You should plan an implementation process that works for your team and from within the constraints on your resources. Many teams choose to plan a staged rollout where subsets of users are added over X period of time. The benefits of a staged rollout include the ability to provide hands-on support as needed and collecting common questions from users.
Depending on your team’s culture, you may find an email campaign, a Slack campaign, a Lunch and Learn series, or a mixture of these strategies will be the most effective method of communicating a pending Kolide launch. Whichever method you choose, the most important aspect is that you communicate to your colleagues about Kolide early and often before the implementation date.
Feel free to use the following information as a starting point, or to write up your own messaging from scratch. The below suggestions were written in expectation that you'll be rolling Kolide out through the Slackbot. If, instead, you'll be using an MDM service be sure to update language where applicable.
Important note! Please do not just copy/paste these messages over to your team, but instead read them as suggestions for ways to talk about Kolide and why you have chosen to move forward with this tool over others that you were evaluating. Many of the prompts below require customization before sending.
In the next few days, you will receive a Slack message to download Kolide:
Caption: Kolide’s welcome message and enroll a device prompt
When you receive this message, please download the appropriate installer for your platform and open it to complete the installation. Going forward,
[Company Policy here; for example: new employees will get this message automatically when they join Slack.]
What is Kolide?
Kolide is an app that regularly checks your laptop for security issues such as: whether your hard disk is unencrypted; alert when important security updates to your browser and OS are available; and, you are running software with known vulnerabilities. Kolide will not alter anything on your device. Instead, it simply notifies you on Slack when your laptop is not following best practices or is not compliant with your company’s security policies and lets you know how to fix the issue. Messages from Kolide will explain each problem in detail and give you step by step instructions on how to fix them yourself. If you run into difficulty, you’ll also be able to escalate to the IT Team for assistance.
The Kolide Slack app will prompt you with step-by-step instructions about how to get started and how to use it. If you ever need a reminder on what Kolide can do, just send a message saying, “help” and Kolide will respond with your available options. It looks like this:
Caption: Commands for the Kolide app
Why do we need Kolide?
Kolide helps us be consistent about our approach to laptop security. It makes sure we are meeting a basic standard across the company, without compromising the control you have over your laptop. There are three basic drivers behind it:
For our customers
<Mention needs for customer compliance and your internal culture of caring for the data customers entrusted. Examples include: access to information that belongs to others, access to systems that run critical business infrastructure, and applications that are regularly impacted by security vulnerabilities.>
For our own sake
You might be surprised to learn that almost no one passes all Checks with their first try. Among testers, Checks like X, Y, Z failed. (Examples: a hard drive was found unencrypted, multiple sets of 1Password recovery keys were found stored in plaintext, encrypted SSH keys were found). This is surprising, but it reveals an important insight: security is hard to get right, even if you know what you should be doing. Kolide helps you stay on top of it with minimal fuss and stay aware of new issues.>
For the future
<Where are you as a company headed in the near term and long term security requirements? Is there an audit you’re working toward? An important development to your product that needs to be kept “stealthy”?>
How does it work?
Kolide uses osquery to aggregate data in a fashion that allows it to be queried like a database individually or collectively as a fleet. It is specifically designed to be lightweight on your computer and transparent so that you know what data was collected, when it was collected, and who has access to it. Check out the Privacy Center for more details: https://k2.kolide.com/x/my/privacy
Once you have enrolled your device, you will be prompted to resolve any current issues on your device. Most people are surprised to find that there are issues present that they were not aware of! Some common issues that pop up when Kolide is first downloaded are: needing to update your operating system or browser; SSH key encryption is off; and, backup codes for common apps like GitHub or 1Password are stored in a plain text file on your computer. Kolide will walk you step-by-step through how to resolve any issues. Your first experience might look like this:
Caption: The Kolide app has surfaced three issues that require resolution
Clicking “More Info/Resolve” will provide a new prompt that explains what the issue is, why it is a problem, and what steps you can take to solve that issue.
In the specific instance above of needing to update Google Chrome, the more info button will provide the below information. One aspect that is really helpful is that Kolide will also provide expectations for the amount of time that resolving the issue will take you.
Caption: The More Info / Resolve screen provides specific information about the issue and the steps required to resolve it.
Once you have resolved the issue, ask Kolide to “Check Again” and then, if the issue is truly fixed, Kolide will mark the issue as resolved. You could also contact your Admin for assistance, if needed.
Caption: The final step in resolving an issue is to click the button that reads “I’ve fixed it. Check again”.
It is both normal and expected that you will have open Issues as you get started with Kolide. This is one of the reasons we choose to buy the service. Work towards resolving any Issues within the first three days, and reach out for assistance as needed.
Kolide’s Privacy Center
Kolide reports data it collects to a central server. It then analyzes that data to alert you and the IT team and you of any failure in security policy or issue with your laptop.
The Privacy Center allows you to get a better understanding of which devices Kolide knows about, what data is collected from those devices, what checks the IT team has enabled, and who in the company can access the collected data.
You can access this privacy center at any time by sending the word “privacy” to the Kolide app in Slack. Or by accessing this link: https://k2.kolide.com/x/my/privacy
Caption: Kolide’s User Privacy Guarantee. As a company who cares about Honest Security, Kolide cares about transparency for you in every step of the process.
Now that you have communicated with your team about what Kolide is and why you chose this service over the other available options on the market, it is time to onboard. You can roll Kolide out to your end users via your MDM service or through Slack.
If you choose to roll out using MDM, be sure to assign full disk access to the app profile. You can read more here: http://help.kolide.com/en/articles/2947201-deploying-the-kolide-installer-to-your-organization
If you choose to roll out using the Slack process, don’t forget to relay your expected completion timeline to your team. Nothing motivates like a deadline!
As users begin to enroll their devices in Kolide and resolve Issues, you may receive questions about why Kolide is collecting specific types of data. We recommend thinking through your data collection policies prior to rollout.
Links to our Getting Started Guide:
Step One: Planning Your Initiative http://help.kolide.com/en/articles/6672609-getting-started-guide-planning-your-initiative
Step Two: Configuring Kolide http://help.kolide.com/en/articles/6672642-getting-started-guide-configuring-kolide
Step Three: Rolling Out Kolide http://help.kolide.com/en/articles/6672665-getting-started-guide-rolling-out-kolide
Bonus: Admin FAQ http://help.kolide.com/en/articles/2981407-kolide-faq