Egon Rinderer, global VP-enterprise services and Federal CTO at Tanium, hasn’t missed much in his 28 years in the IT world. Before joining Tanium six years ago, he notched engagements all along the industry spectrum as CIO, entrepreneur, chief technical liaison to the intelligence community at Intel, plus an eight-year hitch in the U.S. Navy & JSOC.
We got in touch with Rinderer a few weeks into his current home-bound stretch courtesy of the coronavirus pandemic to get his take on what large organizations – both public and private sector – can do to manage the quick turn to remote workforces, and the challenges that presents. Here’s how Rinderer is mapping out a straight-line path to enabling telework, relieving resulting network congestion, taking care of basic security hygiene, and then tackling security issues that spring from looser BYOD restrictions.
MeriTalk: We are working from home, how about you?
Rinderer: Yeah, like most of the world, I am homebound now, which is quite a change from what was 90-plus percent travel. But I’m having an epiphany in that I think I’m working at 120 percent productivity by not having to travel and spend time with the logistics of travel, going to airports, getting on planes, and checking into hotels.
MeriTalk: In the current climate, what can the Federal government do right now on the tech front to better sustain or improve service to citizens, and also service to its workforce.
Rinderer: There are some very simple things that I think go overlooked because of the kind of design and architecture that has gone into IT infrastructure predating this whole crisis, and that would look very different if they were designed with a pandemic in mind.
The first is we have taken a very binary approach to the way that we set up communications and endpoints when they’re on premise. The numbers vary across industry, but generally people plan for between two percent to four percent of their workforce to be remote. Some plan for almost entirely remote work, but not many. But in many cases, telework has ramped up to 80 percent to 90 percent of the workforce. Nobody planned for this if you look at business continuity plans, so the infrastructure is not designed to handle it. When everyone went remote, the first task was a lot of firefighting to accommodate that.
You’re doing your customer – and if that’s a government customer, the citizens – a disservice if you’re not looking ahead at what is coming, and dealing with getting people basic connectivity. We’ve got to figure out how to alleviate congestion on VPN concentrators and firewalls, but then you have to look at the fundamental design that we use in day-to-day IT operations and security.
If you look at what most large enterprises were struggling with before this crisis hit, it was the basic blocking and tackling of endpoint hygiene, keeping systems patched, and keeping them in compliance. That’s been the problem for decades. So after we get everyone remote connectivity, we’ve got to figure out how we do that basic blocking and tackling that was already challenging us to begin with. And you may have to do that on a VPN that is already massively overloaded just by sheer volume, and you may be recreating a connectivity problem with all the security and management traffic that also has to go over that connection.
Taken together, the net effect of all of this on attack surface and overall security is significant, especially when you take into account BYOD (bring your own device) use which in some cases is being eased even in the Federal space. On that last point, the ability to download protected information to a personally owned device for which we have no idea of the security posture or hygiene – that poses a pretty significant security problem.
MeriTalk: More so in government or the private sector?
Rinderer: We’re seeing more of the BYOD problem in the commercial space. In the Federal space it has much more to do with the first follow-on problem to establishing telework – which is getting back to blocking and tackling on patching systems, checking compliance, and checking security posture. But now we have to do all of that across an already congested network.
There are very simple things that can be done to alleviate that congestion, that’s what we’re trying to help customers do first and foremost. There are very simple things that you can do to move management traffic off of the VPN. There’s no reason that needs to be pushed through the VPN – in our case we can use a second method of delivery that just uses the internet connectivity that the end-user has when they’re remote. It’s still secure, but it’s pushed through a secure channel outside of the VPN so that VPN infrastructure doesn’t get loaded down with management traffic.
MeriTalk: What do you think Federal government tech leadership should be doing over, say, the next six months to best position for pandemic recovery?
Rinderer: I want to be absolutely explicit – this is not a purely elastic situation. It’s not going to just snap back to the way it was when we recover. I think we are going to see some irreversible change in the way we conduct business.
It’s very simple – peoples’ eyes have been opened. Humans tend to build organizational structure and process around assumptions and will defend those for a long time. What’s interesting is when that assumption gets blown out of the water, as has happened in the case of working onsite versus working remotely. Now you have both parties’ eyes open, and they can both see the ability to save a lot of money on overhead, and maybe gain a lot of productivity too. You might be able to cut real estate footprints in half, for instance.
So in the next six months or however long until a full recovery, we have to look at how do we take the traditional tools and processes that we’ve used to work onsite and extend those capabilities so that they are similar if not the same when the end user is remote. It’s unfortunate but there are an awful lot of solutions out there today that simply can’t do that. So I think you’ll see an awful lot of old guard software get challenged in this new environment and fail. I don’t mean that like I’m poking anybody – that is the reality of business when you have some sort of forcing event, there’s a culling of the herd.
The other thing that you’ll see is customers demanding capabilities that can fit the new paradigm, and that’s good, that is how innovation happens and how positive change takes place. Historically, tradition has justified inefficiency, but when something like this happens then you as a leader have to justify inefficiency. There are very few people on this planet who want to be that person.
MeriTalk: What can your company do right now and over the next several months to help the Federal government get ready for the recovery?
Rinderer: We’ve already done a tremendous amount of work on the immediate responses to what customers need to do now and over the next several days. If you were to sit in our meetings you would hear me say that first and foremost we need to take work off the plate of the IT operations staff – and that means making sure that remote employees can be as productive as usual regardless of the fact they are not sitting on site.
If you are already our customer, we build a runbook that gives step-by-step instructions on how to move management traffic out of your VPN, and we assign you a Technical Account Manager (TAM) to help. Step two is addressing the new problem of making sure that those basic hygiene and security functions are working properly on your now majority-remote assets, some of which may be personally owned devices. Let’s see what we can do for you in terms of taking on additional load, what are the fundamental blocking and tackling aspects that Tanium can handle for you if you have another platform that’s incapable of doing so with remote assets. There’s a whole bunch of legacy platforms out there that simply can’t address the problem.