As companies accelerate remote work policies for the health and safety of employees and their families, IT organizations are facing challenges like never before. Organizations are trying to keep work PCs safe and secure, while ensuring hackers don’t exploit unsuspecting or distracted users. In response, Absolute announced today, they will provide all customers with free access to its comprehensive library of custom workflows, enabling a more seamless, effective way to secure and manage devices.
Critical Security Vulnerability
The most recent example is the remote code execution vulnerability or ‘wormable’ CVE-2020-0796 that carries the potential to propagate itself from vulnerable computer to vulnerable computer. While Microsoft moved swiftly to warn Windows 10 users and deliver a security update, the difficulties of patching remote devices that may not be connected to the corporate network, as well the probability of failed updates, present a significant risk of exposure to cyberattacks.
Recent data validates the risk exposure presented by unpatched devices and gaps in security policies or applications. Early findings, from Absolute’s coming 2020 State of Endpoint Resilience Report, show that more than half of Windows 10 enterprise devices with versions 1903 and 1909—those that are susceptible to CVE-2020-0796—are more than four weeks behind installing patches. This is hugely concerning in light of another recent study that found 60 percent of all breaches are linked to a vulnerability where a patch was available, but not applied.
New Reporting and Reach Scripts
To help customers keep up in today’s challenging times, Absolute has created new report and reach scripts that enable IT to mitigate this vulnerability by identifying all potentially affected devices, while disabling access to targeted servers until the patch is installed. In addition to the workaround for CVE-2020-0796, Absolute customers have access to more than 130 custom workflows that allow them to easily run queries or reports, and then take widespread remedial action—such as enforcing patch installations, turning on or repairing VPN applications for a secure connection for remote devices, and more—all with just a few clicks. Because of Absolute’s unique firmware-embedded position, these actions can be enforced and executed on any device connected to the Internet, even if it’s off the corporate network.
To support IT teams, ensure business continuity, and enable remote employees to reliably and securely connect to corporate systems during the recent global COVID-19 outbreak, Absolute is providing access to their comprehensive library of custom workflows and Reach Scripts, for Visibility and Control tier customers, at no cost through August 31, 2020!
Cyber Security Silver Linings
The silver lining, in our current chaotic and uncertain environment, is how people across the globe are stepping up to support each other. We’ve seen time and again how organizations are lending help wherever possible, and that’s certainly the goal at Absolute. IT desks everywhere are faced with mounting challenges, managing and securing more and more devices from relentless cyber attackers.
This crisis may pose a lot of questions for IT and Security teams. Absolute is monitoring millions of activated devices and continuing to explore every possible way to help to customers and partners during this trying time. Call your Account Manager today to help your employees stay productive and maintain security for everyone.
For now, stay well and be safe.