-
A small account-specific software program that enables a Chromebook to secure a connection with the Absolute Monitoring Center through which device authentication and inventory data is sent.
-
The server responsible for maintaining two-way communication with a device's Persistence agent, to initiate self-healing if the Secure Endpoint Agent is removed or tampered with, and to send device data and receive instructions.
-
A feature that allows authorized users to upload a PowerShell or Bash script to the Secure Endpoint Console and run the script on a group of devices. Uploaded scripts are stored in the Script Library in the Administration area.
-
A script, authored by Absolute, that is available by default in the Script Library. You can run Absolute scripts on your devices to perform common device management tasks.
-
Absolute is an adaptive endpoint security solution that provides you with a persistent connection to all of your endpoints and the data they contain.
-
Activation of a device's Secure Endpoint Agent occurs when the newly installed agent completes its first successful check-in to the Absolute Monitoring Center.
-
A field and report column that shows the date and time that the device completed its first check-in to the Absolute Monitoring Center and the device's Secure Endpoint Agent was activated.
-
When this term is associated with a device, it indicates that the Secure Endpoint Agent on the device is actively connecting to the Absolute Monitoring Center. An Active device consumes a license unless its license expires, or no licenses are available when it is enrolled. Also see Agent status.
-
The license associated with additional services and capabilities that can be added on to a base license. Some add-on licenses may be included by default with a base license.
-
The date and time when the device was added to the policy group that it currently belongs to.
-
A field and report column showing the version number of the core agent (rpcnet) installed on a Windows or Mac device. For Chromebooks, it shows the version number of the Absolute for Chromebooks extension.
-
See agent connection.
-
A secure connection established between the Secure Endpoint Agent and the Absolute Monitoring Center through which device authentication or device data is sent. An agent connection occurs after a device is powered on or restarted, and then at 15 minute intervals while the device is online.
-
The operating condition of a device's Secure Endpoint Agent. Possible values are Active (indicates that the device's agent has connected to the Absolute Monitoring Center), Inactive (indicates one of the following: the device was moved to another account; the device was unenrolled, but it is now set to be reactivated; or the device had Persistence enabled at the factory, but it has not yet called in to the Absolute Monitoring Center), and Disabled (indicates that the agent is either flagged for removal or removed from the unenrolled device). Inactive and Disabled devices do not consume a license.
-
The platform that the installed Secure Endpoint Agent is supported on.
-
For Chromebook devices, the asset identifier populated by the Google Administrator. Maps to the Asset ID field in the Google Admin console.
-
For Chromebook devices, the address or location of the device. Maps to the Location field in the Google Admin console.
-
For Chromebook devices, initially populated with the user who first enrolled the device but the Google Administrator can edit this field. Maps to the User field in the Google Admin console.
-
A lightweight software component of the Secure Endpoint Agent that is responsible for running a script on a device when a Run Script request is processed.
-
A software program that protects devices against malware, including viruses, spyware, and other malicious software programs.
-
A software update released by an anti-malware vendor to protect devices against newly identified threats. Definitions are typically released on a daily basis.
-
A token containing a Token ID and a secret key, which is used to authenticate a request to a public Absolute API. Users generate API tokens in theSecure Endpoint Console.
-
A feature that enables you to validate and maintain the resiliency of critical third party applications. After you activate an Application Resilience policy in the Secure Endpoint Console, the Secure Endpoint Agent detects the functional status of the associated application and repairs or reinstalls it if it's not functioning correctly.
-
The identification number assigned to the device in the Secure Endpoint Console. Asset Number is a custom field meaning you can edit its value.
-
The username assigned to a device by a system administrator.
-
The date when the Chromebook device will no longer receive automatic Chromebook updates that enhance both the device and its software. Maps to the Auto-update expiration field in the Google Admin console.
-
The daily usage of a device, averaged over the 30 days prior to the most recent agent check-in and expressed in total hours and minutes. Note that any days with no usage are not included in the calculation. Applies only to Windows, Mac, and Chromebook devices with an activated Device Usage policy.
