Following a report by The Wall Street Journal that the security vendor Tanium used a hospital's live network as a demonstration platform on sales calls and even revealed private hospital data in a publicly posted demonstration video, Tanium CEO Orion Hindawi has admitted that mistakes were made in handling data from El Camino Hospital's network. Hindawi was vague about whether the company had live access to the network, but in a blog post late yesterday, he said that the data was from "this particular customer's demo environment" and that Tanium did not—and should not—have remote access to customers' security data except in a very few cases where customers had granted access. But this appears to have been a change made after Tanium lost access to the El Camino Hospital network in 2015.
"We do have a few customers who have agreed for us to use their environments for external demos and have provided that access to us," Hindawi wrote. "Since 2015, we’ve insisted that before a customer is willing to let us demo from their environment, regardless of the access they offer us, we document that in writing and agree on what data we can show to ensure there isn’t any confusion. Other than the few customers who have signed those documents and provided us remote access to their Tanium platforms, we do not—and in fact cannot—demonstrate customer environments with Tanium."
Hindawi called the El Camino systems accessed a "demo environment," indicating that it was a proof of concept testbed set up by the hospital and not an actual live network. "That said, we take responsibility for mistakes in the use of this particular customer’s demo environment," he wrote. "We should have done better anonymizing that customer’s data… Looking at those demos, we see there are easy things we should have done to obscure and anonymize further."