Absolute Security Administration and Geolocation
Authorization Agreement
Security Administrator and Security Power User Roles
Absolute's advanced data protection features (also known as security operations) allow your organization to
monitor and secure a specific tracked device or a group of tracked devices. For example, Absolute’s Data
Delete service enables the permanent deletion of some or all data from the hard drive of a specific tracked
device, whereas Absolute’s Locking Operations may disable, in whole or in part, a tracked device. The
particular security operations available to your organization depend on the service edition you have purchased.
Only Administrators and Power Users who are granted security authorization can use these features.
One purpose of this agreement is to identify the Security Administrators and Security Power Users for your
account who are authorized to use the security operations included in your service edition through the
Absolute DDS console and who are granted Agent Removal Request rights. A Security Administrator is
authorized to set up, edit, and apply Agent Removal Request rights and advanced security operations such as
Data Delete Operations and Locking Operations, and Agent Removal Requests. A Security Power User has the
same powers as a Security Administrator, but limited to devices in the user’s assigned device group only.
Given the nature of these protective security operations and the potential consequences of performing
an unauthorized operation, this procedure is instituted to help protect both of our organizations from
potential error or fraud.
Geolocation Tracking Feature Authorization
In addition to the Agent Removal Request rights and security operations, Absolute’s Geolocation Tracking
feature allows your organization to more precisely and immediately determine the physical location of a
specific tracked device as of the most recent time it has contacted the Absolute Monitoring Center provided
that the tracked device is properly equipped with a positioning device approved for use with the Geolocation
Tracking feature.
Determining the location of tracked devices may by implication also determine the location of individuals who
use or possess those devices. The law of your jurisdiction likely requires the consent of such individuals before
their movements may be tracked legally. By activating or using the Geolocation Tracking features, you
agree that you will only use the Geolocation Tracking feature (a) with the unambiguous consent of all
users and possessors of tracked assets, and (b) in accordance with all applicable employment, privacy,
and other laws.
Authorization
This agreement and Absolute's Service Agreement will govern your use of the Geolocation Tracking feature. In
addition, some security operations, such as Data Delete or Locking Operations, require additional specific
authentication using either E-mailed Authorization Codes or RSA SecurID® tokens.
E-mailed Authorization Codes
If you select E-mailed Authorization Codes as your authentication method, a Security Administrator or Security
Power User must request a unique authorization code through the Absolute DDS console before using any of
the advanced security operations, such as initiating a Data Delete or a Locking Operation. The authorization
code is sent to the e-mail address on file for the Security Administrator or Security Power User who makes the
request. The authorization code is valid for two (2) hours after it is issued, and can only be used for one
operation. The authorization code can only be used by the user who requests it. There is no charge for e-mailed
authorization codes.
RSA SecurID Tokens
If your company requires an additional layer of security around the security operations, you may select RSA
SecurID tokens as your authentication method. If you choose RSA SecurID tokens, Absolute sends you one
physical RSA SecurID key-chain token for each Security Administrator and Security Power User specified on
the authorization form.
The RSA SecurID token generates a unique passcode every 60 seconds, which is used to authenticate an
individual Data Delete Operation request or another request for advanced security operations. The RSA
SecurID token is linked to the Security Administrator or Security Power User and can only be used by that
individual. You must purchase a separate token for each Security Administrator and Security Power
User you specify.
Security Authorization Form V12.0 14-Mar-2017
Page 1 of 4
Ordering RSA SecurID Tokens
To order RSA SecurID tokens, fax or mail a Purchase Order (PO) to your Sales Representative when you return
the signed copy of this document. POs should specify the following information:
•
Valid PO Number
•
Applicable SKU (RSA-TOK)
•
Quantity of RSA SecurID tokens ordered
•
Price of each RSA SecurID token ($300 US, inclusive of shipping)
•
“Ship to” and “Bill to” addresses
NOTE
Each token has a three-year lifespan.