-
A lightweight software component of the Secure Endpoint Agent that detects anti-malware applications installed on a Windows or Mac device. On a Windows device, the AVP component also detects the status of the device's anti-malware applications.
-
A license associated with a core product offering, such as Absolute Resilience, Absolute Control, or Absolute Visibility. Base licenses include a suite of features that provide key capabilities in multiple areas.
-
For Chromebook devices, the boot mode of the device. Maps to the Boot mode field in the Google Admin console.
-
A device that provides devices with wireless connectivity.
-
A security measure that tests whether the user who is interacting with the webpage is a human or a computer.
-
A lightweight software component of the Secure Endpoint Agent that detects configured data points on a Windows device. The CDC component is deployed on a device only when the device is associated with a policy group in which the Custom Data policy is activated.
-
A computing model in which data is stored on remote servers that are managed by a cloud storage service provider. Users of the service access their data using the Internet or "cloud".
-
A codec is software that is used to encode (compress) or decode (decompress) digital media files, such as music and videos.
Codecs are used in streaming media, videoconferencing, and video editing applications to create and play media files.
-
The component manager (also known as CTES) is installed on top of the core agent and manages the agent components responsible for initiating device actions and collecting device data. Most agent components are controlled by policies, such as the Hardware and Installed Applications policies. The component manager typically connects to the Absolute Monitoring Center every 15 minutes, at a minumum, to send device data and receive instructions.
-
Report column that shows the status of the component manager (CTES) installed on a Windows or Mac device. Possible values are: Healthy (CTES is communicating successfully with the Absolute Monitoring Center), Packet inspection detected (CTES is not communicating with the Absolute Monitoring Center. To learn how to resolve this issue, hover over the icon and click "Learn more" in the tooltip), and No Data (CTES is not communicating with the Absolute Monitoring Center, or the status is not available because version 1.0.0.2116 or higher is not installed on the device, or the device is not a Windows or Mac device).
-
The core agent (also known as rpcnet) is a small software client that resides in devices that are managed in the Secure Endpoint Console. After the core agent is initially installed on a new device, it is activated with its first connection to the Absolute Monitoring Center and the device is enrolled in Absolute. The core agent then makes scheduled connections every 24.5 hours.
-
The name of the central processing unit within a device.
-
A data sanitation process that removes all encryption keys, effectively making all data on a device irretrievable, protecting it from unauthorized access.
-
The name of the wireless network that a device was connected to during the most recent agent connection.
-
Shows the user that was logged in during the most recent agent connection. If no user was logged in at that time, "No Data" or two em dashes (— —) show in the column.
-
A view preference applied to a predefined report, or a page in the Assets area. The custom view persists until you click "Reset to default". To create a custom view, use the Save report option.
-
A lightweight software component of the Secure Endpoint Agent that detects at-risk data stored on a Windows or Mac device during an EDD scan. The DAR component is deployed on a device only when the device is associated with a policy group in which the Endpoint Data Discovery policy is activated.
-
A device that has not contacted the Absolute Monitoring Center for 30 days or more. You can view these devices in the Dark Devices report or widget.
-
A physical location in which a company stores and operates its IT hardware infrastructure, including servers, routers, firewalls, and databases.
Your Absolute account data resides within one of Absolute's data centers. Each data center is associated with a unique URL (e.g. cc.absolute.com, cc.us.absolute.com, etc.), which you use when you log in to your account.
-
A discreet unit of information that is detected on a device and communicated to the Absolute Monitoring Center by the device's Secure Endpoint Agent.
-
The process of permanently removing or destroying the data stored on a device. A sanitized device is left with no usable data, and advanced forensic tools can't recover the removed or destroyed data.
-
The Department that the device belongs to.
-
Identified by the agent and communicated to the Absolute Monitoring Center via an agent connection.
-
The anti-virus software detected on a Windows or Mac device. Anti-virus software detects, blocks, and removes malicious software from a device.
-
A piece of electronic communication hardware on which the Secure Endpoint Agent can be installed, such as Windows or Mac laptops.
-
The name of the device group that the device belongs to.
