Computrace grc
Download as PPT, PDF0 likes546 views
Absolute Software, established in 1993, is a leader in firmware-based security solutions, enabling organizations to manage and secure endpoints via the Computrace platform. This system supports governance, risk management, and compliance (GRC) activities, offering features like remote data deletion, device tracking, and alerts for suspicious activities. It also includes computer forensics capabilities and partnerships with major device manufacturers to enhance security and compliance processes.
Computrace grc
- 1. Taking Control of Our Environment Enhancing Data Security Sebastien Roques UK Sales and Strategic Alliance Manager.
- 2. Absolute Software • Vancouver, B.C. headquartered • Founded in 1993; publicly traded since 2000 • Global leader in firmware-based security solutions • Strategic partnerships with leading device OEMs Specializing in management and security solutions for computers and mobile devices
- 3. 3 •Computrace “BIOS Persistence” agent built in. •Checks on software •If HDD is low-level formatted, OS is re-installed, even HDD removed and replaced, BIOS agent re-installs! Computrace Persistence For a full list of firmware compatibility, please visit: http://www.absolute.com/en-GB/partners/bios-compatibility
- 4. 4
- 5. Absolute Computrace for Endpoint Security Computers and ultra-portable devices can be remotely managed and secured to ensure – and most importantly prove – that endpoint IT compliance processes are properly implemented and enforced. Absolute Computrace allows organizations to centrally track and secure all of their endpoints within a single cloud-based console. Computrace provides foundational support for all activities related to Governance, Risk Management, and Compliance (GRC) for the endpoint. The Computrace Agent is automatically installed so that IT Administrators can track, manage, and secure all devices regardless of user or location
- 6. Biggest Data Breaches since 2004 6
- 7. 7 Mobility is Accelerating Data Breaches “Coca-Cola laptop theft could have compromised info for 74,000.” – Jan 27 Jan 2014 “Laptop stolen with health information of 620,000 Albertans.” – 22 Jan 2014 “Unencrypted Laptops Lead to Mega-Breach - Horizon Blue Cross Blue Shield Reveals Incident.”– 9 Dec 2013 “Laptop thefts compromise 729,000 hospital patient files at AHMC Healthcare.” – 21 Oct 2013 7
- 8. GRC for the Endpoint Computrace provides foundational support for all activities related to GRC for the endpoint including: • Proactive alerts on predefined conditions • Data security & protection • Deployment & licensing audits • BYOD policy enforcement • Theft & criminal investigations • Security incident response & remediation • Computer forensics • Compliance reports & certificates • End-of-life protocols • 12 months of device history 8
- 9. Endpoint GRC Risk Factors • The endpoint represents a significant point of risk relative to GRC – Non-Compliance • Software license agreements • Blacklisted programs • Government and vertically-specific regulatory bodies • End-of-life protocols – Data Security • Unauthorized user access • Industrial espionage • Intellectual property • Encryption failure • Personally identifiable information – Employee Misconduct • Dishonest or criminal activities by employees • Non-compliant behavior • Endpoint-specific GRC protocols can be implemented to mitigate the risk 9
- 10. Absolute Computrace – Feature Categories Asset Administration Collect incredibly accurate and comprehensive information from each device. Then create customized policies and alerts to be notified as soon as an unauthorized change is detected. Data & Device Security Remotely delete sensitive data on missing computers including an audit log of the deleted files to prove the data was removed from the device. Freeze a device with a custom message to the user. Access and retrieve files regardless of location. Geotechnology Track assets on an internet map including current and historical locations. Build geofences to contain a device and receive an alert if it strays. If a device is not where it should be, investigate and determine if further action is required.
- 11. Absolute Computrace – Feature Categories Computer Forensics The Absolute Investigations & Recovery team can forensically mine a stolen computer over the internet using key captures, registry and file scanning, geolocation, and other investigative techniques to determine who has the computer and what they’re doing with it, including whether any data was accessed post-theft. Theft Recovery At our customer’s request, the Absolute Investigations & Recovery team will work closely with local police to recover a stolen device. We successfully recover thousands of devices each year.
- 12. Geotechnology • Geolocation – GPS & Wi-Fi • Geofencing
- 13. GRC for the Endpoint with Computrace GRC provides an organization with the infrastructure to create rules, oversee the application of the rules, provisioning of tools to take action to stay within the rules, and finally the data to prove that they followed the rules and are indeed compliant. Governance = Infrastructure = Customer Center Management of the process to monitor, direct, and control Risk Management = Tools = Computrace Features Management of the process to monitor, direct, and control Compliance= Data = Computrace Data & Reports Conform to internal and external regulations, must be provable 13
- 14. GRC Infrastructure: Customer Center • Use Customer Center to identify activity or device status deemed suspicious • Receive alerts if any of these conditions occur for proactive response times • Computrace data flags potential non-compliance: 14 Governance = Infrastructure = Customer Center Management of the process to monitor, direct, and control
- 15. GRC Tools: Computrace Features Risk Management = Tools = Computrace Features Management of the process to monitor, direct, and control • Track software licenses • Receive alerts to be notified about suspicious behavior • Remotely recover or delete data from a device • Freeze a device to block access • Remove all data from a device at end-of-life • technology to brick or lock a device • Track the location of a device • Use geofences to monitor device movement • Investigate and recover stolen devices • Initiate an investigation to determine why a security incident occurred and prevent it from happening again • Investigate suspicious employee behavior • Identify security holes • Prevent incidents from happening again
- 16. GRC Data: Computrace Device Data • Use Computrace data to prove compliance with corporate and government regulations: – Software license compliance report for contract negotiations and audits – Encryption status report to show which devices were properly protected with encryption – End-of-Life data delete certificate – Data delete audit log – Proof if data was accessed post-incident Compliance= Data = Computrace Data & Reports Conform to internal and external regulations, must be provable 16
- 17. Distributors Resellers OEMs Alliances In-Country Partner Ecosystem 1.800.268.7638 www.soft Partner Ecosystem 17
Editor's Notes
- #7: With the exception of Germany, companies had to spend more on their investigations, notification and response when their sensitive and confidential information was lost or stolen. As revealed in the 2014 Cost of Data Breach Study: Global Analysis, sponsored by IBM, the average cost to a company was $3.5 million in US dollars and 15 percent more than what it cost last year.
- #8: Data Breaches are not just due to exploits aimed at an organisation’s network. More often than not, it is easier to get an organisation’s confidential information through one of its mobile devices: laptop, tablet, smartphone.
- #13: Update map