Business growth is good. But it can push traditional software-management tools past their limit. Just ask professional services firm Genpact Ltd. Genpact’s growth has been swift. Its staff has grown from about 19,000 employees in 2005 to more than 100,000 in 2021. During those same years, Genpact’s revenue rose from about $490 million to $4 billion. To support so much business, Genpact today runs approximately 110,000 endpoint devices in some 70 locations around the world.
All that business growth created a new IT challenge. Genpact’s software-management tool, which had sufficed at a smaller scale, was no longer up to the task.
Genpact had relied on native endpoint tooling that utilized a traditional hub-and-spoke architecture that let administrators manage security and applications on remote devices. However, the Genpact team found that, with such a large endpoint estate, the tool had effectively hit its limit.
“It was becoming extremely challenging for us to manage so many endpoints using our previous tool,” says Anil Nomula, assistant vice president and global enterprise architect at Genpact. “Sometimes we’d go into troubleshooting calls for days. Yet the problems kept coming back.”
Something had to change. Anil’s manager gave him a new assignment: Find an alternative management tool.
With a quick web search, Anil discovered Tanium. His team then dug in for more detail, reviewing diagrams of Tanium’s reference architecture to understand how the solution worked. “The idea of getting results in 15 seconds really struck us,” Anil says. “We thought, ‘Wow, compared with our current infrastructure, Tanium is so simple.’”
That infrastructure involved more than 50 servers as well as multiple FileShare distribution points. By comparison, Tanium — especially in its cloud-based version — requires essentially no infrastructure on the user’s side at all.
Anil and his team asked Tanium for a proof-of-concept demo. The initial test involved fewer than 3,000 endpoints, but was so successful that the Genpact team quickly raised that number to roughly 10,000.
Everything changed with the arrival of the pandemic. Almost overnight, Genpact’s 100,000 employees began working from home. That pushed Genpact’s legacy implementation, already stretched to its limit, into the red.
“We realized there’s no way we can manage all those home-based endpoints with our previous tool,” Anil says. “So, we went Big Bang across the organization, managing everything through Tanium.”
Shifting to the cloud
Initially, Genpact implemented Tanium on premises. But Anil quickly saw that Genpact’s sudden shift to working from home — even now, about 80% of Genpact employees still work remotely — was also a good reason for moving the company’s Tanium on-prem implementation to the cloud. Once that decision was made, the Genpact team transitioned to Tanium Cloud in less than six weeks. The move included shifting about 70% of Genpact’s 4,500 to 5,000 servers to the cloud.
By moving both their endpoints and Tanium environment to AWS EC2 cloud instances, Genpact has consequently removed the need to purchase and manage costly network infrastructure for these systems. This network infrastructure is now managed by AWS. In the past, Genpact sometimes pumped out as much as 80 terabytes of data from its on-premises Tanium environment. Now, Anil says, “that’s completely gone.”
“The beauty of Tanium is that everything flows in real time. We’re not working with stale data anymore. Now everything reflects how our environment actually looks.”
— Anil Nomula, Assistant Vice President & Global Enterprise Architect, Genpact
Genpact was able to pivot so quickly by essentially mirroring their on-prem workloads through the cloud, initially with just 25 endpoints. Once that was shown to work, the team bumped up the number, first migrating 1,000 endpoints a day to the cloud. When that too worked, they scaled to as many as 5,000 endpoints a day. Genpact’s Tanium account managers helped, too, by providing insights on which payloads were active and writing scripts to transfer assets.
As a result of adopting Tanium, Genpact first overcame the limitations of its previous management tool Then they enjoyed additional benefits by moving Tanium from an on-prem implementation to the cloud.
According to Anil, the benefits from using Tanium Cloud have been three-fold. The first area is manpower formerly dedicated to managing Genpact’s Tanium environment. Now that Genpact is using Tanium Cloud, that work is done for them, dropping Genpact’s labor requirement to essentially zero.
Second is the cost of the server infrastructure and database required to run Tanium on-prem. “We’ve been able to eliminate that,” Anil says.
A third area has been the dramatic improvements in nearly every security metric — even though Tanium was initially implemented for operational purposes. For example, Tanium has helped Genpact achieve nearly 99.9% compliance with antivirus software on the desktop. Similarly, when the operations team identifies a vulnerability with Tanium’s help, it can alert the security team and provide them with information on the recommended fix or patch.
On the operations side, Genpact uses Tanium for all endpoint-management tasks. That includes jobs as simple as remotely renaming a computer and as a complex as pushing new software packages, patching vulnerabilities and updating operating systems. Genpact has also installed self-healing and troubleshooting packages, so employees can use Tanium to repair select software without needing help from the IT group.
Genpact is also using endpoint data collected by Tanium to take proactive actions. For example, if the data shows that a particular model laptop is crashing, Tanium can show the Genpact team how many employees have that laptop. Then the team can reach out to those users before there’s a problem.
Tanium Cloud allows the team to be more relaxed about exporting data to tools for AI, data analysis, visualization and more. “We export a ton of Tanium data into external tools,” Anil says, “and now that we’re in the cloud, we’re more carefree because performance scaling is no longer something I need to worry about. It’s provided as part of the platform.”
Moving to the cloud has also dramatically cut Genpact’s costs for hosting and network egress. Anil estimates that overall, he’s now paying only about 25% of what he had paid using Tanium on-prem. “That’s why we immediately jumped,” he adds. “It made perfect sense.”
Looking ahead, Anil says: “We want to be able to completely manage our endpoints, including policy management and user experience, with Tanium — and nothing else.”
“With Tanium, we’ve also been able to improve every security metric.”
Compliance. Ninety-nine percent compliance with antivirus persistence on the endpoint.
Cloud Infrastructure. Genpact has eliminated the cost of the server infrastructure, lowering its networking and hosting costs by approximately 75%.
Closer Security & Ops Cooperation. Security and Ops teams work together to identify and then remediate endpoint vulnerabilities.
Keeping up with Growth. Tanium Cloud scales to thousands of endpoints and employees — including all those working from home.
Learn more about the Tanium Cloud platform and how it can help your business with complete, accurate and real-time endpoint data regardless of scale and complexity.