-
For Chromebook devices, the enterprise device identifier that uniquely identifies the device. Maps to the Device ID field in the Google Admin console.
-
The name assigned to the device in the operating system.
For Chromebooks, device name is not applicable and therefore shows as "Chrome" in the Secure Endpoint Console.
-
A lightweight software component of the Secure Endpoint Agent that is responsible for freezing a device when a Freeze request is processed, or an Offline Freeze rule is triggered. The device can be unfrozen by submitting a Remove Freeze request, or by entering the applicable unfreeze code on the device.
-
When this term is associated with a device, it indicates that the Secure Endpoint Agent on the device is either flagged for removal or removed from the unenrolled device. Disabled devices do not consume a license. Also see Agent status.
-
The name of the device's Windows domain, if applicable.
-
A test to determine the accuracy of a detected location. The test uses a driving (or train) speed of 150 km/h to determine if a device could have realistically traveled from the last reported location to the new location in the time elapsed between the reported locations.
-
A lightweight software component of the Secure Endpoint Agent that detects the usage of a device by capturing user authentication events performed on the device by a user. It also captures minutes of activity. The DUR component is deployed on a device only when the device is associated with a policy group in which the Device Usage policy is activated.
-
Defines the confidential or at-risk file content to detect during an Endpoint Data Discovery scan. Absolute includes predefined EDD rules, but you can also create your own customized rules.
-
The Secure Endpoint Agent process that opens and analyzes files on a device's hard drive to identify at-risk content, as defined in an Endpoint Data Discovery policy. See also DAR component.
-
A file that has been converted to an encrypted form to prevent unauthorized users from viewing the sensitive data contained within it. An encryption key is required to decrypt and view the file.
-
The detected status of a Windows or Mac device with respect to the installation of a full-disk encryption product. Possible values are: Encrypted, Used Space Encrypted, Not Encrypted, Suspended, Encryption In Progress, Decryption in Progress, Not Detected and No Data.
-
Endpoint Data Discovery (EDD) policies scan the hard drives of your managed Windows and Mac devices for confidential file content, such as personal health information, credit card numbers, and SSNs. Scan results are reported in EDD reports to help you identify at-risk devices.
-
The process of adding a device to an account, which occurs automatically after the device's Secure Endpoint Agent makes its first connection to the Absolute Monitoring Center.
-
A lightweight software component of the Secure Endpoint Agent that detects encryption products installed on a Windows or Mac device, and the encryption status of the device's system drives. The Encryption Status (ESP) component is deployed on a device only when the device is associated with a policy group in which the Full-Disk Encryption Status policy is activated.
-
A lightweight software component of the Secure Endpoint Agent that is responsible for sending an end user message to a device when a Send Message request is processed.
-
The EEA includes all European Union (EU) countries and also Iceland, Liechtenstein, and Norway. It defines the countries that participate in the European Single Market.
-
A computer file containing a program or a set of scripts that run when the file is opened. Windows executable files use the .exe extension; other platforms use various extensions.
-
For Chromebook devices, shows the status of the Chromebook extension on the device.
-
A result on an EDD-related report or page in which a match is detected in a file, but upon further investigation, you do not consider the matched content to be at-risk data.
-
A report column that shows the date and time (local device time) when a file was last accessed on a Windows device, assuming that the Last Access Time setting is enabled on the device.
Note that this information is available only for files that were scanned by an activated Endpoint Data Discovery policy. You can add the File Accessed column to the following EDD reports: History, Reporting Data, and Devices with At-Risk Files in Cloud.
-
A report column and filter that applies to select Endpoint Data Discovery reports. The column provides an indication of how current a device's EDD data is. It may contain the following values: Current (data from the most recent full and delta scans), Incoming (data from a scan that is in progress), Historical (data from the previous full and delta scans), or Delta-Deleted (previously detected matches that were removed from the file prior to the last delta scan).
-
An on-demand Freeze request in which the Freeze at Firmware option is selected. This option prompts the device to be frozen at both the OS level (standard Freeze) and the firmware level. This type of Freeze action adds an extra layer of protection against bad actors because the device is unable to connect to the Internet.
