Tool Sprawl Threatens Post-Pandemic Security

<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <meta name="channel" content="endpoint_microsite"/> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Tool Sprawl Threatens Post-Pandemic Security | Tanium</title> <meta name='robots' content='max-image-preview:large' />  <meta name="description" content="Tool sprawl and the use of rogue software by remote workers has become a major concern for security teams. CISOs have devised ways to improve IT visibility." /> <meta name="robots" content="index, follow" /> <meta name="googlebot" content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1" /> <meta name="bingbot" content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1" /> <link rel="canonical" href="https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/" /> <meta property="og:locale" content="en_US" /> <meta property="og:type" content="article" /> <meta property="og:title" content="Tool Sprawl Threatens Post-Pandemic Security | Focal Point" /> <meta property="og:description" content="Tool sprawl and the use of rogue software by remote workers has become a major concern for security teams. CISOs have devised ways to improve IT visibility." /> <meta property="og:url" content="https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/" /> <meta property="og:site_name" content="Tanium" /> <meta property="article:modified_time" content="2024-09-27T18:05:17+00:00" /> <meta property="og:image" content="https://www.tanium.com/wp-content/uploads/Tool_Sprawl_IT_Visibility_feature-scaled.jpeg" /> <meta property="og:image:width" content="2560" /> <meta property="og:image:height" content="1707" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:description" content="Tool sprawl and the use of rogue software by remote workers has become a major concern for security teams. CISOs have devised ways to improve IT visibility." /> <meta name="twitter:creator" content="@Tanium" /> <meta name="twitter:site" content="@Tanium" /> <script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"Organization","@id":"https://www.tanium.com/#organization","name":"Tanium Inc","url":"https://www.tanium.com/","sameAs":["https://twitter.com/Tanium"],"logo":{"@type":"ImageObject","@id":"https://www.tanium.com/#logo","inLanguage":"en-US","url":"https://www.tanium.com/wp-content/uploads/Tanium-Logo.jpg","width":250,"height":45,"caption":"Tanium Inc"},"image":{"@id":"https://www.tanium.com/#logo"}},{"@type":"WebSite","@id":"https://www.tanium.com/#website","url":"https://www.tanium.com/","name":"Tanium","description":"Unified Endpoint Management and Security","publisher":{"@id":"https://www.tanium.com/#organization"},"potentialAction":[{"@type":"SearchAction","target":"https://www.tanium.com/?s={search_term_string}","query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/#primaryimage","inLanguage":"en-US","url":"https://www.tanium.com/wp-content/uploads/Tool_Sprawl_IT_Visibility_feature-scaled.jpeg","width":2560,"height":1707,"caption":"Image for What is Cyber Resiliency blog post"},{"@type":"WebPage","@id":"https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/#webpage","url":"https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/","name":"Tool Sprawl Threatens Post-Pandemic Security | Focal Point","isPartOf":{"@id":"https://www.tanium.com/#website"},"primaryImageOfPage":{"@id":"https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/#primaryimage"},"datePublished":"2021-04-09T13:40:17+00:00","dateModified":"2024-09-27T18:05:17+00:00","description":"Tool sprawl and the use of rogue software by remote workers has become a major concern for security teams. CISOs have devised ways to improve IT visibility.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/"]}]}]}</script>  <link rel="alternate" type="application/rss+xml" title="Tanium » Tool Sprawl Threatens Post-Pandemic Security Comments Feed" href="https://www.tanium.com/blog/tool-sprawl-threatens-post-pandemic-security/feed/" /> <script type="text/javascript"> /* <![CDATA[ */ window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/www.tanium.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.6.1"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); /* ]]> */ </script> <style id='wp-emoji-styles-inline-css' type='text/css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='wp-block-library-css' href='https://www.tanium.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1' type='text/css' media='all' /> <link rel='stylesheet' id='cloudflare-stream-block-style-css-css' href='https://www.tanium.com/wp-content/plugins/cloudflare-stream/dist/blocks.style.build.css?ver=1732023324' type='text/css' media='all' /> <style id='classic-theme-styles-inline-css' type='text/css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css' type='text/css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='sti-style-css' href='https://www.tanium.com/wp-content/plugins/share-this-image/assets/css/sti.min.css?ver=1.81' type='text/css' media='all' /> <script type="text/javascript" src="https://www.tanium.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script> <script type="text/javascript" src="https://www.tanium.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script> <link rel="https://api.w.org/" href="https://www.tanium.com/wp-json/" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://www.tanium.com/xmlrpc.php?rsd" /> <link rel="alternate" title="oEmbed (JSON)" type="application/json+oembed" href="https://www.tanium.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.tanium.com%2Fblog%2Ftool-sprawl-threatens-post-pandemic-security%2F" /> <link rel="alternate" title="oEmbed (XML)" type="text/xml+oembed" href="https://www.tanium.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.tanium.com%2Fblog%2Ftool-sprawl-threatens-post-pandemic-security%2F&format=xml" /> <script type="text/javascript">var tnAnnouncements = null;</script><link rel="icon" href="https://www.tanium.com/wp-content/uploads/Tanium-LogoBug-FullColor-Positive.png" sizes="32x32" /> <link rel="icon" href="https://www.tanium.com/wp-content/uploads/Tanium-LogoBug-FullColor-Positive.png" sizes="192x192" /> <link rel="apple-touch-icon" href="https://www.tanium.com/wp-content/uploads/Tanium-LogoBug-FullColor-Positive.png" /> <meta name="msapplication-TileImage" content="https://www.tanium.com/wp-content/uploads/Tanium-LogoBug-FullColor-Positive.png" /> <link rel="profile" href="https://gmpg.org/xfn/11"> <link rel="shortcut icon" type="image/x-icon" href="/wp-content/themes/main/lib/images/favicon.ico"> <link rel="stylesheet" href="/wp-content/themes/main/lib/css/main.min.css?v=1729014581675"> <link rel="alternate" hreflang="en" href="https://www.tanium.com" /> <script type="text/javascript" src="https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=e698feba-f0de-468a-83f1-bf0232933208&;domain=tanium.com"></script> <script>dataLayer = [];</script>  <script type="text/javascript" src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" charset="UTF-8" data-domain-script="e9402123-3305-4faf-a19d-33c1001ceae4"></script> <script type="text/plain" class="optanon-category-C0004"> // channel based gtm event for blog if ($('meta[name=channel]').length > 0) { if ($('meta[name=channel]').attr('content') == 'endpoint_microsite') { window.dataLayer = window.dataLayer || []; window.dataLayer.push({ 'event': 'Focalpoint', 'endpointUser': 'Focalpoint' }); } else if ($('meta[name=channel]').attr('content') == 'videos') { window.dataLayer = window.dataLayer || []; window.dataLayer.push({ 'event': 'Video', 'user': 'Video' }); } else { window.dataLayer = window.dataLayer || []; window.dataLayer.push({ 'event': 'Blog', 'user': 'Blog' }); } } // google tag manager (function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' }); var f = d.getElementsByTagName(s)[0], j = d.createElement(s), dl = l != 'dataLayer' ? '&l=' + l : ''; j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-TZH48C'); </script> <script type="text/plain" class="optanon-category-C0004"> // salesloft (function (i, s, o, g, r, a, m) { i['SLScoutObject'] = r; i[r] = i[r] || function () { (i[r].q = i[r].q || []).push(arguments) }, i[r].l = 1 * new Date(); a = s.createElement(o), m = s.getElementsByTagName(o)[0]; a.async = 1; a.src = g; m.parentNode.insertBefore(a, m) })(window, document, 'script', 'https://scout-cdn.salesloft.com/sl.js', 'slscout'); slscout(["init", "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTQxM30.KDvCKcLyrBrediTrrImmGVuMF59bwudi5gnA8DmWTH8"]); </script> <script type="text/plain" class="optanon-category-C0004"> // kickfire var kftwiq; var kftwiqpg; var kfTWIQ = "14328"; var Hst = document.domain; kftwiniq = new Image(); kftwiqpg = encodeURIComponent(document.URL); kftwiniq.src = '\/\/twin-iq.kickfire.com\/twin.php?TWIQ=' + kfTWIQ + '&kftwiqpg=' + kftwiqpg + '&Hst=' + Hst + '&r=' + Math.random(); </script> <script type="text/plain" class="optanon-category-C0004"> // 6sense window._6si = window._6si || []; window._6si.push(['enableEventTracking', true]); window._6si.push(['setToken', '17d7d44a4ba87616376ff65e2062f037']); window._6si.push(['setEndpoint', 'b.6sc.co']); (function() { var gd = document.createElement('script'); gd.type = 'text/javascript'; gd.async = true; gd.src = '//j.6sc.co/6si.min.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(gd, s); })(); </script> <script type="text/plain" class="optanon-category-C0003"> // pathfactory (function (j, u, k, e, b, o, x) { j[b] = j[b] || function() { (j[b].q = j[b].q || []).push(arguments) }, j[b].l = 1 * new Date(); o = u.createElement(k), x = u.getElementsByTagName(k)[0]; o.async=1; o.src = e; x.parentNode.insertBefore(o,x) })(window, document, 'script', 'https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js', 'lbhq'); lbhq('create', 'LB-9ACB3B45-10761'); </script> <script type="text/plain" class="optanon-category-C0004"> // fullcircle fcdsc.trackingOptOut(); fcdsc.trackingOptOut(true); fcdsc.trackingOptIn(); </script>  </head> <body>  <div class="skip-content "> <a href="#content">Skip to content</a> </div>   <noscript> <iframe src="https://www.googletagmanager.com/ns.html?id=GTM-TZH48C" height="0" width="0" style="display:none;visibility:hidden"></iframe> </noscript>   <div id="main" class="site main-wrap">  <header class="site-header">  <div class="utility-nav bg-white light"> <div class="container"> <div class="utility-nav-row"> <div class="utility-nav-right"> <div class="drop-down" role="presentation"> <a class="drop-down-toggle link" href="#" title="Company" role="menuitem">Company</a> <div class="drop-down-menu"> <a class="drop-down-item " href="/about/" title="About Tanium">About Tanium</a><a class="drop-down-item " href="/careers/" title="Careers">Careers</a><a class="drop-down-item " href="/leadership/" title="Leadership">Leadership</a><a class="drop-down-item " href="/newsroom/" title="Newsroom">Newsroom</a><a class="drop-down-item " href="/analyst-recognition/" title="Analysts">Analysts</a><a class="drop-down-item " href="/locations/" title="Locations">Locations</a> </div> </div> <div class="drop-down" role="presentation"> <a class="drop-down-toggle link" href="#" title="Login" role="menuitem">Login</a> <div class="drop-down-menu"> <a class="drop-down-item " href="https://help.tanium.com/" title="Resource Center">Resource Center</a><a class="drop-down-item " href="https://partners.tanium.com/" title="Partner Portal">Partner Portal</a><a class="drop-down-item " href="https://developer.tanium.com/saml/login " title="Developers Portal">Developers Portal</a> </div> </div> <div class="drop-down" role="presentation"> <a class="drop-down-toggle link" href="#" title="Language" role="menuitem"><span class="earth-icon"></span></a> <div class="drop-down-menu"> <a class="drop-down-item active" href="https://www.tanium.com/" title="English">English</a><a class="drop-down-item " href="https://www.tanium.fr/" title="Français">Français</a><a class="drop-down-item " href="https://www.tanium.de/" title="Deutsch">Deutsch</a><a class="drop-down-item " href="https://www.tanium.jp/" title="日本語">日本語</a> </div> </div> <div class="drop-down" role="presentation"> <a class="drop-down-toggle no-child link" href="/contact-us/" title="Contact us" role="menuitem">Contact us</a> </div> </div> </div> </div> </div>   <div id="main-nav" class="main-nav bg-white"> <div class="container"> <div class="menu-row-wrap align-content-center"> <div class="logo-box"><a href="/" title="Tanium" class="logo"><img src="/wp-content/themes/main/lib/images/header-logo.svg" alt="Tanium"></a></div> <nav class="menu-box" aria-label="Tanium" role="menu"> <div class="menu-item-search-wrap"> <div class="search-form-box"> <form class="navigation-search-form" method="get" action="/search/"> <div class="search-form"> <div class="search-input"> <input class="search-text" type="text" name="q" value="" placeholder="Search..." tabindex="-1" /> </div> <button type="submit" class="search-icon" tabindex="-1"> <img src="/wp-content/themes/main/lib/images/site-search-icon.svg" class="input-search-ico" alt="Search"> <img src="/wp-content/themes/main/lib/images/site-search-icon-white.svg" class="input-search-ico-active" alt="Search"> </button> </div> </form> </div> <a href="#" class="menu-item-search"> <img src="/wp-content/themes/main/lib/images/site-search-icon.svg" class="search-ico" alt="Search"> <img src="/wp-content/themes/main/lib/images/icon-x-black.png" class="close-ico" alt="Close"> <img src="/wp-content/themes/main/lib/images/site-search-icon-white.svg" class="search-ico-white" alt="Search"> <img src="/wp-content/themes/main/lib/images/icon-x-white.png" class="close-ico-white" alt="Close"> </a> </div> <div class="mob-menutrigger"><div class="mob-menutrigger-box"><span></span><span></span><span></span><span></span></div></div> <div class="mega-menu-parent"> <div class="mega-menu-wrap new-header-menu menu"> <ul> <li role="presentation"> <a class="link" href="/autonomous-endpoint-management" title="Platform" role="menuitem" tabindex="0">Platform</a> <div class="submenu-main submenu-main-sec submenu-type submenu-type-1" role="menu" aria-label="Platform"> <div class="container"> <div class="submenu-main-wrap"> <div class="submenu-main-inner"> <div class="submenu-main-left"> <div class="submenu-main-link-row"> <div class="submenu-primary-link-col"> <a href="/platform" title="Discover" class="submenu-primary-link"> <h3 class="display-heading-05">How it works</h3> <p>The real-time platform that powers AI solutions and IT and security workflows.