Too often, endpoint management and security end up in a tangle. Integration offers a way out.
Where there are too many tools, integration offers a consolidated suite. Where there are complex interfaces, integration offers a simple, single pane of glass. And where high costs and time-consuming activity drags you down, integration offers greater efficiency and lower costs.
The integration solution was highlighted during Day 2 of Tanium Converge 2022. The company’s annual conference for global IT and security professionals is being held this year in Austin, Texas.
That included a presentation by Tanium’s chief product officer, Nic Surpatanu, who focused on the new integration of Tanium with Microsoft Sentinel, Azure Active Directory and other related tools.
“Partnerships are the key to the integrations you need,” Surpatanu told the Converge ’22 audience, which included both hundreds of live attendees in Austin and thousands of online attendees around the world. “This can transform how you manage and secure your entire software estate.”
That was backed up by a demo from Tanium product management director Chris Ochynski. He showed how a company could use Azure Active Directory to detect an unpatched, at-risk device with an unpatched browser; limit the device’s access to key systems with Sentinel and Tanium; and then use Tanium’s integration with ScreenMeet to show the user how and why their browser was patched.
The importance of integration was on display again with a panel of Tanium partners. The panelists were led by Rob Jenks, Tanium’s senior VP of strategy and business development, and they included executives from AWS, Salesforce and Mandiant. Together, they discussed what Jenks described as the main benefit from pre-integrated solutions: “You don’t have to figure it out yourself.”
That’s helping Salesforce serve one of its premier customers, Cracker Barrel, which runs over 660 restaurants. As Rondi Mertes, VP of product management at Salesforce, told the audience, Cracker Barrel needed to transform the employee experience. Staff was spending too much time on the phone with IT support, and not enough time with customers. Using Tanium products, Salesforce was able to channel real-time data about Cracker Barrel’s restaurant systems to the support team, and also allow them to remediate at-risk systems on the fly. Even better, the new setup was implemented in a mere four months. “Our partnership with Tanium was key,” Mertes said.
Integrating the Tanium component has also helped Mandiant, the provider of a SaaS-based threat intelligence platform. Mandiant has partnered with Tanium to combine IT operations and security data for its customers. The goal: provide customers with real-time information they can use to drive decisions. Powered by Tanium’s approach, Mandiant has reduced its response times from days to hours, explained Teddy Powers, the company’s senior manager of technical alliances.
A different kind of integration was on the mind of Erik Gaston, Tanium’s VP of global executive engagement. “We’ve been through massive disruption and change,” he said, referring to the pandemic. “Now how do we put things back together?”
Gaston posed that question to a panel of Tanium customers that included security executives from the U.S. Marine Corps (USMC), Hermès and professional-services firm Genpact.
It may not be easy to imagine a Marine working from home, but during the pandemic many of USMC’s civilian staff did just that. That required the Marines to move to the cloud, adopting Microsoft 365, and using Agile software development.
Attendees looking for hard numbers on endpoint management and security got them with a presentation by Michael Suby, a research VP at market watcher IDC. Suby specializes in endpoint management and security, and he came with numbers aplenty.
Suby began with a simple statement: Endpoint security is big business. How big? How’s $10.3 billion worldwide last year, a year-on-year jump of nearly 30%? Why so large? “It’s cause and effect,” Suby answered. “As organizations become more digitally dependent, criminals see new opportunities for making money.”
Suby doesn’t expect that to change anytime soon. That’s why IDC predicts endpoint security sales will rise by a compound annual growth rate (CAGR) of 15% over the next four years.
Suby also lent support to Tanium’s new focus on converged endpoint management (XEM). In an IDC survey of more than 1,500 professionals at large (500+ employees) organizations, virtually all respondents (95%) said they were at least somewhat aware of the XEM concept. And nearly a quarter (23%) said they were not only very familiar with XEM, but also have put it into operation to some degree.
“Their goals,” Suby added, “are both reducing operational complexity and improving cybersecurity. These go hand-in-hand.”
Managed security, too
The day’s final panel looked at another aspect of endpoint management and security: Getting help from managed service providers (MSPs).
In the past, companies bought technology and ran it themselves. Not anymore. To back up this claim, Todd Palmer, Tanium’s senior VP of partner sales, cited an industry estimate: Fully two-thirds of companies either secure their endpoints with help from an MSP now or will in the next 12 months.
To get more insights into this new trend, Palmer led a panel with representatives from Capgemini, EY, NTT Corp. and Novacoast Inc. Reflecting the industry’s global reach, panelists came from as far away as Australia, Netherlands and Spain.
One thing they agreed on: Offering managed security services is a tough business. “We have to get it right every day,” said Sebastiaan de Vries, cybersecurity leader at Capgemini. “The attacker only has to get it right once.”
Tanium helps. Capgemini initially used Tanium as a lightweight tool stack to help after an attack. “Then we thought, why not keep the agent around after the attack?” de Vries said. Indeed, Capgemini now uses Tanium for vulnerability scanning and monitoring, patching, software deployment and other ongoing tasks.
MSPs also have to be flexible, and Tanium is helping them here, too. “Consulting is not a one-size-fits-all business,” said Jordi Juan Guillem, a partner at EY. “We customize our services for each client, and for help with that, Tanium’s flexibility is great.”
Tanium is also helping some of EY’s clients free their employees from boring but important tasks, allowing them to instead work on higher-value work. Guillem says automating patching, software management and other mundane tasks with help from Tanium can free up three or four full-time employees. “That’s significant,” he said, “especially with so many companies struggling to attract, hire and retain security talent.”
Working globally also means MSPs must be able to help clients comply with their local regulations. One example is Australia’s “Essential Eight,” a series of strategic recommendations for preventing cyber-incidents. Chafic Abdallah, director of products and services at NTT, has worked with clients in Australia, and he says most of the country’s guidance is in line with Tanium’s capabilities. “We use Tanium to report on the client’s posture against these recommendations, as well as to identify their gaps and risks,” he said.
Filling those gaps matters, too. Jon Poon, VP of security services at Novacoast, a provider of security-based services, turned to Tanium after realizing that helping clients detect vulnerabilities wasn’t enough. They also needed the ability to fix them. “We needed a tool that does both detection and the fix,” Poon said. “Tanium is one of the only tools that can do that.”
Weak vs. strong links
Bestselling author Malcolm Gladwell closed the Day 2 keynotes with a thought-provoking presentation. After starting with several anecdotes that he admitted might sound like digressions, Gladwell tied up the various strands with a discussion of what he called weak-link and strong-link models.
A good example of a strong-link activity, Gladwell explained, is basketball. In that sport, a team with just two or three superstars can dominate the field, even if the remaining team members are poor. By contrast, soccer is an example of a weak-link activity. Mistakes matter, so the weak links can lead to losses. Also, soccer is highly interactive, meaning even a superstar can’t compensate for an otherwise poor team.
To be sure, Gladwell had more on his mind than basketball and soccer. “Where is our economy going?” he asked the audience. “I think the evidence points to a weak-link model. That’s where complexity and technology are taking us.”
Bringing the message closer to home for the Converge 2022 attendees, Gladwell asserted that IT operations and security worlds are moving in this direction, too. In the past, security meant defending a small number of big, centralized systems. Now it means defending tens of thousands of screens, each a potential point of vulnerability.
“That’s the challenge of the modern world,” Gladwell concluded. “We’re not playing basketball anymore. We’re playing soccer.”
You can watch this keynote and all the other content from Converge on demand. Get registered here to check out keynotes, breakouts, and more.