Getting started with the Policy Groups area

Within the Policy Groups area, you can create policy groups A collection of devices to which a set of policies are applied. and assign a product license and a group of devices to each of them. Each policy group includes a set of policies that you can activate to detect specific information on your devices. The assigned product license determines which policies are available. You can view the detected information in Absolute reports and monitor your devices to ensure that they comply with your organization's policies.

Available policies

Depending on the licenses assigned to a policy group, you may be able to activate the following policies:

Policy	Details
Application Resilience	Controls the collection of information about the functional status and compliance of third party applications, such as Microsoft BitLocker® Drive Encryption, installed on your devices. Depending on the Absolute licenses associated with your account, it may also repair or reinstall the application if it is not functional or non-compliant. You can view the collected status information in the Application Resilience report and the Application Resilience Events report. By default, the Application Resilience policy in your Global Policy Group is set to Inactive, but you can activate it.
Custom Data	Controls the collection of custom information from your Windows devices You can configure this policy to retrieve custom Data Points from your devices. You can view the custom Data Points by adding Custom Data columns to supported pages and reports. By default, the Custom Data policy in your Global Policy Group is set to Inactive, but you can activate it.
Device Usage	Controls the collection of information about the usage of your Windows, Mac, and Chromebook devices When this policy is activated, the Absolute agent A small software client—comprised of the core agent, the component manager, and other agent components—that resides in devices managed in the Absolute console. The Absolute agent requires an internet connection only; contact with your devices is maintained when they are on or off your corporate network. detects when a user logs in or unlocks a device and records that action as a device usage event. It also detects the number of minutes per hour the device is actively in use. You can view the device usage information in the Device Analytics report and on a device's Usage Event Details page. By default, the Device Usage policy in your Global Policy Group is set to Inactive, but you can activate it.
Endpoint Data Discovery (EDD)	Controls the detection of confidential or at-risk content that is stored in files on Windows and Mac devices You can configure the EDD policy to detect content, such as personal health and financial information, credit card numbers, or Social Security numbers, that is stored in files on your devices. You can view EDD data in reports, such as the History report, and on a device's Endpoint Data Discovery page. By default, the EDD policy in your Global Policy Group is set to Inactive, but you can activate it.
Full-Disk Encryption Status	Controls the collection of information about the full-disk encryption products installed on each Windows and Mac device, and the encryption status of the devices' drives This policy is preconfigured to detect all available full-disk encryption product data from each device. You can view the detected data in the Full-Disk Encryption Status report or by adding columns to the Devices page or the Devices with Actives Policies report. By default, the Full-Disk Encryption Status policy in your Global Policy Group is set to Inactive, but you can activate it.
Geolocation Tracking	Controls the collection of location information from your supported Windows, Mac, Android, and Chromebook devices This policy is preconfigured to collect the current physical location of each device. You can view the detected data by switching to map view in the Assets or Reports area, or by adding Geolocation columns to supported pages and reports.
Hardware	Controls the collection of hardware information for Windows, Mac, Android, and Chromebook devices This policy is preconfigured to perform a daily scan of each device to collect all available hardware data, which can include hundreds of data point A discreet unit of information that is detected on a device and communicated to the Monitoring Center by the device's Absolute agent.s depending on the device's operating system. For details about the specific hardware information detected for each supported operating system, see Data points collected by activated policies. You can view the collected hardware information on the All Devices page, and on a device's Device Details page. NOTE Depending on the default configuration of your account, the Hardware policy in your Global Policy Group may be set to Active or Inactive by default. If the policy is Inactive you can activate it, but note that you can't deactivate it once it's activated.
Installed Applications	Controls the collection of information about the applications installed on Windows devices This policy is preconfigured to detect all available application data from each device. You can view the detected data on the Applications page in the Assets area, the Installed Applications report, and on a device's Applications page. By default, the Installed Applications policy in your Global Policy Group is set to Inactive, but you can activate it.
Software	Controls the collection of information about the software detected on Windows, Mac, and Android devices This policy is preconfigured to detect all available software data from each device. You can view the detected data in reports, such as the Software Overview report, and on a device's Software page. By default, the Software policy in your Global Policy Group is set to Inactive, but you can activate it.
Web Usage	Controls the collection of web usage data from the Chrome browser on your Chromebook and Windows devices. Activate the Web Usage policy if you want to view information about the websites and webpages that your users visited most recently. You can view the usage information in the Web Usage (Last 7 Days) report and the Web Usage (Trending) report.

NOTE Depending on the permissions associated with your user role, and the Absolute product licenses associated with your account, some policies may not be available.

How are new devices assigned to policy groups?

When new devices are added to your account, they are added automatically to one of the following policy groups, depending on the status of your Absolute licenses:

If Absolute licenses are available to be assigned to the new devices, the devices are added to the Global Policy Group.
You can leave the devices in this policy group and activate the group's policies, but depending on the structure of your organization, it may not make sense to collect the same information from all of your devices. For example, you may want to collect specific information from the devices in your Marketing department, and other information from the devices in your Finance department. To address this situation, you can create multiple custom policy groups and assign a license and group of devices to each of them. You can create as many custom policy groups as is required to meet your needs.
If no Absolute licenses are available to be assigned to the new devices, the devices are added to the Unlicensed Policy Group.

Devices in this policy group do not consume a base license A license associated with a core product offering, such as Absolute Resilience, Absolute Control, or Absolute Visibility. Base licenses include a suite of features that provide key capabilities in multiple areas.. The Hardware policy is activated on the policy group's devices, but no other policies are available for activation. To move these devices to another policy group, you need to increase the number of available licenses in your account. You can do this by either releasing some licenses from devices that you want to retire or by contacting Absolute Sales to purchase more licenses.

Managing policy groups and policies

Within the Policy Groups area, you can manage the custom policy groups you've created, and the policies and devices contained within them. Specifically, you can perform the following tasks:

NOTE For more information about working with policy groups and policies, visit the Learning Hub. To access the Learning Hub, click on the quick access toolbar and then click Resources > Learning Hub.