Signal: The Tooling Gap Is Usually a Process Gap
Most orgs don’t have a tooling problem. They have an ownership, baseline, and workflow problem.
When something breaks, the reflex is predictable:
“We need a better tool.”
Sometimes that’s true. Most of the time, it isn’t.
The more common reality is uglier and more fixable:
The tooling gap is usually a process gap.
The pattern
You’ll see it in different costumes, but it’s the same story:
- “We have an MDM… but only half the devices are enrolled.”
- “We have an EDR… but alerts aren’t reviewed consistently.”
- “We have a ticketing system… but the work happens in Slack.”
- “We have policies… but nobody knows where they are.”
- “We have backups… but restores aren’t tested.”
- “We have logs… but retention is short and nobody owns the dashboard.”
Tools exist. Outcomes don’t.
Why tools don’t save you
Tools can’t fix:
- unclear ownership
- inconsistent workflows
- missing baselines
- bad handoffs
- exceptions without expiration
- “temporary” decisions with permanent consequences
Without process, tools become expensive wallpaper.
The three missing pieces
1) Ownership
Every system needs a named human owner.
Not “IT.” Not “the team.” A person.
Ownership means:
- someone notices drift
- someone closes the loop
- someone maintains baselines
- someone gets yelled at (which is uncomfortable but effective)
2) Baselines
If you can’t define “known good,” you can’t recover quickly.
Baselines include:
- device config standards
- account and MFA expectations
- what “enrolled” means
- what “patched” means
- what “backed up” means
- what logs are required and for how long
Baselines make reality measurable.
3) Workflows that survive stress
If your workflow only works when the perfect person is available, it’s fiction.
Survivable workflows are:
- simple
- documented
- repeatable
- enforced with gentle friction
- resilient to handoffs
The diagnostic question
Before buying a new tool, ask:
“If we had perfect process, would this tool still be necessary?”
If the answer is “no,” fix the process first. It’s cheaper and it sticks.
What this looks like in practice
Instead of “buy another platform,” the move is usually:
- standardize onboarding/offboarding
- enforce MFA and recovery paths
- inventory assets properly
- define patch timelines
- test restores
- assign review ownership for alerts
- remove exceptions or set expiration dates
This doesn’t feel exciting. It wins anyway.
Bottom line
Tools are multipliers.
If your process is weak, tools multiply chaos.
Fix ownership, baselines, and workflows first. Then tools become leverage instead of wallpaper.