Access to the Absolute DDS console
When your authorization agreement is processed, you are granted access to the advanced security operations
on Absolute’s DDS console website and receive notification by e-mail. If you are using RSA SecurID tokens for
authorization, you will also receive your tokens by courier.
Rescinding This Agreement
To rescind this authorization agreement and remove access to the Agent Removal Request rights and
advanced security operations or to the Geolocation Tracking feature, log in to the Absolute DDS console and
submit a support case to Absolute Global Support.
Transferring an RSA SecurID Token
To transfer an existing RSA SecurID token to a new Security Administrator or Security Power User, complete
the RSA SecurID Token Transfer Agreement, available on the Documentation page in the Absolute DDS
console.
Questions
If you have any questions or concerns regarding this agreement, contact Global Support at
www.absolute.com/support. For more information about Agent Removal Request rights and the advanced
security operations covered under this agreement, refer to the Absolute DDS 5 User Guide (specifically
“Securing Your Data and Devices” and the various chapters on security operations), and the Data Delete FAQs.
You can access these documents from the Documentation page in the Absolute DDS console.
Terms and Conditions
This agreement is subject to the terms and conditions specified in Absolute's Service Agreement. For more
information, see www.absolute.com/en/about/legal/agreements.
Delivery
Scan and save a copy of your signed form. To return this form to Absolute, log in to the Absolute
DDS console, click Support > Submit a Support Case, and complete all fields on the form. For
Classification, select Security Admin & Geolocation Authorization Form. Near the bottom of
the form, click Add Attachment and select the scanned copy of your signed form. Click Submit.
Security Authorization Form V12.0 14-Mar-2017
Page 2 of 4
Security Administration and Geolocation Authorization
Form
Organization Information
Organization Name:
Account Number:
Security Administration Form
Specify the personnel who are granted Agent Removal Request rights and who are authorized to request the
advanced security operations. If you are using RSA SecurID tokens, you must purchase a separate token for
each Security Administrator and Security Power User.
Preferred Authentication Method (select one):
•
E-mailed authorization codes
•
RSA SecurID tokens
Authorized User
Authorized User
Name:
Name:
Title:
Title:
Phone:
Phone:
E-mail:
E-mail:
DDS
Username:
DDS
Username:
User Role:
User Role:
Authorized User
Authorized User
Name:
Name:
Title:
Title:
Phone:
Phone:
E-mail:
E-mail:
DDS
Username:
DDS
Username:
User Role:
User Role:
Security Authorization Form V12.0 14-Mar-2017
Page 3 of 4
Geolocation Tracking Activation Form
If your service edition includes the Geolocation Tracking feature, indicate below whether or not you want to
activate the Geolocation Tracking feature.
• Do not enable Geolocation Tracking (default if no option selected)
• Enable Geolocation Tracking for entire account
• Enable Geolocation Tracking for only the following tracked devices:
Identifier 1:
Serial #:
Identifier 2:
Serial #:
Identifier 3:
Serial #:
If more space is required to list specific devices, send a list of Identifiers and their serial numbers to Absolute
along with this completed and signed form. To return this form to Absolute, follow the directions provided in
the section titled “Delivery”.
Authorization and Signature
By signing below, you certify that you are an authorized signatory, and can thereby agree to your
organization’s use of the advanced protection features according to the terms of this agreement. You
agree that you will only use the Geolocation Tracking feature (a) with the unambiguous consent of all
users and possessors of tracked assets, and (b) in accordance with all applicable employment,
privacy, and other laws. The organization named above will abide by the terms of this agreement as
of this ______ day of ________________, 20____.
Authorized Signatory
By:
Name:
Title:
Date:
©2017 Absolute Software Corporation. All rights reserved. Absolute, Computrace, and Persistence are registered
trademarks of Absolute Software Corporation.
Security Authorization Form V12.0 14-Mar-2017
Page 4 of 4