-
The status of the Absolute Persistence module, which is embedded in the firmware of a Windows device by the device manufacturer. The module is responsible for monitoring the health of the Secure Endpoint Agent and restoring it if it's missing, damaged, or tampered with. Possible statuses are: Active, Deactivated, Not Supported, Pending, Pending Removal, and Unknown.
-
The version number of the Absolute Persistence module, which is embedded in the firmware of a Windows device by the device manufacturer. The module is responsible for monitoring the health of the Secure Endpoint Agent and restoring it if it's missing, damaged, or tampered with. Possible versions are 1.0 and 2.x.x.x.
-
A security action managed in the Secure Endpoint Console that enables an authorized user to show a full screen message on a device. A frozen device is unusable.
-
A software or hardware solution that secures, or encrypts, the entire contents of a physical drive. The Secure Endpoint Agent detects full-disk encryption hardware (self-encrypting drives) and software products that are installed on the hard drives of your Windows and Mac devices. Each encryption vendor uses specific encryption status strings in their products.
-
The Fully Qualified Device Name (FQDN) for the device, which consists of two parts: Device Name and Windows domain name. This field applies to Windows devices only.
-
The General Data Protection Regulation (GDPR) defines a set of data protection rules that apply to all organizations that process data related to individuals residing in the European Economic Area (EEA).
-
A lightweight software component of the Secure Endpoint Agent that detects the geographical location of your devices. The GEO component is controlled by the Geolocation Tracking policy.
-
A boundary that defines the geographical area within which you allow (or disallow) your devices to reside.
-
The Global Positioning System (GPS) is a satellite based navigation system that provides location information about any device with a GPS receiver. GPS is supported on select Windows devices only, and is reported in the console as OS Location.
-
The amount of storage currently available on a hard disk, expressed in gigabytes.
-
The date and time when a device's hardware information was last updated in the database.
-
A lightweight software component of the Secure Endpoint Agent that detects the hardware information of your devices.
-
The name of the device's main cellular network. This may differ from the Current Network Name if the device is roaming.
-
The unique Electronic Serial Number (ESN) assigned to the Secure Endpoint Agent that is installed on a device.
-
A snaphot of a hard drive that includes the operating system, settings, and installed software required by your organization. It serves as a template to ensure consistent and efficient device provisioning. It is also known as a system image or a base image.
-
When this term is associated with a device, it indicates one of the following: the device was moved to another account; the device was unenrolled, but it is now set to be reactivated; or the device had Persistence enabled at the factory, but it has not yet called in to the Absolute Monitoring Center. Inactive devices do not consume a license. Also see Agent status.
-
Similar to a MIME type, an Internet Media Type is a standard identifier to indicate the type of content contained in a file on the Internet. The format of the identifier is type name/subtype name (for example, application/zip or text/plain).
-
The date and time the Application Resilience (RAR) component of the Secure Endpoint Agent last ran a status check on the device.
-
The date and time when a device's component manager last connected to the Absolute Monitoring Center. For online devices, the component manager connects every 15 minutes. Also see component manager (CTES).
-
The date and time when the device's core agent last connected to the Absolute Monitoring Center. For online devices, the core agent connects once every 24.5 hours. Also see core agent (rpcnet).
-
For Chromebook devices, the date and time when the device last synced with your Google account.
-
For Chromebook devices, the date and time when the device information was last synced from your Google account to the Absolute Monitoring Center.
-
A predefined list of words and phrases that is compared to file content during an Endpoint Data Discovery (EDD) scan.
-
A process that runs when a policy is activated, or a device action is submitted. Devices pass license validation if their assigned product license supports the policy or device action.
-
A date and time expressed in a device's local time zone, as opposed to server time. In the console, local device time applies to usage data collected from devices, and the scheduling of some device action requests.
-
The local IPv4 Internet Protocol address that identifies a device that is connected to a private network.
-
The local IPv6 Internet Protocol address that identifies a device that is connected to a private network.