</p> <span class="menu-text-cta">Discover <i class="icon-feather-arrow-right"></i></span> </a> </div> <div class="submenu-primary-link-col"> <a href="/autonomous-endpoint-management" title="Why AEM" class="submenu-primary-link"> <h3 class="display-heading-05">Tanium AEM</h3> <p>Autonomous endpoint management at scale, with confidence, and in real time.</p> <span class="menu-text-cta">Why AEM <i class="icon-feather-arrow-right"></i></span> </a> </div> </div> </div> <div class="submenu-main-right"> <div class="submenu-main-link-group"> <div class="submenu-main-dropdown-title"><h3 class="display-heading-05">Integrations</h3></div> <ul class="simple-link-dropdown"> <li> <a href="/partners/microsoft/spotlight" title="Microsoft" class="simple-link">Microsoft</a> </li> <li> <a href="/partners/servicenow/spotlight" title="ServiceNow" class="simple-link">ServiceNow</a> </li> </ul> </div> </div> </div> </div> </div> </div> </li> <li role="presentation"> <a class="link" href="#" title="Solutions" role="menuitem" >Solutions</a> <div class="submenu-main submenu-main-sec submenu-type submenu-type-2" role="menu" aria-label="Solutions"> <div class="container"> <div class="submenu-main-wrap"> <div class="submenu-main-inner"> <div class="submenu-main-left"> <div class="submenu-main-title"><h2 class="display-heading-05">Our solutions</h2></div> <div class="submenu-main-link-row"> <div class="submenu-primary-link-col"> <a href="/solutions" title="Autonomous solutions" class="submenu-primary-link"> <h3 class="display-heading-05">Overview</h3> <p>Have the confidence to take the right action at the right time in your IT environment.</p> <span class="menu-text-cta">Autonomous solutions <i class="icon-feather-arrow-right"></i></span> </a> </div> <div class="submenu-primary-link-col submenu-secondary-link-col"> <ul class="submenu-secondary-data-links"> <li> <a href="/solutions/tanium-core/" title="Tanium Core" class="submenu-secondary-link"> <h3 class="display-heading-06">Tanium Core</h3> <p>See and control endpoints across your environments in seconds. </p> </a> </li> <li> <a href="/solutions/endpoint-management/" title="Endpoint Management" class="submenu-secondary-link"> <h3 class="display-heading-06">Endpoint Management</h3> <p>Manage your entire IT lifecycle with speed and scale.</p> </a> </li> <li> <a href="/solutions/risk-and-compliance-management/" title="Risk & Compliance" class="submenu-secondary-link"> <h3 class="display-heading-06">Risk & Compliance</h3> <p>Know your risks and exposures and secure them.</p> </a> </li> <li> <a href="/solutions/incident-response/" title="Incident Response " class="submenu-secondary-link"> <h3 class="display-heading-06">Incident Response </h3> <p>Expedite your security team’s incident response.</p> </a> </li> <li> <a href="/solutions/digital-employee-experience/" title="Digital Employee Experience" class="submenu-secondary-link"> <h3 class="display-heading-06">Digital Employee Experience</h3> <p>Deliver delightful digital employee experiences.</p> </a> </li> </ul> </div> </div> </div> <div class="submenu-main-right"> <div class="submenu-main-link-group"> <div class="submenu-main-dropdown-title"><h3 class="display-heading-05">Industry</h3></div> <ul class="simple-link-dropdown"> <li> <a href="/solutions/federal-government/" title="Federal" class="simple-link">Federal</a> </li> <li> <a href="/solutions/state-and-local-government/" title="State & Local Government" class="simple-link">State & Local Government</a> </li> <li> <a href="/solutions/education/" title="Education" class="simple-link">Education</a> </li> <li> <a href="/solutions/energy-oil-gas/" title="Energy, Oil, and Gas" class="simple-link">Energy, Oil, and Gas</a> </li> <li> <a href="/solutions/financial-services/" title="Financial Services" class="simple-link">Financial Services</a> </li> <li> <a href="/solutions/healthcare/" title="Healthcare" class="simple-link">Healthcare</a> </li> <li> <a href="/solutions/manufacturing/" title="Manufacturing" class="simple-link">Manufacturing</a> </li> <li> <a href="/solutions/retail/" title="Retail" class="simple-link">Retail</a> </li> <li> <a href="/solutions/technology/" title="Technology" class="simple-link">Technology</a> </li> </ul> </div> </div> </div> </div> </div> </div> </li> <li role="presentation"> <a class="link" href="/customers/" title="Customers" role="menuitem" >Customers</a> <div class="submenu-main submenu-main-sec submenu-type submenu-type-3" role="menu" aria-label="Customers"> <div class="container"> <div class="submenu-main-wrap"> <div class="submenu-main-inner"> <div class="submenu-main-left"> <div class="submenu-main-title"><h2 class="display-heading-05">Our customers</h2></div> <div class="submenu-main-link-row"> <div class="submenu-primary-link-col"> <a href="/customers/" title="How we help" class="submenu-primary-link"> <h3 class="display-heading-05">Philosophy</h3> <p>To protect enterprises, organizations, and people. That is our why.</p> <span class="menu-text-cta">How we help <i class="icon-feather-arrow-right"></i></span> </a> </div> <div class="submenu-primary-link-col"> <a href="/customer-success-stories/" title="Hear their stories" class="submenu-primary-link"> <h3 class="display-heading-05">Success stories</h3> <p>See what our customers achieve with the power of certainty.