Having been in the industry for the past 30 years, I have seen and continue to see technological advancement that rivals anything that a reasonable person could have predicted. Yet, in all of this time, it seems that we still struggle with the fundamentals. When our industry was recently challenged by the majority of our workforce moving from on-premises to remote, many large enterprises struggled to meet the demands that this shift imposed. One has to wonder: Is this because our infrastructure is insufficient or could there be other underlying causes that exacerbate what would otherwise be a simple uptick in resource consumption?
Endpoint management and security in the age of distributed workforce
Certainly in the past weeks we’ve seen a great many examples in which even the newest, highest-performing infrastructure falls short of meeting demand. Upon deeper inspection, some of this has been due to simple misconfigurations or improper deployment. That said, this tends to be the exception. In the majority of cases, what I’ve seen has been legacy equipment that simply cannot meet the demand of providing remote connectivity to an 80 to 90% distributed workforce. Furthermore, once that workforce has been provided connectivity, the vast majority of tools and platforms that are in place to service, maintain and secure those endpoints cease to function properly when the endpoints are no longer located on the local enterprise network.
Legacy systems and tools are failing
It may seem puzzling that in 30 years’ time our industry has not done a better job of building tooling and instrumentation that supports and enables the innate portability computing resources that we all enjoy today. Yet here we are with a vast number of enterprise IT organizations that are unable to perform basic blocking and tackling on their compute endpoints simply because they’ve moved off of the corporate LAN. I would maintain that this problem exists in large part because, rather than truly innovate as an industry, we have chosen to instead simply add features and functions to existing legacy technologies and in doing so, we’ve carried forward their innate limitations. Most corporate enterprise IT organizations still perform basic hygiene functions using tools that were created at a time when the concept of a portable computer was in its infancy and the idea of a truly remote employee who had full functionality regardless of where they were located was nonexistent. The capabilities that now serve these remote systems are simply bolt-ons to the legacy platforms and they’re now failing under pressure.
So now we are left with a situation in which the majority of our workforce is operating remotely, the tools that we use to manage, maintain and secure these endpoints are unable to function and our attack surface has exploded in size and operates completely outside the protective boundary of the enterprise network. Endpoints are now exposed on home and otherwise uncontrolled public networks and the only visibility and control that can be garnered is during the time that they’re connected to the corporate VPN. Outside of that, we’re blind.
Tanium was built for this
A little over 10 years ago, Tanium saw this problem and decided to do something about it. We started with a clean slate and set out to first rewrite the book on how endpoint communications at speed and at scale happens. Before talking about how we would use this capability, we first talked about the capability itself and how it might be improved by discarding the status quo and starting anew. We set out to create a new protocol and communications framework which allowed for real-time communication between a management server and any number of managed endpoints, without regard for their location. Once this new communication framework was in place, it was then relatively easy start layering capabilities upon it. The benefit to this approach is that it does not require new endpoint agents or additional infrastructure as these capabilities are added as they simply leverage this novel, unified communication layer. Whether patching, compliance, security or software deployment, they all benefit from the speed and scale of the core Tanium communication model and the power it brings to bear. This fundamentally rewrites the book on the efficacy and speed with which these basic hygiene blocking and tackling functions can be performed and the speed and agility with which security response, remediation and containment operations can be conducted.
The answer is unified endpoint management and security
The benefit of having a platform which is unified around all of these functions must not be underestimated. The ability to pivot from awareness to action in seconds rather than hours, days or weeks is transformative. Having a comprehensive context of a security event, not just what happened but how it happened with full situational ancestry at your fingertips turns incident response into a real-time affair.
It is this idea of developing shared consciousness among the many disparate teams in enterprise IT that seems to have evaded so many vendors in our space. How much effort and investment has been spent in coming up with the Next Generation or the next exclusive feature. It seems that as an industry we’ve lost sight of the fact that without a simple shared consciousness and the ability to benefit from an authoritative, timely and accurate source of truth, all else is tilting at windmills.
Today we find ourselves in an environment with risks and pressures from which historically we’ve simply isolated ourselves through regulation and rigid processes. Overnight we found this upended in order to keep our employees communicating and productive. We cannot simply accept the risk this brings and excuse doing so by leaning on the fact that the entrenched, legacy tools and platforms that we have in place lose efficacy with a highly distributed workforce. There are better ways of doing things and Tanium is leading the way. We’ve re-written the book on real-time endpoint communication at massive scale with minimal infrastructure. We’ve built class-leading solutions for major security and operations practice areas which leverage this communication layer in order to help our customers solve persistent problems fast and effectively in an ever-changing environment.