-
The date (and time) when an event occurred, expressed in the time zone of the device. Note that Daylights Savings Time (DST) is ignored, so depending on the locale of the device, times may be off by an hour during DST.
-
The most recently reported location (city, state/province, and country) of the device. Geolocation information is available only if the Geolocation Tracking policy is enabled in the device's policy group.
-
In the context of the Device Usage policy and the Device Analytics report, Login is a user event that occurs when a user logs in to a device, either directly or remotely, by entering their user credentials on the sign-in screen.
-
Also known as the modulus 10 or mod 10 algorithm. A simple checksum formula used to validate identification numbers, such as credit card numbers.
-
This term has two definitions, depending on the device attributes:
- Laptops and computing devices with mobile broadband adapters: Media Access Control (MAC) address is the hardware address that uniquely identifies each node of a network, such as Ethernet, or the mobile broadband adapter used to complete a call to the Absolute Monitoring Center.
- Smart phones: One or more MAC addresses detected on the smartphone, most commonly Wi-Fi MAC addresses. Some platforms may also have an Ethernet MAC address.
-
The manufacturer of a device.
-
A computed value indicating the number of content matches detected on a device during an Endpoint Data Discovery (EDD) scan. Depending on the context, the value shown for Match Score may apply to a file, a policy rule, or a device.
-
Microsoft BitLocker Administration and Monitoring (MBAM) is an enterprise management tool for Microsoft BitLocker Drive Encryption that facilitates deployment, key recovery, and compliance reporting.
-
The manufacturer's designated name for the type of device.
-
The process employed by Absolute to provide more accurate reporting of the applications installed on your devices. Specifically, publisher names are normalized to make them consistent across applications, and application names are normalized to make them consistent across versions.
-
For Chromebook devices, special information about the device. Maps to the Notes field in the Google Admin console.
-
A type of rule in which a Windows or Mac device is set to freeze if it goes offline and doesn't contact the Absolute Monitoring Center for a specified number of days.
If the device is frozen, its Freeze status is initially set to Frozen - Timer Expired or Offline Timer Expired until the device comes back online and an agent connection occurs. The device's Freeze status is then updated to Frozen.
-
After an Offline Freeze rule is activated on a device, the offline timer starts counting down on the device. With each successful agent check-in the timer resets. If a device does not check in before the timer expires, the device is frozen. The length of the timer in days is specified in the rule configuration.
-
A type of Freeze request in which a device is frozen on its next agent connection to the Absolute Monitoring Center.
-
For Chromebook devices, the full path of the OU that the device belongs to. Maps to the Organizational unit field in the Google Admin console.
-
The name and version of the operating system detected on a device.
The operating system is software that manages the software and hardware installed on a computer and allows programs and services to run. It is responsible for the basic operations of a computer system.
-
The unique identifier for an instance of the operating system on a device.
-
A collection of updates, fixes and/or enhancements to an operating system delivered in the form of a single installable package.
-
The number that identifies the version of the operating system, which was detected by the Secure Endpoint Agent.
-
A lightweight software component of the Secure Endpoint Agent that is responsible for managing the supervisor password on a device when a Manage supervisor password request is processed.
-
A smart group or static group that is assigned to one or more users in User Management to define the devices that the user has permission to manage. To edit a permission group, the "Edit permiission groups" permission for Device groups and folders is required.
-
A field and report column showing the version number of the Absolute Persistence agent (rpcnetp), which is embedded in the firmware of a Windows device by the device manufacturer. If a device's Secure Endpoint Agent is tampered with or removed, the Persistence agent connects to the Absolute Monitoring Center, which triggers the core agent (rpcnet) to be downloaded and reinstalled on the device.
-
Absolute Persistence® technology is embedded in the BIOS of most Windows devices during the manufacturing process. The Persistence module is activated during theSecure Endpoint Agent’s first connection to the Absolute Monitoring Center. This software checks the status of the agent and initiates self-healing to restore the agent if it's missing, damaged, or tampered with.
-
The phone number detected on a mobile phone or device.
