How a leading US healthcare organization secured privileged access to ensure HIPAA compliance
PROTECTED ENVIRONMENT
AD domains: 2 (root + child)
Infrastructure: NSX, Nutanix Flow, Microsoft Entra, Hybrid AD
Privileged admin tools: PowerShell, SSH, RDP, DRAP, IIS
PROTECTED ACCOUNTS
40+ users
100+ service accounts
INDUSTRY
Healthcare
BASED
Northeast US
THE CHALLENGE:
CUSTOMER OVERVIEW
Why now:
Addressing regulatory mandates and identity security blind spots
The organization’s main goal was to close identity security blind spots and ensure HIPAA compliance with strong access controls for highly privileged users and service accounts. In parallel, they aimed to reduce the operational burden of managing endpoint agents, gain full visibility into authentication flows, and secure critical systems that don’t support agent-based deployments, including Dell Remote Access Controllers (DRACs), Intelligent Platform Management Interfaces (IPMIs), and SSH endpoints.
Environment
The organization operates a hybrid environment with a root and child on-prem AD domain, integrated with Microsoft cloud services. They use a custom IAM system that automatically maps users to job roles. Key technologies include PowerShell, Internet Information Services (IIS), RDP, VMware ESXi, and NSX micro segmentation with ongoing migration to Nutanix Flow. The team also oversees more than 100 service accounts and an elevated number of domain admins supporting homegrown applications and legacy resources.
About
The Northeastern US-based healthcare organization supports patient services across senior care and pharmacy operations. With a highly customized IT environment and an in-house development team, the organization manages critical infrastructure and sensitive data, all of which is governed under HIPAA compliance.
Moving forward
What began as a HIPAA compliance-driven initiative to secure privileged access quickly evolved into a broader effort to strengthen identity security across the organization’s hybrid environment. By implementing strong access controls for privileged users and service accounts, the healthcare provider significantly reduced its exposure to identity-based threats spanning legacy infrastructure, on-prem systems, and hybrid environments.
With consistent MFA enforcement, full visibility into authentication activity, and granular policy flexibility, the organization is now better equipped to manage privilege access at scale. Looking ahead, the organization plans to further mature its identity strategy by applying Just-in-Time (JIT) access policies and expanding protections across its growing cloud infrastructure, ensuring long-term alignment with compliance, security and operational priorities.
Learn more
About Silverfort
Silverfort secures every dimension of identity. We deliver end-to-end identity security that is easy to deploy and won’t disrupt business operations, resulting in better security outcomes with less work. Discover every identity, analyze exposures, and enforce protection inline to stop lateral movement, ransomware, and other identity threats.
Moving forward
What began as a HIPAA compliance-driven initiative to secure privileged access quickly evolved into a broader effort to strengthen identity security across the organization’s hybrid environment. By implementing strong access controls for privileged users and service accounts, the healthcare provider significantly reduced its exposure to identity-based threats spanning legacy infrastructure, on-prem systems, and hybrid environments.
With consistent MFA enforcement, full visibility into authentication activity, and granular policy flexibility, the organization is now better equipped to manage privilege access at scale. Looking ahead, the organization plans to further mature its identity strategy by applying Just-in-Time (JIT) access policies and expanding protections across its growing cloud infrastructure, ensuring long-term alignment with compliance, security and operational priorities.
THE CHALLENGE:
CUSTOMER OVERVIEW
About
The Northeastern US-based healthcare organization supports patient services across senior care and pharmacy operations. With a highly customized IT environment and an in-house development team, the organization manages critical infrastructure and sensitive data, all of which is governed under HIPAA compliance.
Environment
The organization operates a hybrid environment with a root and child on-prem AD domain, integrated with Microsoft cloud services. They use a custom IAM system that automatically maps users to job roles. Key technologies include PowerShell, Internet Information Services (IIS), RDP, VMware ESXi, and NSX micro segmentation with ongoing migration to Nutanix Flow. The team also oversees more than 100 service accounts and an elevated number of domain admins supporting homegrown applications and legacy resources.
Why now:
Addressing regulatory mandates and identity security blind spots
The organization’s main goal was to close identity security blind spots and ensure HIPAA compliance with strong access controls for highly privileged users and service accounts. In parallel, they aimed to reduce the operational burden of managing endpoint agents, gain full visibility into authentication flows, and secure critical systems that don’t support agent-based deployments, including Dell Remote Access Controllers (DRACs), Intelligent Platform Management Interfaces (IPMIs), and SSH endpoints.
Learn more
About Silverfort
Silverfort secures every dimension of identity. We deliver end-to-end identity security that is easy to deploy and won’t disrupt business operations, resulting in better security outcomes with less work. Discover every identity, analyze exposures, and enforce protection inline to stop lateral movement, ransomware, and other identity threats.
How a leading US healthcare organization secured privileged access to ensure HIPAA compliance
PROTECTED ENVIRONMENT
AD domains: 2 (root + child)
Infrastructure: NSX, Nutanix Flow, Microsoft Entra, Hybrid AD
Privileged admin tools: PowerShell, SSH, RDP, DRAP, IIS
PROTECTED ACCOUNTS
40+ users
100+ service accounts
INDUSTRY
Healthcare
BASED
Northeast US
