Tanium CEO admits using real hospital data in sales demos [Updated]

3 02 2018
Following a report by The Wall Street Journal that the security vendor Tanium used a hospital’s live network as a demonstration platform on sales calls and even revealed private hospital data in a publicly posted demonstration video, Tanium CEO Orion Hindawi has admitted that mistakes were made in handling data from El Camino Hospital’s network. Hindawi was vague about whether the company had live access to the network, but in a blog post late yesterday, he said that the data was from “this particular customer’s demo environment” and that Tanium did not—and should not—have remote access to customers’ security data except in a very few cases where customers had granted access.

[Update, 3:30 pm EDT] Ars has learned from a source familiar with the installation that the company did, in fact, use a connection to El Camino Hospital’s on-premises instance of the Tanium web console for demonstrations.The connection would have had to have been provided by El Camino’s information technology staff—though it is not clear how far up in the hospital’s administration that arrangement was approved, and the arrangement was apparently never documented. Since 2015—about the time Tanium lost access to the El Camino Hospital installation—Tanium has required that these sorts of arrangements be codified in writing.

more

The content in this post was found at https://arstechnica.com/security/2017/04/tanium-ceo-tacitly-admits-using-hospital-data-in-demos-sort-of/ Clicking the title link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com. Clicking the title link will take you to the source of the post.

Powered by WPeMatico

« »


Actions

Informations