-
The name of the device platform, such as Windows, Mac, or Chrome.
-
For Chromebook devices, the build number and channel of the device's Chrome OS operating system. Maps to the Platform version field in the Google Admin console.
-
A collection of devices to which a set of policies are applied.
-
The name of the policy group that the device belongs to.
-
A report that is available by default for all customer accounts. You can access your predefined reports in Absolute view of the Reports page. Also see "user-defined report".
-
The rate at which the computer processor computes, measured in megaHertz.
-
For Chromebook devices, the status of the device in the Google Admin console. Maps to the Status field in the Google Admin console.
-
The public IPv4 Internet Protocol address that identifies a device that is connected to the Internet.
-
The public IPv6 Internet Protocol address that identifies a device that is connected to the Internet.
-
A company or organization selling software applications that is detected by a device's Secure Endpoint Agent and reported in the Secure Endpoint Console.
-
The amount of dynamically accessible memory on a device, expressed in gigabytes.
-
A lightweight software component of the Secure Endpoint Agent that detects the status of third party applications installed on a device. The component may also attempt to repair the third party application if it is non-compliant.
The RAR component is deployed on a device only when the device is associated with a customized policy group and that policy group's Application Resilience policy is activated.
-
For Chromebook devices, a comma-separated list of users that have logged into the device, even if the users aren't configured with the Chromebook extension. The most recent users are shown first. Maps to the Recent users field in the Google Admin console.
-
Refers to the masking of characters from EDD data, such as credit card numbers and US Social Security Numbers, so that only part of the number is visible in the Secure Endpoint Console. Redaction occurs on a device before the content is uploaded to the database during an EDD scan.
-
The process by which a device is refurbished by an Absolute Authorized Refurbishment Center. This process removes the Secure Endpoint Agent from the device, which unenrolls it from your account and sets its status to Disabled. A Refurbishment event is also logged to the Events page. Note that if a device is reported missing or stolen in the console, the device can't be refurbished.
-
A third party application that is actively monitored by the Secure Endpoint Agent. This feature is available only when the Application Resilience policy is activated on a Windows device. Depending on the configuration of this policy, the agent may be able to repair the application if it's non-compliant, or reinstall it if it's missing.
-
A computed value in which a weight may be added to a Match Score depending on where the confidential or at-risk file content resides on the device. When a file resides in a cloud software storage folder, and therefore may be at risk of being shared in the cloud, its Match Score is multiplied by two (2) to arrive at its Risk Score. If the file resides elsewhere, the file's Risk Score is the same as its Match Score.
-
Security Assertion Markup Language (SAML) is an open standard for transmitting authentication and authorization data between an identity provider (IdP) and a service provider (SP). Absolute supports SAML 2.0.
-
An online service or website that creates, maintains, and manages identity information and authenticates users on the Internet using security tokens.
-
A system entity that relies on a trusted identity provider (IdP) for user authentication and authorization.
-
When SLO is enabled, all sessions established via SAML SSO are terminated by a single logout process. Users can log out of the identity provider (IdP) or any of the involved service providers (SP).
-
An authentication process whereby users provide a single set of credentials to access multiple web applications during a user session.
-
The date (local device time) when a device was scanned according to an Endpoint Data Discovery policy.
-
A type of Freeze request in which a Windows or Mac device is set to freeze on or after a future date.
If the device is offline or powered off on the scheduled date, the device's Freeze status is set to Frozen - Timer Expired or Scheduled Timer Expired until the device comes back online and an agent connection occurs. The device's Freeze status is then updated to Frozen.
-
A lightweight software component of the Secure Endpoint Agent that is responsible for deleting files from a device when a Delete File request is processed.
-
A lightweight software component of the Secure Endpoint Agent that is responsible for wiping a device when a Cryptographic Wipe request is processed.
-
A small software client—comprised of the core agent, the component manager, and other agent components—that resides in devices managed in the Secure Endpoint Console.
The Secure Endpoint Agent requires an internet connection only; contact with your devices is maintained when they are on or off your corporate network.
