works in combination with the Absolute Safe Schools program, providing three important pillars to our education customers: Protection, Deterrence, and Recovery. The Recovery component relies on Persistence technology which is embedded in the firmware of most computers, tablets, and smartphones at the factory. Once activated, the DDS software agent is continually reinstalled, providing IT with a reliable, two-way connection to each device regardless of user or location,” said Ward Clapham, Vice President of Investigations for Absolute. “In some instances, when recovery is not possible, schools can use the Absolute Service Guarantee to pay for a new device. This is an important component given the budgetary constraints faced by many schools in America.”
Clapham added that the Safe Schools program focuses on the Protection and Deterrence components, providing education and awareness to students and the community. The Absolute Investigations team works closely with each school to "street proof" students and school employees so they won’t become victims of device theft/robbery. Safe Schools is promoted throughout the campus and includes a service to return lost devices (where police involvement is not required).
The theft of mobile devices has emerged as a priority for local law enforcement and school administrators. Clapham said that with the continued increase of one-to-one and other education funding programs, the potential of a student becoming a victim of a crime has increased exponentially.
“In working with our education customers, it’s clear that accountability extends beyond the management of hardware and devices. Parents and the community at large want assurances that students understand the responsibilities and risks associated with carrying a mobile learning device,” said Clapham, who pointed out that they have been working with law enforcement for over 20 years. “Absolute works closely with our education customers, law enforcement, and the community so everyone can be involved in the creation and implementation of these safeguards. The model works because a dedicated Absolute Investigator and/or Liaison are assigned to each customer. This allows us to respond rapidly to a theft and begin the forensic collection of vital and critical information from the device. The investigator gathers this information and creates an investigative summary for the police to use in their efforts to recover the stolen device.”
Clapham related one incident that illustrated his point of collaborative efforts with the company and police. A student left a school laptop in their car much to the delight of a “lucky” thief who promptly broke into the vehicle and took the device. The high school reported the theft and Absolute investigators began monitoring the laptop online. The computer moved from state to state, starting in Alabama where it was sold to an unsuspecting eBay buyer in Arizona who in turn sold it to an eBay buyer in Idaho. After much back and forth – and one refund – the computer ended up in the hands of a 12-year-old girl. It was evident the young girl was in need of help given references she made to suicide, bullying, and self-harm. Local police contacted the family and the child was found to be unharmed. The device was recovered and the investigation into the original theft is ongoing.
“With each district comprised of multiple schools, the persistence capabilities of Absolute technology allow IT to reach out and validate the status of any device in their deployment. This means they can efficiently inventory and determine use without the need to physically touch each endpoint. This is an important capability given the limited IT resources most school districts can afford,” concluded Clapham.
About the Author:
Steve Lasky is the Editorial Director of the Southcomm Security Group, which includes SD&I, SecurityInfoWatch.com and Security Technology Executive magazine. He is also the Director of the Secured Cities Conference (www.securedcities.com).
