May 04, 2017 Stuart Okin

Are the wheels coming off at Tanium?

Are the wheels coming off at Tanium?

There are times when nothing seems to go right for a company. Cybersecurity vendor Tanium – at least in terms of their public image – appear to be going through one of those periods.

Some of the bad press has been technical.  Specifically, the Wall St Journal reported (and the headline itself is reasonably self-explanatory) that Cybersecurity Startup Tanium Exposed California Hospital’s Network in Demos Without Permission.

It’s not a mistake 1E would make (something I had the opportunity to comment on to Security Week during their coverage of the controversy). Putting the specifics aside, however, if the wheels are, if not coming off this Silicon Valley darling, at least starting to rattle, it’s difficult to resist thinking have we been here before.

I certainly have. I’ve been in the security industry twenty years (and the IT industry a lot longer). Time and time again, a company emerges that claims it can tip the balance in the security wars in favor of the end users. These attract a lot of attention (and money) and then, five years later, everyone has forgotten all about them.

Meanwhile, as this cycle repeats itself anew, even while operating systems improve and ceaseless technical innovation takes place, enterprise security levels essentially remain the same.

The more I think about it, the more it seems to me that this pattern is down to certain deep-rooted tendencies within the security industry. It is, after all, the nature of all security (not just IT security) to get in the way: in the way of threats, of course, but inevitably of users as well – think of the lock on your front door.

The problem with IT security is that these locks and safeguards tend to be complicated. They typically require massive expenditures of time and money to implement, and once installed, add a riddling layer of complexity to essential business functions.

I’ve seen the results with my own eyes: discarded, expensive security hardware and software gathering dust at world famous corporations, because implementation and maintenance asked too much both of IT ops, and the business at large. You suspect some disparity between the number of security solutions sold – and the number implemented.

What, then, is going wrong? I think it’s that, while everyone’s looking for the total panacea, the one-pill cure to all security ills, they’re missing the basics. Security vendors will come from the viewpoint that security is the be all and end all. So if it wraps up more processing speed, if it uses more network bandwidth, if the impact is heavy on the end user, it doesn’t matter, because, security trumps all.

If you’re coming from an IT ops world – which is the backdrop for 1E – it’s almost diametrically opposed.

If 1E’s recent release Tachyon shifts this paradigm (and it does) it’s for this exact reason. In Tachyon, we have developed a solution that gives businesses the ability to question (if necessary) more than one million endpoints and to make vital changes in real time, not by seeking to replace a company’s infrastructure investments (be it in BigFix or SCCM) but by enhancing them. In addition, we developed Tachyon with other non-functional specs in mind. We wanted to make something incredibly quiet, resource light, and easy to use from an admin perspective. In order to prove all of this to ourselves – and our customers –  one of the first things our engineers did when they started developing Tachyon was develop a unique testing rig, a way of actually testing Tachyon on up to a million virtual devices.

Tachyon empowers IT operations, instead of burdening them, and we expect it to be helping to keep our customers secure long after the next earth-promising security start-up (and the next one) have come and gone.

Ultimately, endpoint detection and response technology does promise to enhance enterprise security. If you can see what’s happening in your software estate, and make changes in real time, that’s a big deal, and not just for security. But if you want to be sure that added insight and ability will become a daily reality for your business, you need Tachyon.