A few weeks ago, I had the opportunity to attend the Tanium Converge conference in Austin, Texas. There’s been a lot of buzz around Tanium in the industry lately, especially with the company’s recent partnership with Microsoft, its software bill of materials (SBOM) release, and continued marketing of a new term: converged endpoint management, or XEM. Any time there’s a new industry acronym at play, it’s time for industry analysts to step back and ask a simple question: Is this trend real, or is it just marketing? I made it my mission to meet with as many customers at Converge as possible to find out.
So What Is XEM?
XEM is an emerging concept that involves unification of endpoint management and security operations at the tool, organizational, and process level. While Forrester has not formally used the term converged endpoint management, we have been writing about the benefits of a unified endpoint management and security strategy since 2020. The movement to bring the two together has always been nascent, but the more I talked to customers at Converge, the more momentum I can see building around a dedicated XEM technology market. Over the course of two days at the conference, I spoke with or heard from 10 Tanium customers who explained the benefits of XEM:
- A common source of truth on the endpoint. Historically, endpoint management and endpoint security professionals leverage two separate platforms to manage endpoints. Conflicting data from each of these tools creates complexity, confusion, and infighting between IT and security. As the deputy director to the United States Marine Corps’ CISO said on stage, “The technology has not allowed us to remain siloed. It’s harder to stay siloed than to just converge.”
- A faster remediation process when vulnerabilities appear. Because these capabilities are available in a single platform, remediation is much easier to achieve because IT and security pros do not have to integrate systems via APIs or customization. One common example: If security pros find a vulnerability on one endpoint, they automatically roll out a patch to every other endpoint that has that vulnerability. This is one of the main benefits of XEM according to the CISO of Aon, who commented that auto-remediating Log4j wherever it existed in the environment effectively paid for the licensing costs of Tanium.
- Displacement of third-party point solutions to drive cost savings. XEM tools eliminate complexity and licensing costs from third-party point solutions. One manager of network and security at a large school district commented that he had replaced his former endpoint management and vulnerability management tool with Tanium.
XEM Is Not All Hype, But It Will Encounter Significant Challenges
While customers are excited about the prospect of XEM, they’re mostly in the beginning stages. Tool consolidation is typically a first step, but challenges around organizational convergence still exist. As one director of enterprise security at a large retailer commented, “IT ops still sees security as the adversary.” To fully embrace an XEM strategy, it’s clear that IT and security pros can’t simply invest in a tool — they must also embrace a mindset shift and start working collaboratively. This will prove difficult, if not impossible, in some organizations.
Above All, XEM Compels Us To Master The Basics
While XEM customers typically are in the beginning stages of tool and people convergence, it is forcing IT and security professionals to work together to solve nuts-and-bolts converged endpoint management issues. By far, the most common conversations I had were with excited customers who finally had solutions to some of their most difficult and long-standing endpoint management challenges, such as:
- Endpoint visibility. Not knowing how many endpoints you have is a surprisingly common problem for enterprises today, especially with the explosion of both corporate-owned and personally owned devices at home. As one large retailer that’s now using Tanium to improve visibility remarked on stage, “We couldn’t answer the question: ‘What is on my network?’” Why is this a problem? If you don’t know what’s in your environment, you can’t protect it — period.
- Patch management. It’s one of those tasks that nobody wants to do, but it’s essential. The mundane nature of patch management is just one reason why it takes an average of 205 days for an organization to patch a vulnerability, according to Tanium. One of the USA’s large automotive retailers took the stage and told its story of having hundreds of thousands of patches that were missing. With Tanium, the retailer now has a first patch success rate of 99%.
- Compliance. CIOs often must report rough estimates of endpoint numbers to regulatory bodies for compliance reasons because they don’t have an accurate representation of the number of endpoints in their environment. Imagine if a CFO had a rough estimate of fourth-quarter revenue — they wouldn’t last long. One US-based professional services firm with over 100,000 employees set compliance rules within Tanium to meet 99.9% compliance while saving 75% of networking and hosting costs.
While patch management and compliance aren’t the sexy topics in end-user computing today — like digital employee experience, modern management, and XEM are — they solve real challenges. They’re also foundational capabilities to master before tackling the more difficult problems, such as end-user experience management. So before your organization builds your endpoint management strategy for 2023 with all the new bells and whistles, ask yourself two questions:
- Do we know what assets are in our environment?
- Is our patch success rate at least 95%?
If not, it’s time to brush up on your endpoint hygiene.