</p> <span class="menu-text-cta">Hear their stories <i class="icon-feather-arrow-right"></i></span> </a> </div> </div> </div> <div class="submenu-main-right"> <div class="submenu-main-link-group"> <div class="submenu-main-dropdown-title"><h3 class="display-heading-05">Become an expert</h3></div> <ul class="simple-link-dropdown"> <li> <a href="/learning/" title="Tanium Learning" class="simple-link">Tanium Learning</a> </li> </ul> </div> <div class="submenu-main-link-group"> <div class="submenu-main-dropdown-title"><h3 class="display-heading-05">Get support</h3></div> <ul class="simple-link-dropdown"> <li> <a href="http://help.tanium.com/" title="Resource Center" class="simple-link">Resource Center <i class="icon-arrow-external"></i></a> </li> </ul> </div> </div> </div> </div> </div> </div> </li> <li role="presentation"> <a class="link" href="/partners/" title="Partners" role="menuitem" >Partners</a> <div class="submenu-main submenu-main-sec submenu-type submenu-type-4" role="menu" aria-label="Partners"> <div class="container"> <div class="submenu-main-wrap"> <div class="submenu-main-inner"> <div class="submenu-main-left"> <div class="submenu-main-title"><h2 class="display-heading-05">Our partners</h2></div> <div class="submenu-main-link-row"> <div class="submenu-primary-link-col"> <a href="/partners/" title="See how" class="submenu-primary-link"> <h3 class="display-heading-05">Why</h3> <p>Make the most out of your IT investments – powered by partners.</p> <span class="menu-text-cta">See how <i class="icon-feather-arrow-right"></i></span> </a> </div> <div class="submenu-primary-link-col"> <a href="/partners/find-a-partner" title="Get started" class="submenu-primary-link"> <h3 class="display-heading-05">Find a partner</h3> <p>Find the right partner for your journey to certainty. </p> <span class="menu-text-cta">Get started <i class="icon-feather-arrow-right"></i></span> </a> </div> </div> </div> <div class="submenu-main-right"> <div class="submenu-main-link-group"> <div class="submenu-main-dropdown-title"><h3 class="display-heading-05">Partner resources</h3></div> <ul class="simple-link-dropdown"> <li> <a href="https://partners.tanium.com/" title="Partner portal" class="simple-link">Partner portal <i class="icon-arrow-external"></i></a> </li> <li> <a href="https://partners.tanium.com/explore/972809" title="Learning hub" class="simple-link">Learning hub <i class="icon-arrow-external"></i></a> </li> <li> <a href="/learning/certifications/" title="Certifications" class="simple-link">Certifications</a> </li> <li> <a href="/partners/become-a-partner/" title="Become a partner" class="simple-link">Become a partner</a> </li> </ul> </div> </div> </div> </div> </div> </div> </li> <li role="presentation"> <a class="link" href="/resources/" title="Resources" role="menuitem" >Resources</a> <div class="submenu-main submenu-main-sec submenu-type submenu-type-5" role="menu" aria-label="Resources"> <div class="container"> <div class="submenu-main-wrap"> <div class="submenu-main-inner"> <div class="submenu-main-left"> <div class="submenu-main-title"><h2 class="display-heading-05">Discover</h2></div> <div class="submenu-main-link-row"> <div class="submenu-primary-link-col"> <a href="/p/" title="Explore" class="submenu-primary-link"> <h3 class="display-heading-05">Blogs, videos, podcasts</h3> <p>Thought leadership, industry insights, and Tanium news all in one place.</p> <span class="menu-text-cta">Explore <i class="icon-feather-arrow-right"></i></span> </a> </div> <div class="submenu-primary-link-col"> <a href="/resources/" title="Dive in " class="submenu-primary-link"> <h3 class="display-heading-05">Downloads</h3> <p>Access digital assets from analyst research to solution briefs.</p> <span class="menu-text-cta">Dive in <i class="icon-feather-arrow-right"></i></span> </a> </div> <div class="submenu-primary-link-col"> <a href="/events/" title="Join us" class="submenu-primary-link"> <h3 class="display-heading-05">Events</h3> <p>Find the latest events happening near you – virtually and in person. </p> <span class="menu-text-cta">Join us <i class="icon-feather-arrow-right"></i></span> </a> </div> </div> </div> </div> </div> </div> </div> </li> </ul> <div class="line-animation"></div> </div>  <div class="utility-nav light"> <div class="utility-nav-right"> <div class="drop-down" role="presentation"> <a class="drop-down-toggle link" href="#" title="Company" role="menuitem">Company</a> <div class="drop-down-menu"> <a class="drop-down-item " href="/about/" title="About Tanium">About Tanium</a><a class="drop-down-item " href="/careers/" title="Careers">Careers</a><a class="drop-down-item " href="/leadership/" title="Leadership">Leadership</a><a class="drop-down-item " href="/newsroom/" title="Newsroom">Newsroom</a><a class="drop-down-item " href="/analyst-recognition/" title="Analysts">Analysts</a><a class="drop-down-item " href="/locations/" title="Locations">Locations</a> </div> </div> <div class="drop-down" role="presentation"> <a class="drop-down-toggle link" href="#" title="Login" role="menuitem">Login</a> <div class="drop-down-menu"> <a class="drop-down-item " href="https://help.tanium.com/" title="Resource Center">Resource Center</a><a class="drop-down-item " href="https://partners.tanium.com/" title="Partner Portal">Partner Portal</a><a class="drop-down-item " href="https://developer.tanium.com/saml/login " title="Developers Portal">Developers Portal</a> </div> </div> <div class="drop-down" role="presentation"> <a class="drop-down-toggle link" href="#" title="Language" role="menuitem"><span class="earth-icon"></span></a> <div class="drop-down-menu"> <a class="drop-down-item active" href="https://www.tanium.com/" title="English">English</a><a class="drop-down-item " href="https://www.tanium.fr/" title="Français">Français</a><a class="drop-down-item " href="https://www.tanium.de/" title="Deutsch">Deutsch</a><a class="drop-down-item " href="https://www.tanium.jp/" title="日本語">日本語</a> </div> </div> <div class="drop-down" role="presentation"> <a class="drop-down-toggle no-child link" href="/contact-us/" title="Contact us" role="menuitem">Contact us</a> </div> </div> </div>  <div class="menu-item-search-wrap"> <a href="#" class="menu-item-search"> <img src="/wp-content/themes/main/lib/images/site-search-icon.svg" class="search-ico" alt="Search"> <img src="/wp-content/themes/main/lib/images/icon-x-black.png" class="close-ico" alt="Close"> <img src="/wp-content/themes/main/lib/images/site-search-icon-white.svg" class="search-ico-white" alt="Search"> <img src="/wp-content/themes/main/lib/images/icon-x-white.png" class="close-ico-white" alt="Close"> </a> <div class="search-form-box"> <form class="navigation-search-form" method="get" action="/search/"> <div class="search-form"> <div class="search-input"> <input class="search-text" type="text" name="q" value="" placeholder="Search..." tabindex="-1" /> </div> <button type="submit" class="search-icon" tabindex="-1"> <img src="/wp-content/themes/main/lib/images/site-search-icon.svg" class="input-search-ico" alt="Search"> <img src="/wp-content/themes/main/lib/images/site-search-icon-white.svg" class="input-search-ico-active" alt="Search"> </button> </div> </form> </div> <a href="#" class="menu-item-search "> <img src="/wp-content/themes/main/lib/images/site-search-icon.svg" class="search-ico" alt="Search"> <img src="/wp-content/themes/main/lib/images/icon-x-black.png" class="close-ico" alt="Close"> <img src="/wp-content/themes/main/lib/images/site-search-icon-white.svg" class="search-ico-white" alt="Search"> <img