Activating policies

To start collecting specific information about your devices, activate one or more of the following policies:

You can view the collected information in Absolute reports and monitor your devices to ensure that they comply with your organization's policies.

Note the following about the policies on this page:

The Hardware policy is activated by default.
If there is no activation slider or Configure button shown next to a policy, it is not supported by any of the product licenses associated with your account. To activate this policy, you need to upgrade your product licenses.

For information about activating the Playbooks policy, see Getting started with Playbooks policies.

To activate a policy:

Log in to the Secure Endpoint Console as a user with Manage permissions for Policies.
On the navigation bar, click Policies > Policy Groups.
On the Policy Groups sidebar, click the policy group that contains the policy you want to activate. The policy group opens in the work area.
Do one of the following:
- To activate the Endpoint Data Discovery (EDD) policy and start scanning Windows and Mac devices using the policy's scan configurations, next to Endpoint Data Discovery, click the activation slider to set it to On.
  
  Before you activate the EDD policy, click Configure to edit the default policy configuration to suit the needs of the policy group's devices.
- To activate the Full-Disk Encryption Status policy and start collecting information about the status of the full-disk encryption products installed on your Windows and Mac devices, next to Full-Disk Encryption Status, click the activation slider to set it to On.
- To activate the Device Usage policy and start collecting information about when users are using their Windows, Mac, and Chromebook devices, next to Device Usage, click the activation slider to set it to On.
- To activate the Application Resilience policy and start reporting on and repairing select third party applications installed on your Windows devices:
  1. Next to Application Resilience, click Configure.
  2. In the Application Resilience dialog, under the Inactive heading, click next to each application policy you want to activate.
    
    If you have not yet configured a policy for the desired application, click Create Policy and complete the policy configuration before activating the policy.
    
    If an Absolute Ransomware Response license (base or add-on) is assigned to the policy group, you can activate up to two (2) policies. After two policies are activated, all other Activation sliders are disabled.
- To activate the Geolocation Tracking policy and start collecting location information from your devices, next to Geolocation Tracking, click the activation slider to set it to On.
  
  There are account-level settings that apply to geolocation. Consider enabling them when you activate the Geolocation Tracking policy. Learn more
- To activate the Playbooks policy so you can run playbooks on your devices, next to Playbooks, click the activation slider to set it to On.
- To activate the Installed Applications policy and start collecting information about the software applications installed on your Windows and Mac devices, next to Installed Applications click the activation slider to set it to On.
  Collecting application usage information
  Depending on the Absolute products associated with your account, you can also collect application usage information from your Windows devices.
  
  To collect application usage information:
  1. Select the Include Usage data checkbox that shows under the Installed Applications policy.
  2. In the dialog that opens, click Activate.
  Application usage information is not available in reports. To view application usage for your devices, create a dashboard widget based on the Application usage data source. Learn more
- To activate the Required Applications policy and start reporting on the compliance status of applications installed on your Windows and Mac devices:
  1. Next to Required Applications, click Configure.
  2. In the Required Applications dialog, under the Unassigned heading, click next to each application policy you want to assign to the policy group.
    
    If you assign a policy labeled as Inactive, you must also activate the policy if you want it to start collecting data.
    
    If you have not yet configured a policy for the desired application, click Create Policy and complete the policy configuration before activating the policy.
- To activate the Web Usage policy and start collecting information about web activity on your Windows and Chromebook devices, next to Web Usage, click the activation slider to set it to On.
  
  The Web Usage policy collects sensitive information about a user’s web browsing activity. Web usage data may be subject to privacy laws in your jurisdiction. Before activating the Web Usage policy, review and understand the applicable privacy laws. Also ensure that you activate the policy in only those policy groups that contain the devices you want to monitor.
- To start collecting Custom Data data points from the policy group's Windows devices, next to Custom Data, click Configure. Learn more
- To activate the Device Compliance policy and start collecting information to determine the state of compliance of your Windows and Mac devices, next to Device Compliance, click the activation slider to set it to On.
  
  Before you activate the Device Compliance policy, click Configure to edit the default policy configuration to suit the needs of the policy group's devices.
On the Activate Policy confirmation message, click Activate.

The policy is activated on all devices that pass license validation. For Application Resilience policies, an App resilience policy activated event is logged to Event History.
About license validation
When you activate a policy, the product license of each device is actively validated to determine if its license supports the policy. During the validation process, a spinner and the message Validating device licenses... are shown next to the activation slider. Validation may take a few moments.

When license validation is complete, one of the following occurs:
- If all devices pass validation, a icon shows in the License status column, followed by a Last validated date and time.
- If some devices pass validation and some do not, the following message shows in the License status column: Some devices require a license upgrade.
  - To view information about the product (or products) required to activate the policy, click the (Help and Support) icon. A tooltip shows each product's respective counts of available licenses.
  - To view the list of licensed devices that need a license upgrade before the policy can be activated on them, click Show devices. The policy's ineligible devices report opens to show the devices that lack the required license, or licenses. From this report, you can select one or more devices and click Change License to assign a license to the devices or Change Policy Group to move the devices to another policy group.
    Since policy activation is not supported on unlicensed devices, they are excluded from the license validation process. As a result, unlicensed devices are not listed on the policy's ineligible devices report.
    When unlicensed devices exist in your account, an orange banner showing the count of unlicensed devices is presented at the top of each console page. To open a report showing all unlicensed devices, click View devices in the banner.
  If required, you can contact Absolute Sales to purchase more licenses.

If this is the first time that a policy is activated on a device, the applicable component of the Secure Endpoint Agent is deployed to the device and activated. The component detects the available information on each device, encrypts the information, and uploads it to the database using a secure connection that is independent of the device's scheduled connection to the Absolute Monitoring Center. You can then view the detected information in Absolute reports and on each device's Device Details pages.