ARM Consulting Implements Customized Endpoint Management and Cybersecurity Platform Using Tanium

Over 20,000 devices were updated for a large-scale government operation in less than 3 months.




With almost 2,000,000 employees the federal government is one of the largest employers in the world that supports multifaceted constituents. Select government agencies are often charged with providing tiered level technology support. For example, one level of support might comprise of global storage and distribution services which requires the ability to remain modernized and nimble for a prompt socialization of new technology. Contractors who are selected to work with a government agency must uphold to a high standard of work ethic that embodies an agency’s core values.


For over 20 years, ARM Consulting has consistently secured government contract work. A most recent assignment required our expertise with pushing Tanium throughout an entire agency which consisted of over 20,000 computers within a 3-month time period. Tanium was not only new to the organization, but also a fairly new software to the IT community. There wasn’t a ton of readily available information on the usage, implementation, or known issues with the software.


Removing the Barriers to a Delayed Deployment


The client was almost two years out from an initial mandate required for asset visibility. Some of the delays centered around resistance from the internal team as there was a strong commitment to using the existing Endpoint Management software. With the Pandemic caused by COVID 19, it became even harder to track devices for the proper version of software—normally, all users are using client machines that are constantly connected to the network. However, in this scenario, the users’ primary machine is now located in their home and only connected to the network during times they are working.


ARM was faced with two challenges a short term roll out combined with overall resistance to new software.

Given the sense of urgency, the ARM Tech team immediately sprang into action. Our first course of action was to aggregate all resources needed in order to start training on the software. In turn, our team coordinated trainings for systems engineers and various departments to help share what we learned. We immediately established an onsite presence where we were able to stand up the software as quickly as possible. Within one week, ARM Tech was able to initiate user permissions for the organization.


Our team had to take into consideration that the client had multiple networks. ARM Tech set up Tanium to track all files and applications on the client networks and then configured the interface with the appropriate settings to push vendor updates to the entire enterprise. In addition, we fine-tuned sensors to track any network compromises in real time. In turn, we were able to start solving everyday problems such as patching systems, pushing scripts to ‘non-essential’ machines, creating real time reports with the new software.


From Skepticism to Embracing Technology Advancement


Even though Tanium introduced brand new functionality from a cybersecurity standpoint, the majority of system administrators didn't initially embrace the software tool. Their main concern was that Tanium would replace and or not live up to the capabilities of existing Endpoint Management tools. ARM addressed all concerns by reiterating that Tanium is an all-in-one Endpoint Management and cybersecurity tool that complements existing applications. From our perspective, we reassured the client that the tool is specifically designed to advanced workflows and capable of managing thousands of clients throughout an enterprise network.


Several members of the ARM Tech team were among the first 500 candidates to achieve the elite Tanium Certified Operator (TCO 500) Certification.

A Proactive Approach


In addition, to successful implementation, ARM Tech was able to the meet the required deadline. The client is now able to use the software to reactively check for network intrusions in real time, and proactively check for risky computer or user behavior (i.e., abnormal software processes and user activity). Other benefits that the agency now experiences include enhanced speed, cybersecurity tools, simple user interface, 'real language' reporting, along with the fact that Tanium is a fun and powerful Endpoint Management tool that makes any computer administrator job much simpler.

ARM Tech is in position to provide ongoing support for the implementation with our current efforts focused on the following:


  • Continue work with the Technical Account Managers to test new features and capabilities for Tanium inside the contract defense space.

  • Create knowledge base articles on Tanium usage and what benefits the platform can provide and how it can be used to complement and not replace existing Endpoint Management applications and hardware.

  • Organize technical sessions with existing SCCM staff to bring them up to speed on the new technology.

  • Present to leadership solutions utilizing Tanium that will improve and enhance existing processes within the government agency.


ARM Tech’s Elite TCO 500


Several members of the ARM Tech team were among the first 500 candidates to achieve the elite Tanium Certified Operator (TCO 500) Certification. Because our assigned consultants are Tanium Certified Operators, they are currently the designated SMEs on the platform and ensure that the right configurations are being implemented for every part of the software. ARM Tech presently serve as advisors between the department and the government agency.



Lets Continue the Discussion


For information about ARM Consulting visit https://www.ARMconsultingonline.com/ARM-tech. Interesting in learning more, contact Susan Phin at sphin@armconsultingonline.com to schedule an information session.