src="/wp-content/themes/main/lib/images/icon-x-white.png" class="close-ico-white" alt="Close"> </a> </div> <div class="button-box mob"><a href="/see-a-demo" title="SEE A DEMO" class="cta-link cta-link-red"><span>SEE A DEMO</span></a></div> </div> <div class="button-box desk"><a href="/see-a-demo" title="SEE A DEMO" class="cta-link cta-link-red"><span>SEE A DEMO</span></a></div> </nav> </div> </div> </div>  </header>   <div id="content" class="site-content"> <section class="content-hub-category-page"> <div class="content-hub-nav content-hub-inner-page"> <div class="container"> <a class="link menu-left" href="/p/" title="Articles, blogs, videos"><img src="/wp-content/themes/main/lib/images/icon-content-hub.png" alt="icon content hub" /></a> <div class="hub-nav-wrap"> <div class="hub-nav-paddles hub-nav-arrows"> <div class="hub-left-paddle hidden"></div> <div class="hub-right-paddle"></div> </div> <ul> <li><a href="/p/it-operations/" title="IT OPERATIONS">IT OPERATIONS</a></li><li><a href="/p/risk-security/" title="RISK & SECURITY">RISK & SECURITY</a></li><li><a href="/p/threat-intelligence/" title="THREAT INTELLIGENCE">THREAT INTELLIGENCE</a></li><li><a href="/p/business-transformation/" title="BUSINESS TRANSFORMATION">BUSINESS TRANSFORMATION</a></li><li><a href="/p/learn-tanium" title="LEARN TANIUM">LEARN TANIUM</a></li><li><a href="/newsroom/" title="NEWSROOM">NEWSROOM</a></li> </ul> <div class="line-animation"></div> </div> </div> </div> <div class="hub-nav-extra-height"></div> </section>  <article class="post-detail category-content-hub full-bleed"> <div class="post-header-thumbnail"> <div class="bg-thumbnail" style="background-image: url(/wp-content/uploads/Tool_Sprawl_IT_Visibility_feature-scaled.jpeg);" aria-label="Image for What is Cyber Resiliency blog post"></div> </div> <header class="post-header container"> <div class="row-wrap"> <div class="box-12 box-md-12 box-lg-8"> <div class="post-header-inner"> <div class="post-header-content"> <div class="post-header-text-wrap"> <h1 class="display-heading-02 post-header-title">Tool Sprawl Threatens Post-Pandemic Security</h1> <div class="post-header-subtitle"><p>CISOs must devise creative ways to counter rogue software and improve IT visibility</p></div> <div class="tag-labels"><span>Perspective</span></div> </div> <div class="post-header-meta-wrap"> <div class="post-meta"> <time class="updated" datetime="2021-04-09T06:40:17+00:00">April 9, 2021</time> <div class="blog-detailed-content-right list-sidebar"> <div class="sharethis-inline-share-buttons"></div> </div> </div> </div> </div> </div> </div> </div> </header> <div class="post-detail-body container"> <div class="row-wrap"> <div class="box-12 box-md-12 box-lg-8"> <div class="post-detail-content"> <div class="sidebar-takeaways"><h2 class="display-heading-04">Key takeaways</h2><ul><li>Reining in tool sprawl will immediately improve IT hygiene and increase security </li><li>Organizations should develop a workflow to inventory all endpoints and software </li><li>IT should prioritize software patches that head off vulnerabilities most likely to impact the business</li></ul></div> <p>If IT tools are deployed in the digital forest and nobody sees or uses them, do they really exist?</p> <p>Most chief information security officers (CISOs) know better than to answer this Zenlike question. Whether software has been detected or not, the unfettered sprawl of authorized and unauthorized tools can open a real and potentially devastating backdoor for hackers.</p> <p>Bradley Schaufenbuel understands this well. The CISO of Paychex, a provider of payroll services for small businesses, says “tool sprawl” has become a major concern for security teams. His own team finds new vulnerabilities from rogue software every day. If that software is not regularly updated, the attack surface grows exponentially. </p> <p>“Unless the tools are sanctioned and inventoried, security teams are often unaware of their existence,” says Schaufenbuel. “And a security team cannot secure what it does not know exists.”</p> <h3><b>A sprawling problem</b></h3> <p>Many unsanctioned tools get haphazardly installed across an enterprise without IT’s knowledge and remain that way—forgotten, unpatched, and vulnerable—until a hacker finds and uses them to breach a company’s network.</p> <p>According to a 2020 global Tanium survey, 91% of IT decision-makers acknowledged they have <a href="/press-releases/tanium-study-over-90-percent-of-global-organizations-surveyed-have-major-gaps-in-it/">too little visibility or control</a> over IT assets. Indeed, nearly a third said shadow IT projects and the profusion of authorized and unauthorized tools were causing huge problems.</p> <p>Today’s distributed workforces have only made things worse. Three in five remote workers are now <a href="https://www.netmotionsoftware.com/blog/surveys/survey-it-remains-blind-to-1-in-4-remote-workers">using rogue tools</a> outside of official IT policy, according to a survey by network security company NetMotion. This profusion of unvetted software presents headaches for businesses as they seek to return to some semblance of a “normal” workplace post-pandemic. The problem is further compounded as global IT environments have grown in size and complexity over the years, and hybrid and multicloud environments have become commonplace.</p> <aside class="ep-callout right" style="float: right;"><div class="grayBox"></div><span class="ep-callout-bigtext">3 in 5</span><p class="ep-callout-text">remote workers are using rogue software tools<span class="s1"></p></aside> <h3><b>Security tools can breed insecurity</b></h3> <p>The great irony of all of this complexity and rogue software is that the very tools designed to protect the security of an organization may present the greatest cybersecurity threat, as the recent <a href="https://www.reuters.com/article/us-cyber-solarwinds-microsoft/solarwinds-hack-was-largest-and-most-sophisticated-attack-ever-microsoft-president-idUSKBN2AF03R">SolarWinds hack</a> highlighted. </p> <p>In one survey, 55% of IT decision-makers reported using 20 or more tools between security and operations, with 70% saying these tools lack full integration. While some IT security professionals may think that multiple security tools allow teams to flexibly cover more ground, an IBM study suggests the opposite is true. These l<a href="https://newsroom.ibm.com/2020-06-30-IBM-Study-Security-Response-Planning-on-the-Rise-But-Containing-Attacks-Remains-an-Issue">oosely coupled point solutions</a> create added cost and complexity that end up hindering an organization’s ability to detect and respond to breaches.