-
The Secure Endpoint Console is a web-based user interface that provides customers with visibility into their fleet of devices, and near real-time remediation to protect devices, data, applications, and users, whether those devices are on or off the network.
-
If the Secure Endpoint Agent on a Windows device is damaged, tampered with, or removed, the Absolute Persistence module embedded in the device's firmware makes a self healing call to the Absolute Monitoring Center, which restores the agent.
-
The identification number assigned to the device by the device manufacturer.
For Windows devices, this value may correspond to the serial number of the BIOS, the motherboard, or the chassis, depending on the manufacturer.
-
A collection of updates, fixes, and enhancements to a software program delivered in the form of a single installable package.
-
User sessions are terminated after 20 minutes of inactivity, at which time the user is redirected to the login page to log in again. This account-level setting is not configurable.
-
A read-only report that another user has shared with you. Shared reports show in "Shared with me" view of the Reports page.
-
A lightweight software component of the Secure Endpoint Agent that detects software applications installed on a device. The SNG component is deployed on a device only when the device is associated with a policy group in which the Installed Software policy is activated.
-
Indicates whether the firmware's supervisor password on a device has been set remotely in the Secure Endpoint Console. Possible values are: Not Set, Set Locally (changes require current password), Set Remotely, and Set Remotely (changes require current password). The field applies to select Windows devices only.
-
The version number of the firmware's supervisor password software. This field applies to select Windows devices only.
-
An IdP group that has been assigned to the Absolute SCIM application in your IdP, which enables user information to be synced from your IdP to your Absolute account. Applies to SCIM integration only.
-
A protocol that allows event data from different types of systems to be transmitted in a standardized format to a central repository.
-
Microsoft System Center Configuration Manager (SCCM) is a system management software product that lets IT administrators manage their Windows devices by performing tasks remotely.
-
A method of confirming a user's identity using a combination of two different factors. Absolute's Two-Factor Authentication solution uses a password and a verification code, which is generated on the user's mobile device using Google Authenticator.
-
A report column showing the date and time when an Unenroll Device request was submitted for a device. The device's Secure Endpoint Agent is set to Disabled.
-
A 4 to 8 digit passcode that a user can enter on a frozen device to unfreeze it.
-
In the context of the Device Usage policy and the Device Analytics report, Unlock is a user event that occurs when a user unlocks a device, either directly or remotely, by dismissing the Lock screen (if applicable) and entering their password on the sign-in screen.
-
The level of daily device usage, averaged over the past 30 days. There are four levels: Heavily Used (over 8 hours), Moderately Used (4 to 8 hours), Lightly Used (1 to 4 hours), Not Used (less than 1 hour). Applies only to Windows, Mac, and Chromebook devices with an activated Device Usage policy.
-
An encryption status that is set when all disk space containing data is encrypted by BitLocker Drive Encryption, but free space is not encrypted.
This status indicates that the Used Disk Space Only encryption option is enabled in BitLocker. For more information about this option, see Microsoft BitLocker Drive Encryption documentation.
-
A report created using the Save As report option to save your report customizations to a new report. User-defined reports show in My Reports view of the Reports page. Also see "predefined report".
-
Username of the user who was logged in to the device when an agent connection occurred.
If no user was logged in during the most recent agent connection, the last detected username shows.
If you are viewing a report and want to see if a user was logged in during the most recent connection, add the Current Username column to the report. If no user was logged in at the time of the connection, "No Data" or two em dashes (— —) show in the column.
-
A single accessible storage area with a single file system that is resident on a single partition of a hard disk.
-
A virtual private network (VPN) is a connection that enables authorized remote users to gain secure access to files, databases, and other network applications from a web-enabled device.
-
Wireless Fidelity (IEEE 802.11b wireless networking). A technology that uses radio waves to let electronic devices connect to wireless networks.
-
Windows Preinstallation Environment (WinPE) is a lightweight version of Windows that can be used to recover offline devices.
-
A lightweight software component of the Secure Endpoint Agent that detects web activity in the Chrome browser on Windows and Chromebook devices. The WMA component is controlled by the Web Usage policy.
