Phoenix Software Ltd

Tanium Converged End Point Management (XEM)

Visibility, control, remediation of endpoints in real-time, cloud-scale and autonomous - Tanium offers the only converged endpoint management (XEM) platform that combines end-to-end visibility, control, and remediation in one place.

Features

• Asset Discovery and Inventory
• Policy Config
• Certificate Management
• Endpoint Management
• Risk and Compliance
• Incident Response
• Digital Employee Experience

Benefits

• Real time data view
• Suite of capabilities to manage assets
• Built from ground up capability
• Scalability
• Granular Data View

£17 to £52 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccs@phoenixs.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

402535794813632

Contact

Jonny Scott
01904 562200
ccs@phoenixs.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: N/a
• System requirements: https://help.tanium.com/bundle/ug_cloud_cloud/page/cloud/requirements.html

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Tanium maintains a 24/7 support center with a defined escalation path to address support tickets of varying severity. Standard Response SLOs are available via Tanium's Support Handbook and are based on mutually agreed to issue severity.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Tanium provides one level of Support to all customers. If a customer requires 24x7 Support for Severity 1 or 2 issues due to business requirements, Tanium does have an offering to support that business need.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On site training, computer-based learning, user documentation, 247 support centre, 24/7 self-help centre
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Tanium is not intended as a long term store for data, however some data is retained within the platform for reporting purposes, this can be exported directly by the operator of the system in a variety of formats - CSV, json, text etc..
• End-of-contract process: In the event of not renewing the service the customers' instance of Tanium is retained for 30 days in an inaccessible state should there have been an error with renewal, once the 30 day period has passed the instance is permanently deleted & is not recoverable.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Tanium provides a rich web console where operators ask questions of the environment and lauch packages to remediate findings. Modules on top of the Tanium platform have separate workbenches where you configure, interact and drive the specific capability.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Tanium has conducted 3rd party accessibility assessments over the course of product development for many years. We certify against the WCAG 2.1 / VPAT 2.4 standards for all major product modules.
• API: Yes
• What users can and can't do using the API: Access is via API tokens. Most functionality can be accessed via API. See Tanium documentation for detail at help.tanium.com - https://help.tanium.com/bundle/z-kb-articles-salesforce/page/kA07V000000Tca0SAC.html#introducing_the_tanium_gateway
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: End users can create custom sensors, packages, reports and dashboards.

Scaling

• Independence of resources: "Proactive monitoring continuously measures the performance of key subsystems of Tanium Cloud against the established baselines of acceptable service performance and availability, and to support regulatory requirements.; ; Taniums unique linear chain technology allows organisations to scale with minimal performance impact. More information on linear chain can be found here.; ; https://site.tanium.com/rs/790-QFJ-925/images/DS-Tanium-Endpoint-Platform-Architecture-2020.pdf"

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Other
• Other data at rest protection approach: Tanium leverages a third party firm to perform authenticated and non-authenticated penetration testing against its Tanium-as-a-Service solution. The penetration testing is performed annually, and vulnerabilities are reviewed, validated, and triaged by security personnel, which assigns and prioritizes reported vulnerabilities for mitigation.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: It depends on the capability being used but data can normally be exported via CSV at a minimum. Other options include HTML and sending directly to other systems via email, syslog, JSON etc.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • HTML
  • JSON
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Data in transit between data cloud, endpoints and/or management console is protected by TLS encryption.
• Data protection within supplier network: Other
• Other protection within supplier network: Data in transit between data cloud, endpoints and/or management console is protected by TLS encryption.

Availability and resilience

• Guaranteed availability: https://help.tanium.com/bundle/ug_cloud_cloud/page/cloud/trust_compliance.html#service_availability
• Approach to resilience: "Tanium has established baseline security configurations of software, hardware, service and networks. These standard configurations are maintained using industry standard hardening guides, such as guides from the Center for Internet Security (CIS); ; Aligned to ISO 27001 and NIST 800-53 FedRAMP Moderate, Tanium Cloud's vulnerability management process includes identifying, analyzing and understanding assets, impact of security risks and weaknesses and threats to apply security measures. It includes performing regular security assessments, Plan of Action and Milestones, continuous monitoring, and penetration testing, among others. "
• Outage reporting: NA

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Tanium uses roles based access control and computer groups to limit access .
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Public key authentication (including by TLS client certificate)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 4/8/2019 originally, the most recent accreditation from 2/27/24
• What the ISO/IEC 27001 doesn’t cover: N.A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 02/22/23
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: https://www.tanium.com/about/security/

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: NA
• Information security policies and processes: Iso27001

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: N/a
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Tanium has a continuous monitoring strategy and program that includes monthly metrics, monthly monitoring and annual assessments, ongoing control assessments, monitoring of metrics, correlation and analysis generated by assessments and monitoring, and response actions to address those. Assessors or assessments teams are used to monitor systems and infrastructure on an ongoing basis, for example OS Scans conducted at least monthly, database scans at least monthly, web app scans at least monthly, all scans performed by independent assessors at least annually. Incident response was previously addressed.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Tanium has a continuous monitoring strategy and program that includes monthly metrics, monthly monitoring and annual assessments, ongoing control assessments, monitoring of metrics, correlation and analysis generated by assessments and monitoring, and response actions to address those. Assessors or assessments teams are used to monitor systems and infrastructure on an ongoing basis, for example OS Scans conducted at least monthly, database scans at least monthly, web app scans at least monthly, all scans performed by independent assessors at least annually.
• Incident management type: Undisclosed
• Incident management approach: Tanium's IR plan documents the lifecycle of this process, which includes distinct phases of activities to handle all security events. Ranging from preparation, to detection, triaging, analysis, escalation, containment, eradication, recovery and post-mortem.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Tanium is committed to the responsible use of resources and the fight against climate change.

  Equal opportunity

  Tanium provides equal employment opportunity for all employees and job applicants, and does not unlawfully discriminate based on race, color, religion, sex, sexual orientation, nationality, national origin, ancestry, citizenship, age, medical condition, genetic information, mental or physical disability, veteran status, marital status or any other basis protected by federal, state or local law. Tanium also prohibits Tanium Personnel from unlawfully harassing or mistreating other Tanium Personnel, customers, or any other individuals in the workplace or in a work-related situation based on any legally protected characteristic. In addition, reasonable accommodations will be provided for the known physical and mental limitations of qualified disabled employees and job applicants, except where an undue hardship would result.

  Wellbeing

  Tanium is committed to providing a safe workplace, and expects Tanium Personnel to comply with the environmental, health and safety laws where we have operations. Violence of any kind, including threats of violence, is unacceptable at the workplace, at a Tanium-sponsored event, or during any time you are acting on behalf of Tanium. Alcohol and drugs may not be consumed at Tanium office locations except at special events where alcohol may be served if approved in advance by the CEO. Tanium Personnel should report to work fit for duty and free of any adverse effects from a controlled substance (including alcohol, drugs, and prescription medication) that impairs their ability to work.

Pricing

• Price: £17 to £52 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccs@phoenixs.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.