</p> <p>But Josh Schofield, a senior director of product management at Tanium, says problems with security tool sprawl do not necessarily begin with IT departments. Most such tools, he maintains, are one-time <a href="https://techterms.com/definition/freeware">freeware</a> installs by employees self-servicing their machines. Problems arise, he says, when licenses requiring corporations to pay for those applications kick in and block use of the programs. Few users go the extra mile to actually remove them, creating potential cybersecurity vulnerabilities, Schofield says.</p> <blockquote class="ep-pullquote"><p>If a tool is legitimately useful, insist that it go through a vetting process to become sanctioned.</p><footer>Bradley Schaufenbuel, CISO, Paychex</footer></blockquote> <p>Chris Hughes, a cybersecurity consultant and university lecturer on the topic, says every cybersecurity tool needs to be paired with someone who knows how to deploy, install, and manage it. When IT organizations have support staff to monitor tool sprawl, they tend to be more resilient against attack. But few security teams are capable of doing this well right now because of a critical <a href="/blog/new-pipelines-cybersecurity-talent/">security talent shortage</a>. Investing in multiple cybersecurity tools therefore makes little security sense, Hughes says.</p> <p>“Most security teams with dozens of tools will admit they don’t really know how well they are working,” he says. “They are spending a lot on these tools but can’t tell you if they are getting value out of them. And that’s money they could have shifted to other resources, like bolstering their teams.”</p> <p>Mark Settle, a former CIO for Okta and BMC Software, sees another side to the issue. In principle, companies invest in multiple tools because they have complementary capabilities, and the benefits they produce when assembled are greater than the sum of their parts. “That’s the theory,” says Settle, who recently wrote a book on <a href="https://www.amazon.com/Truth-Valley-Practical-Primer-Management-ebook/dp/B07Z6R3HSP">IT management</a>. “In practice, tools may have overlapping capabilities, be difficult to administer, and come with underlying security vulnerabilities.” </p> <h3><b>How to rein in tool sprawl</b></h3> <p>In theory, organizations looking to counter tool sprawl could simply deploy a single sanctioned platform to handle multiple functions. This would streamline operations and security while all but eliminating the need for shadow IT solutions. However, experts recommend a few basic steps for immediately improving IT hygiene and security:</p> <p><b>Inventory endpoints and software.</b> Schaufenbuel’s team at Paychex did this as part of a larger effort to rationalize tool spending and consolidate its vendors. Some organizations will already have workflow or comprehensive endpoint management platforms deployed to help accomplish this. Those that do not should consider such solutions for greater visibility and control of digital tools and applications.</p> <p style="text-align: center;"><a href="https://www.tanium.com/blog/revisit-your-software-management-practices/">[Read also: How government CIOs can play tougher D]</a></p> <p>Schofield also recommends looking for anomalies as part of this process, not just knowing everything that’s installed on a network but also what seems to be installed in more limited fashion—and why.</p> <p>“It’s great to know you have a tool installed on 50,000 devices, but it’s even more interesting when you can flip that on its head and find situations where you have this one thing that’s only installed on five machines,” Schofield says. “That’s the kind of thing you really want to be looking for because it could represent a major attack vector.”</p> <p><b>Strengthen access.</b> It is incredibly difficult to accurately assess what’s on a network if devices are not registered to it. Schaufenbuel recommends giving users an amnesty period to register tools so they can be continually hardened and updated, and if that doesn’t work, aggressively blocking or removing unsanctioned tools from company systems. “If a tool is legitimately useful, insist that it go through a vetting process to become sanctioned,” Schaufenbuel suggests.</p> <p>He cautions that this is not a one-size-fits-all approach. Software developers, in particular, may need more flexibility to install unsanctioned tools to do their jobs. “One of the biggest mistakes I have made is locking down developer workstations too tightly,” he says, “which can hamper productivity, inhibit innovation, and foster resentment toward the security team.” For developers, he says, it is better to use an endpoint management solution that permits them to install tools in a more controlled way.</p> <p><b>Scrutinize tool spending.</b> Once an organization has a handle on tools, it needs to evaluate the investment in them. Technologists can become so obsessed with buying the latest and greatest tools that they overlook the other tools they’ve already invested in. “Some of the CISOs I know challenge their teams to identify an existing tool that they’re willing to give up before approving the purchase of a new product or service,” says Settle. “That can be a highly effective way of limiting the sprawl.”</p> <p><b>Patch. Patch. Patch.</b> Once IT can see every tree in its digital forest, it can then update and secure them. IT should prioritize <a href="/blog/what-is-patch-management/">software patches</a> that head off vulnerabilities most likely to impact the business. It is important to pay particular attention to desktops, laptops, and printers running dormant or outdated software. A recent HP Bromium report found that an old, unpatched memory corruption <a href="https://threatresearch.ext.hp.com/wp-content/uploads/2021/03/HP_Bromium_Threat_Insights_Report_Q4_2020.pdf">vulnerability in Microsoft Office</a> caused almost 75% of all exploits caught by its HP Sure Click cybersecurity feature. </p> <p><b>Move beyond passwords.</b> Every CISO knows passwords by themselves are an ineffective method of controlling network access. It’s important, therefore, to implement mechanisms to help users not only create strong, long, and unique credentials—but also remember them. Identity and access management tools, such as OneLogin, can help with this. Security experts say organizations should also implement <a href="https://www.tanium.com/blog/what-is-multifactor-authentication-mfa/">multifactor authentication (MFA)</a> to reduce the risk of phishing and brute force attacks. This is especially important because of the growing number of remote desktop protocol (RDP) endpoints attacked during the COVID pandemic.</p> </div> </div> <div class="box-12 box-md-12 box-lg-4 tags-listing"> <div class="list-sidebar"> <div class="author-detail-box"> <a href="https://www.tanium.com/author/david-rand/"> <figure class="headshot-img"> <img src="/wp-content/uploads/David-Rand.jpeg" alt=""> </figure> </a> <h2 class="display-heading-04"> <a href="https://www.tanium.com/author/david-rand/">David Rand</a> </h2> <div class="author-bio"><p>David Rand is a business and technology reporter whose work has appeared in major publications around the world. He specializes in spotting and digging into what’s coming next – and helping executives in organizations of all sizes know what to do about it.