Gaining organizational effectiveness
The four key organizational governance steps to maximizing the value that is delivered by Performance are as follows:
- Develop a dedicated change management process. See Change management.
- Define distinct roles and responsibilities. See RACI chart.
- Track operational maturity and operating metrics over time. See Operational metrics.
- Validate cross-functional alignment. See Organizational alignment.
Develop a tailored, dedicated change management process for endpoint performance monitoring activities, taking into account the new capabilities provided by Tanium.
- Create and integrate a Tanium-specific change management process with updated service-level agreements (SLAs) from identification to resolution of endpoint performance issues.
- Identify key resources in the organization to review and approve changes to endpoint performance requirements that ensure a minimal number of events per endpoint and align with an organizational-specific RACI chart.
- Align activities to key resources for Tanium-managed endpoint performance activities across IT Security, IT Operations, and IT Risk / Compliance.
A RACI chart identifies the team or resource who is Responsible, Accountable, Consulted, and Informed, and serves as a guideline to describe the key activities across the security, risk/compliance, and operations teams. Every organization has specific business processes and IT organization demands. The following table represents Tanium’s point of view for how organizations should align functional resources against endpoint performance. Use the following table as a baseline example.
|Task||IT Security||IT Operations||IT Risk/Compliance||Executive||Rationale|
Identify endpoint performance issue
|-||R/A||-||-||The operations team is responsible for identifying endpoint performance issues.|
|Troubleshoot endpoint performance issue||C||R/A||-||-||The operations team troubleshoots endpoint performance issues and consults with the security team on the troubleshooting process.|
|Scope the impact of performance issue||C||R/A||-||-||The operations team scopes the impact of performance issues and consults with the IT Security team on the scoping process.|
|Remediate affected endpoints||C||R/A||-||-||The operations team remediates affected endpoints and consults with the security team on the remediation process.|
|Ongoing monitoring||I||R/A||-||I||The operations team monitors for endpoint performance issues and informs the executive and security teams of results.|
|Reporting||I||R||-||A||The operations team is responsible for reporting, and the executive team is accountable for the task. The security team is informed of all reports.|
Managing an endpoint performance program successfully includes operationalization of the technology and measuring success through key benchmarking metrics. The four key processes to measure and guide operational maturity of your Tanium Performance program are as follows:
|Usage||how and when Tanium Performance is used in your organization; for example, is Performance the only tool or is it a supplemental tool for another legacy tool|
|Automation||how automated Tanium Performance is, and how well is it used in the automation of other systems|
|Functional Integration||how integrated Tanium Performance is, across security, operations, and risk/compliance teams|
|Reporting||how data from Tanium Performance is consumed by people and systems within the organization|
In addition to the key endpoint performance monitoring processes, the key benchmark metrics that align to the operational maturity of the Tanium Performance program to achieve maximum value and success are as follows:
|Executive Metrics||Performance Coverage||Endpoints with Critical Performance Events in the Past Day|
|Description||Returns the number of endpoints in each of these categories:
For steps to investigate endpoints that are categorized as Needs Attention or Unsupported, see Monitor and troubleshoot Performance Coverage.
For operating system and Tanium Client versions supported by Performance, see Requirements.
|The percentage of endpoints with a critical performance event in the last 24 hours. Critical performance events include system crashes, low disk capacity, and application crashes.|
|Instrumentation||Uses the Performance - Coverage Status sensor to determine the endpoints where Performance is optimal, needs attention, and is unsupported.||The number of endpoints that had a critical performance event in the past day divided by the total number of endpoints that are managed by Performance.|
|Why this metric matters||If Performance is not running on all of your endpoints, you do not have visibility into what problems they are having, which risks more downtime and less productivity for critical systems and end users.||
Teams should minimize the number of performance problems that users experience.
With this metric, you can get a complete view of end user experience by looking at both the fraction of endpoints experiencing performance problems and how many problems each of these endpoints experience.
Use the following table to determine the maturity level for Tanium Performance in your organization.
|Process||Usage||Performance configured||Performance used by exception to troubleshoot issues with individual endpoints||Performance used to troubleshoot issues with individual endpoints||Performance used to proactively and reactively troubleshoot issues; data from Performance occasionally drives strategic decisions and identifies cost efficiencies||Performance used to proactively and reactively troubleshoot issues; data from Performance often drives strategic decisions and identifies cost efficiencies|
|Automation||Manual||Manual||Manual||Partial automation to resolve end user problems on an ongoing basis||Partial automation to resolve end user problems on an ongoing basis|
|Functional integration||Functionally siloed||Occasionally consult with other teams to troubleshoot tickets||Multiple teams getting value from Performance data||Team uses Performance to troubleshoot and report on end user experience; Performance integrated with ITSM or Business Analytics tools||Multiple teams use Performance to troubleshoot and report on end user experience; Performance integrated with ITSM or Business Analytics tools|
|Reporting||Manual||Manual||Trends boards imported||Customized Trends boards; dashboards leveraged for reporting for IT Help Desk, End User Computing, and Operational Leadership teams||Customized Trends boards; dashboards leveraged for reporting for IT Help Desk, End User Computing, and Operational Leadership teams; automation|
|People||Key Resources||Tanium Admin||Tanium Admin; one additional team. For example, End User Computing, IT Help Desk, IT Service Management Teams||Tanium Admin; at least one additional team. For example, End User Computing, IT Help Desk, IT Service Management Teams||Tanium Admin; at least one additional team. For example, End User Computing, IT Help Desk, IT Service Management Teams; Executive Leadership / Operational Leadership||Tanium Admin; at least one additional team. For example, End User Computing, IT Help Desk, IT Service Management Teams; Executive Leadership / Operational Leadership|
|Technology||Key Technology||Core Platform, Performance||Core Platform, Performance||Core Platform, Performance, Trends, Tanium™ Connect||Core Platform, Performance, Trends, Connect, Tanium™ Deploy||Core Platform, Performance, Trends, Connect, Deploy|
|Percent of Endpoints with Events in the Past Day||>40%||31-40%||21-30%||10-20%||0-9%|
Successful organizations use Tanium across functional silos as a common platform for high-fidelity endpoint data and unified endpoint management. Tanium provides a common data schema that enables security, operations, and risk/compliance teams to assure that they are acting on a common set of facts that are delivered by a unified platform.
In the absence of cross-functional alignment, functional silos often spend time and effort in litigating data quality instead of making decisions to improve endpoint performance monitoring processes.
Last updated: 2/23/2021 2:15 PM | Feedback