Orion Hindawi, the CEO of Tanium, has just posted an open letter after news stories broke this week that accused him of a litany of bad behaviour.
In one story, employees alleged that he had fired some people before their stock options vested in an attempt to keep his controlling interest in the company from being diminished (a charge the company denies). They also accused him of mocking and insulting people and spreading sex or drug rumours about current and former staffers, according to the report from Bloomberg.
At least 10 senior executives have left or been fired from the richly-valued security startup since the summer, the Wall Street Journal reported.
On top of that, the WSJ uncovered that Tanium had been giving prospective customers a view into a hospital’s live network while not fully protecting the identity of the hospital, a situation the company admits to.
The hospital also told Business Insider that it was unaware that the company was accessing parts of its live network and showing it to Titanium prospects and that it is now “investigating.” That kind of thing, as you might imagine, would be a major no-no for a security vendor to do, if it proves true. The reason companies buy security software is to protect themselves from unauthorised prying eyes.
In the open letter, Tanium admits that it did use the hospital’s live network in product demos, as well as other customers’ networks, but says it can only do so if it has been granted explicit permission including the technology for remote access.
As for accusations of brutish behaviour, Hindawi took a lesson from PR crises 101 by including a come-clean section in his letter where he explained himself, admitting he “can be hard-edged” and that the company can be “a stressful environment.”
Here’s the heart of that section (emphasis ours):
I also want to say there are some things they got right about their portrayal of Tanium. We see the mission of protecting and serving our customers as nearly sacred, and to that end it is absolutely true that we’ve built a culture that is highly demanding and mission oriented, and that we expect our employees to drive themselves hard with that same commitment to the mission that we have. When taken to an extreme, that drive can make for a stressful environment, which we are working to balance and prevent. It is true that I personally can be hard-edged, and that I’ve had to apologise to people at Tanium when I’ve gotten too sharp at times. It is true that we fire people when they don’t meet our ethical or performance standards, and we understand that from the outside that may raise questions about the number of people leaving.
Tanium was founded by Hindawi and his father a decade ago. It came to prominence after raising $US287 million of venture investment at a valuation of $US3.7 billion. Much of that came from the VC powerhouse Andreessen Horowitz after urging from former Microsoft executive Steven Sinofsky, an adviser for Andreessen Horowitz. Sinofsky once called Tanium’s technology “magic.”
Here’s the full open letter from Hindawi addressed to the company’s customers.
I can imagine that many of you are getting tired of waking up to the bad Tanium press stories hitting your inbox in the last week. Most of you know our company well, and reading these stories can be disturbing to all of us. Unfortunately, it’s not always effective to use the press directly to set facts straight in circumstances like this. That said, I don’t think they’re painting an accurate picture of our company, so I’m reaching out directly to all of you to give our side of this.
First, I would like to directly address the question we’re being asked, which is whether we have used customers’ environments for demos. Tanium is an on-premises deployed platform. Unless you explicitly provide it to us (which the vast majority of our customers never should or would) we do not have access to your on-premises installation of Tanium, and won’t ask for it unless we’re helping support you and only for that purpose. We do have a few customers who have agreed for us to use their environments for external demos, and have provided that access to us. Since 2015, we’ve insisted that before a customer is willing to let us demo from their environment, regardless of the access they offer us, we document that in writing and agree on what data we can show to ensure there isn’t any confusion. Other than the few customers who have signed those documents and provided us remote access to their Tanium platforms, we do not — and in fact cannot — demonstrate customer environments with Tanium.
That said, we take responsibility for mistakes in the use of this particular customer’s demo environment. We should have done better anonymizing that customer’s data. While viewers didn’t connect the demo environment to that customer for years, and we do not believe we ever put our customer at risk with the data we showed. Looking at those demos, we see there are easy things we should have done to obscure and anonymize further.
More generally, I also want to say there are some things they got right about their portrayal of Tanium. We see the mission of protecting and serving our customers as nearly sacred, and to that end it is absolutely true that we’ve built a culture that is highly demanding and mission oriented, and that we expect our employees to drive themselves hard with that same commitment to the mission that we have. When taken to an extreme, that drive can make for a stressful environment, which we are working to balance and prevent. It is true that I personally can be hard-edged, and that I’ve had to apologise to people at Tanium when I’ve gotten too sharp at times. It is true that we fire people when they don’t meet our ethical or performance standards, and we understand that from the outside that may raise questions about the number of people leaving. And it is true that as we’ve grown, we haven’t matured processes in some areas as quickly as we’ve added people, which is something we’re working hard to build faster. These are in fact all things we need to work on, and we’re doing so every day.
What is not true is that we have a toxic culture. Mission-oriented, hard-charging, disciplined, even intense, but not toxic. We do not belittle each other at work, and it is completely untrue that we fire people to save a few shares of stock. David and I are proud that many of the best people we worked with at BigFix chose to come work with us at Tanium, that many of them have done well for themselves and their families through these companies, and that they find fulfillment and joy in Tanium. I hope that I get to continue working with many of the people at Tanium for the rest of my career. That doesn’t happen if we’re stingy or cruel.
We don’t know when this news cycle is going to end and unfortunately we can’t control whether the press is wrong in the way it paints our company. That said, we can choose to learn what we can from these stories, then channel that learning and our commitment and passion for Tanium’s mission into great products and services for you. David and I are personally deeply committed to that mission, and we believe our whole team is even more motivated after these attacks on our character and company. To that end, I’d encourage you to reach out to the people you trust most at Tanium and get their view on our company and where we’re going.
It’s an honour to be a vendor and partner you trust, and we will work to earn that every day. If you have any questions please feel free to reach out directly to me.