</p></div> </div> <div class="sidebar-takeaways"><h2 class="display-heading-04">Key takeaways</h2><ul><li>Reining in tool sprawl will immediately improve IT hygiene and increase security </li><li>Organizations should develop a workflow to inventory all endpoints and software </li><li>IT should prioritize software patches that head off vulnerabilities most likely to impact the business</li></ul></div> <div class="sidebar-asset"> <img src="/wp-content/themes/main/lib/images/Tanium-Focal_point-color.png" alt="focal-point-logo" /> <p>Dedicated to helping business executives and IT leaders effectively use technology to connect with customers, empower employees and achieve better results.</p> <div class="center-image"> <img src="/wp-content/themes/main/lib/images/award-azbee-silver-2024.png" alt="Award AZBEE Silver 2024" /> <img src="/wp-content/themes/main/lib/images/award-azbee-badge-2024.png" alt="Award AZBEE Badge 2024" /> <img src="/wp-content/themes/main/lib/images/award-tabbies-2023.png" alt="Tabbies 2023 Award Winner" /> </div> <p>Technology & Innovation Reporting - National Government Coverage - Pacific Region<br> Technology & Innovation Reporting - Pacific Region</p> </div> <div class="alerts-box"> <div class="alerts-box-cover"> <h3 class="display-heading-04">Tanium Subscription Center</h3> <p>Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.</p> <a href="/subscription-sign-up/" class="cta-link cta-link-red"><span>SUBSCRIBE NOW</span></a> </div> </div> </div> </div> </div> </div> <div class="related-post-block"> <div class="container"> <h2 class="display-heading-03">Related</h2> <div class="related-posts grid"> <div class="post-teaser-col" data-post-id="27391"> <a class="post-teaser-thumbnail-link" href="https://www.tanium.com/blog/top-10-bold-cybersecurity-predictions-for-2025/"> <picture><img src="/wp-content/uploads/top-10-bold-cybersecurity-predictions-for-2025_SQUARE.png" alt=""></picture> </a> <h3 class="display-heading-05 post-teaser-title"> <a class="post-teaser-permalink text-ellipsis" href="https://www.tanium.com/blog/top-10-bold-cybersecurity-predictions-for-2025/">Top 10 Bold Cybersecurity Predictions for 2025</a> </h3> </div> <div class="post-teaser-col" data-post-id="27335"> <a class="post-teaser-thumbnail-link" href="https://www.tanium.com/blog/new-episode-how-and-why-to-make-friends-with-your-cyber-insurer/"> <picture><img src="/wp-content/uploads/new-episode-LCpromo_SQUARE.png" alt="A photo of a neon sign against a brick wall that reads "podcast.""></picture> </a> <h3 class="display-heading-05 post-teaser-title"> <a class="post-teaser-permalink text-ellipsis" href="https://www.tanium.com/blog/new-episode-how-and-why-to-make-friends-with-your-cyber-insurer/">New Episode: How (and Why) to Make Friends with Your Cyber Insurer</a> </h3> </div> <div class="post-teaser-col" data-post-id="27309"> <a class="post-teaser-thumbnail-link" href="https://www.tanium.com/blog/the-new-thinking-on-password-security-might-surprise-you/"> <picture><img src="/wp-content/uploads/the-new-thinking-on-password-security-might-surprise-you_SQUARE.png" alt="A black-and-white photo of old-time printing press metal letters scattered across a surface."></picture> </a> <h3 class="display-heading-05 post-teaser-title"> <a class="post-teaser-permalink text-ellipsis" href="https://www.tanium.com/blog/the-new-thinking-on-password-security-might-surprise-you/">The New Thinking on Password Security Might Surprise You</a> </h3> </div> </div> </div> </div> </article> </div>   <div id="video-container" class="video-container mfp-hide"> <div id="video-modal" class="video-popup video-share" data-title="" data-summary="" data-media="" data-url=""> <div class="video-cover video-cloudflare"> <div class="video-code"></div> </div> <div class="video-title-box white-bg-info"> <a href="javascript:;" class="video-play"> <div class="cover-video-title"></div> </a> <div class="cover-share"><i class="fas fa-share"></i></div> </div> </div> </div>   <footer class="footer-new"> <div class="container"> <div class="footer-hero"> <div class="footer-hero-left"> <h2>The Power of Certainty™</h2> </div> <div class="footer-hero-right"> <p class="body-01">Tanium delivers Autonomous Endpoint Management (AEM) with the industry’s only true real-time platform for AI.</p> <div class="button-box"><a href="/see-a-demo" class="cta-link cta-link-white-inverted" target="_blank"><span>SEE A DEMO</span></a></div> </div> </div> <div class="footer-new-cover"> <div class="footer-top-wrap"> <div class="footer-new-left"> <div class="footer-new-logo"> <a href="/" class="logo-box"><img src="/wp-content/themes/main/lib/images/header-logo.svg" alt="Tanium"></a> </div> <div class="footer-new-social"> <ul> <li><a href="https://twitter.com/tanium" target="_blank"><i class="fab fa-twitter"></i></a></li> <li><a href="https://www.linkedin.com/company/tanium/" target="_blank"><i class="fab fa-linkedin"></i></a></li> <li><a href="https://www.youtube.com/c/Tanium_Inc" target="_blank"><i class="fab fa-youtube"></i></a></li> <li><a href="https://www.instagram.com/taniuminc/" target="_blank"><i class="fab fa-instagram"></i></a></li> </ul> </div> <div class="footer-button-box"> <a href="/contact-us/" class="cta-link primary-text-cta-white-arrow"><span>Contact Us</span></a> </div> <div class="footer-event-section"> <a href="https://converge.tanium.com/2024?utm_source=tanium&utm_medium=referral&utm_content=website-footer&utm_campaign=EV-01-GBL-FY25-18-NOV-Conference-M-All-Converge-2024-registrations" title="Converge 2024" class="cta-link cta-link-white-inverted"> <div class="event-title-text"> <div class="event-title">Converge 2024</div> <div class="event-text"><p>Join us in Orlando, FL!