Mar 18, 2021

How Manufacturer Lumentum Stayed Secure, Agile and Effective During the Pandemic

When the pandemic struck, Lumentum was ready to act quickly. The company’s chief information officer shifted to a work-from-home policy and kept devices and data safe with Tanium.

By Tanium Staff

When the COVID-19 pandemic struck in January 2020, regions were locked down. Supply chains were disrupted. Workers were sent home. And Ralph Loura was ready with the tools, capabilities and experience required to adapt to every change that came his way.

Loura is the chief information officer at Lumentum, a global manufacturer of infrastructure components that are critical for operating the internet, including fiber-optic cables, servers, routers and data centers.

Having managed teams in Asia during the bird flu and swine flu pandemics years ago, Loura knew the wisdom of including a pandemic scenario in his risk assessment planning for Lumentum’s acquisition of a Chinese subsidiary.

When the unthinkable happened, Loura was ready to act quickly. He curtailed employee travel, shifted to a work-from-home policy, and kept devices and data safe with Tanium endpoint security.

Launching a distributed workforce: a global CIO’s perspective

As CIO, Loura is responsible for architecting, provisioning and maintaining the technology that drives Lumentum’s distributed global workforce. Lumentum operates facilities in 22 countries and employs approximately 4,000 knowledge workers, as well as thousands of factory workers.

Loura and his colleagues began following COVID-19 long before it made headlines stateside. They tracked data from the World Health Organization (WHO) and the U.S. Centers for Disease Control and Prevention (CDC) to track the sources and spread of the virus. They wanted to act quickly and prudently to protect employees.

Under Loura’s guidance, the company began locking down far earlier than most other organizations.

“We started on January 28 by suspending all work travel globally,” Loura says. “We locked down all our sites to outside visitors, and we started doing all meetings via videoconference.”

At first, this decision raised a few eyebrows, especially from some of Lumentum’s customers and vendors. Over time, Loura and his colleagues were proven to have made the right move.

“Frankly, a lot of people were kind of scratching their heads and wondering why we were being so extreme about meeting in person,” Loura says. “Obviously, that’s changed.”

Making the official transition to mass WFH

Even though Loura had a pandemic plan ready when COVID-19 struck, he still faced his own scramble when the official lockdown orders were passed down from countries and states.

“In the first few weeks of the lockdown, even though we planned and ran through models, it was still a chaotic time,” Loura says. “Taking thousands of people and moving them en masse to a WFH environment put a strain on the network teams, on the end-user services team, and on our partners in HR and workplace services.”

During those early days, Loura and his teams worked through challenges that included:

Increased Demand: Lumentum was an essential business that made components for the internet. It faced a surge in orders and activity right when the pandemic struck.

Missing Policies: Lumentum had no defined WFH policy, and their leaders had to bootstrap a number of key decisions and rapidly put them into practice.

Struggling Supply Chain: Loura’s suppliers were constrained by the lockdowns while facing spiking demand. Initially, Lumentum had a hard time getting enough PCs, cameras and other devices for newly remote employees.

Lack of Bandwidth: VPN connectivity soon became a critical resource, and it took Loura weeks to upgrade every global site that experienced inadequate connectivity.

In the background of each of these challenges was a looming, overarching concern — how to solve these problems and make the transition to a primarily WFH network without opening the doors to cybercriminals.

Watch this video interview with Loura to hear more about how the company reacted during the pandemic. 

Staying secure: core principles for comprehensive endpoint defenses

Loura has applied a wide-ranging approach to cybersecurity throughout the pandemic. He believes IT leaders must think beyond prevention when protecting their environment.

“A lot of people have always had this idea: ‘If I follow the right protocols — if I install antivirus, if I keep my firewall up to date, if I keep my systems patched — then I’m okay’,” Loura says. “But they have to realize that there is no digital hygiene that prevents any and all issues. You have to remain cyber-fit, aware and vigilant — all the time.”

Loura breaks his definition of being “cyber-fit, aware and vigilant” into a few practical steps:

1. Create Comprehensive Visibility
“I need intelligence coming off every device, all the time — what’s occurring on it, what may or may not have been deployed, and what activity that is normal or abnormal that’s occurring on the device — so I have the information I can use to make better decisions about how to proceed,” Loura says.

Having good endpoint or edge intelligence is key to securing and managing endpoints.

2. Establish Real-Time Control
“Real-time control for me means that I can touch every device on a moment’s notice,” Loura says. “Once a malware gets into a network, it can spread very quickly.”

Being able to rapidly respond, isolate, and recover are key capabilities to prevent a minor issue from becoming a major one and jeopardizing the organization’s security and operations.

3. Use the Right Instrumentation
“If you have thousands, or tens of thousands of devices, you can’t afford to have your team manually addressing each of these issues,” Loura says. “You need a well-instrumented platform that you can use to run data collection and run execution and action on a wide range of devices across the globe.”

Having an effective endpoint management platform is essential for managing lots of endpoints.

Fortunately, Loura had already established visibility, control and the right tooling at Lumentum long before the pandemic struck.

When he first arrived at Lumentum two years prior, the company was operating from a conventional hub-and-spoke endpoint management model that used traditional tools. He immediately moved them to a modern, distributed model that leveraged a suite of endpoint management tools capable of maintaining visibility and control over a mostly remote endpoint environment.

To support that distributed model, he chose the Tanium endpoint management solution.

Tanium as a Service provides enterprise-grade visibility and control across complex distributed environments for both IT operations and security.

Loura credits at least part of his ability to smoothly transition Lumentum to WFH — and to keep the organization safe throughout the pandemic — to the fact that he already had the Tanium platform and its supporting processes in place.

For organizations that have not yet reached a similar level of digital maturity, Loura believes that now might be the perfect time to establish visibility, control, and proper tooling and to take that next step in their digital evolution.


With its cloud-native platform, Tanium customers like Lumentum can perform all kinds of device management tasks, risk assessments and security practices with zero infrastructure at enterprise endpoint and data scale in a geographically distributed environment.

Try Tanium as a Service today.