Gaining organizational effectiveness
The three key organizational governance steps to maximizing the value that is delivered by Connect are as follows:
- Develop a dedicated change management process. See Change management.
- Track operational maturity. See Operational metrics.
- Validate cross-functional alignment. See Organizational alignment.
Develop a tailored, dedicated change management process for patch management, taking into account the new capabilities provided by Tanium.
- Update SLAs with elevated expectations, including connection configuration and maintenance.
- Identify key resources in the organization to review and approve changes to connection requirements to ensure minimal unexpected or unapproved changes.
- Identify internal and external dependencies for connections from Tanium sources to destinations (example: creating or updating database tables before sending data to a database).
- Identify maintenance windows for various connection management scenarios to maximize connection uptime.
- Create a Tanium steering group (TSG) for connection activities, to expedite reviews and approvals of processes that align with SLAs.
Successful organizations use Tanium across functional silos as a common platform for high-fidelity endpoint data and unified endpoint management. Tanium provides a common data schema that enables security, operations, and risk/compliance teams to assure that they are acting on a common set of facts that are delivered by a unified platform.
In the absence of cross-functional alignment, functional silos often spend time and effort in litigating data quality instead of making decisions to improve patch management.
Managing a program to export data from Tanium sources to destinations successfully includes operationalization of the technology and measuring success through key benchmarking metrics. The four key processes to measure and guide operational maturity of your Tanium Connect program are as follows:
|Usage||how and when Tanium Connect is used in your organization|
|Automation||how automated Tanium Connect is|
|Functional Integration||how integrated Tanium Connect is, across IT security, IT operations, and IT risk/compliance teams|
|Reporting||how automated Tanium Connect is and who the audience of connection reporting is|
Use the following table to determine the maturity level for Tanium Connect in your organization.
|Process||Usage||Tanium Core Platform and Connect installed||Basic connections configured and running, such as sending data to a File or Email destination||Configuration fine-tuned, such as memory consumption or memory usage||
||Advanced connections configured and running, such as integrations with third-party applications (Splunk, ITSM solution, SQL Server)|
|Automation||Manual||Manual||Scheduled connections||Scheduled connections listening to event-based sources||End-to-end workflow established to take action, such as alerting or remediation to a third-party application|
|Functional integration||Unused||AWS S3 or File destination configured, for example||
||Using export files, or integrated event forwarding and emails||Connect integrated with a third-party application (Splunk, ITSM solution, SQL Server)|
|Reporting||Unused||Ad hoc; Reporting tailored to stakeholders at request||Consistent; Reporting tailored to stakeholders on cadence||Automated; Reporting tailored to stakeholders ranging from Operator to Executive||Automated; Reporting tailored to stakeholders ranging from Operator to Executive|
Last updated: 1/21/2022 1:10 PM | Feedback