</p></div> </div> <div class="event-button button-box"><span class="primary-text-cta-white-arrow"><span>Learn more</span></span></div> </a> </div> </div> <div class="footer-new-right"> <div class="footer-new-menu"> <div class="wp-footer-menu"> <ul id="menu-footer" class="menu"> <li class="menu-item" role="presentation"> <a class="link" href="/about/" title="About Tanium" role="menuitem">About Tanium</a> <ul class="sub-menu"> <li class="menu-item"><a href="/careers/" title="Careers">Careers</a></li><li class="menu-item"><a href="/leadership/" title="Leadership">Leadership</a></li><li class="menu-item"><a href="/newsroom/" title="Newsroom">Newsroom</a></li><li class="menu-item"><a href="/locations/" title="Locations">Locations</a></li><li class="menu-item"><a href="/analyst-recognition/" title="Analyst Recognition">Analyst Recognition</a></li><li class="menu-item"><a href="https://docs.tanium.com/cloud/cloud/trust_compliance.html" title="Cloud Trust Center">Cloud Trust Center</a></li><li class="menu-item"><a href="/about/security/" title="Security">Security</a></li><li class="menu-item"><a href="/about/sustainability/" title="Sustainability">Sustainability</a></li> </ul> </li> <li class="menu-item" role="presentation"> <a class="link" href="/autonomous-endpoint-management/" title="Autonomous Endpoint Management" role="menuitem">Autonomous Endpoint Management</a> <ul class="sub-menu"> <li class="menu-item"><a href="/platform/" title="Tanium Platform">Tanium Platform</a></li><li class="menu-item"><a href="/solutions/tanium-core/" title="Tanium Core">Tanium Core</a></li><li class="menu-item"><a href="/solutions/endpoint-management/" title="Endpoint Management">Endpoint Management</a></li><li class="menu-item"><a href="/solutions/risk-and-compliance-management/" title="Risk & Compliance Management">Risk & Compliance Management</a></li><li class="menu-item"><a href="/solutions/incident-response/" title="Incident Response">Incident Response</a></li><li class="menu-item"><a href="/solutions/digital-employee-experience/" title="Digital Employee Experience">Digital Employee Experience</a></li> </ul> </li> <li class="menu-item" role="presentation"> <a class="link" href="/p/" title="Explore" role="menuitem">Explore</a> <ul class="sub-menu"> <li class="menu-item"><a href="/p/focal-point/" title="Focal Point Magazine">Focal Point Magazine</a></li><li class="menu-item"><a href="/p/tanium-blog/" title="Tanium Blog">Tanium Blog</a></li><li class="menu-item"><a href="/p/podcasts/" title="Let’s Converge Podcast ">Let’s Converge Podcast </a></li><li class="menu-item"><a href="/resources" title="Downloads">Downloads</a></li><li class="menu-item"><a href="/events/" title="Events">Events</a></li> </ul> </li> <li class="menu-item" role="presentation"> <a class="link" href="/learning/" title="Learn" role="menuitem">Learn</a> <ul class="sub-menu"> <li class="menu-item"><a href="/learning/training/" title="Training">Training</a></li><li class="menu-item"><a href="/learning/certifications/" title="Certifications">Certifications</a></li> </ul> </li> <li class="menu-item" role="presentation"> <a class="link" href="https://help.tanium.com/" title="Support" role="menuitem">Support</a> <ul class="sub-menu"> <li class="menu-item"><a href="https://help.tanium.com/" title="Resource Center">Resource Center</a></li> </ul> </li> <li class="menu-item" role="presentation"> <a class="link" href="/customers/" title="Customers" role="menuitem">Customers</a> <ul class="sub-menu"> <li class="menu-item"><a href="/customer-success-stories/" title="Success Stories">Success Stories</a></li> </ul> </li> <li class="menu-item" role="presentation"> <a class="link" href="/partners/" title="Partners" role="menuitem">Partners</a> <ul class="sub-menu"> <li class="menu-item"><a href="/partners/find-a-partner/" title="Partner Finder">Partner Finder</a></li><li class="menu-item"><a href="/partners/become-a-partner/" title="Become a Partner">Become a Partner</a></li><li class="menu-item"><a href="https://partners.tanium.com/explore/972809" title="Partner Learning Hub">Partner Learning Hub</a></li> </ul> </li> <li class="menu-item" role="presentation"> <a class="link" href="/legal/" title="Legal" role="menuitem">Legal</a> <ul class="sub-menu"> <li class="menu-item"><a href="/privacy-policy/" title="Privacy Policy">Privacy Policy</a></li><li class="menu-item"><a href="/terms-of-use/" title="Terms of Use">Terms of Use</a></li><li class="menu-item"><a href="/ccpa-notice-at-collection/" title="CCPA Notice of Collection">CCPA Notice of Collection</a></li><li class="menu-item"><a href="/ccpa-notice-at-collection#do-not-share" title="Do Not Sell or Share My Personal Information">Do Not Sell or Share My Personal Information</a></li> </ul> </li> </ul> </div> </div> </div> </div> <div class="footer-event-section"> <a href="https://converge.tanium.com/2024?utm_source=tanium&utm_medium=referral&utm_content=website-footer&utm_campaign=EV-01-GBL-FY25-18-NOV-Conference-M-All-Converge-2024-registrations" title="Converge 2024" class="cta-link cta-link-white-inverted"> <div class="event-title-text"> <div class="event-title">Converge 2024</div> <div class="event-text"><p>Join us in Orlando, FL!</p></div> </div> <div class="event-button button-box"><span class="primary-text-cta-white-arrow"><span>Learn more</span></span></div> </a> </div> <div class="footer-copyright-language-box"> <div class="copy-right-box"> <p>© 2024 Tanium Inc. All rights reserved.</p>  </div> <div class="language-box"> <span class="earth-icon"><img src="/wp-content/themes/main/lib/images/icon-material-language-white.svg" alt="Tanium"></span> <select name="sources" id="sources" class="language-select sources" data-default="English"> <option value="/">English</option> <option value="https://www.tanium.fr/">Français</option> <option value="https://www.tanium.de/">Deutsch</option> <option value="https://www.tanium.jp/">日本語</option> </select> </div> </div> </div> </div> </footer>  </div>  <script src="/wp-content/themes/main/lib/js/jquery-3.4.1.min.js" type="text/javascript" integrity="sha256-eKhayi8LEQwp4NKxN+CfCh+3qOVUtJn3QNZ0TciWLP4=" crossorigin="anonymous"></script> <script src="/wp-content/themes/main/lib/js/jquery.magnific-popup.js"></script> <script src="/wp-content/themes/main/lib/js/slick.min.js"></script> <script src="/wp-content/themes/main/lib/js/navigation.js"></script> <script src="/wp-content/themes/main/lib/js/general.js"></script> <script src="/wp-content/themes/main/lib/js/hls.min.js"></script> <script src="/wp-content/themes/main/lib/js/main.js?v=1733174282"></script> <script src="/wp-content/themes/main/lib/js/search.js"></script> <script type="text/javascript" src="https://www.tanium.com/wp-content/plugins/tanium-announcements/announcements.js?ver=6.6.1" id="announcements-js"></script> <script type="text/javascript" id="sti-script-js-extra"> /* <![CDATA[ */ var sti_vars = {"ajaxurl":"https:\/\/www.tanium.com\/wp-admin\/admin-ajax.php","homeurl":"https:\/\/www.tanium.com\/","selector":".animated-bar-inner","title":"Tanium Test","summary":"Tanium description","short_url":"no","url_structure":"\/%postname%\/","minWidth":"25","minHeight":"25","sharer":"https:\/\/www.tanium.com\/wp-content\/plugins\/share-this-image\/sharer.php","position":"image","analytics":"","buttons":{"desktop":["facebook","twitter","linkedin"],"mobile":["facebook","twitter","linkedin"]},"twitterVia":"@Tanium","appId":"","custom_data":[]}; /* ]]> */ </script> <script type="text/javascript" src="https://www.tanium.com/wp-content/plugins/share-this-image/assets/js/sti.min.js?ver=1.81" id="sti-script-js"></script> </body> </html>

CINXE.COM

Tool Sprawl Threatens Post-Pandemic Security | Tanium