NHS trust strengthens identity security posture and compliance by protecting patient services
PROTECTED ENVIRONMENT
Domain controllers: 6
Core on-prem apps: 12+
Privileged admin tools: PowerShell, CLI, RDP, VPN
PROTECTED ACCOUNTS
4,000+ users
100+ service accounts
INDUSTRY
Healthcare (NHS)
BASED
London, UK
THE CHALLENGE:
CUSTOMER OVERVIEW
About
The London-based NHS trust is one of the largest healthcare providers in the UK, serving over one million residents across multiple boroughs. As a world-class teaching hospital and specialist care provider, the trust plays a critical role in delivering life-saving services to its community.
Environment
The Trust operates a hybrid environment with legacy on-prem infrastructure, Active Directory (AD), and multiple core clinical and administrative applications. Their ecosystem includes 6 domain controllers, 100+ service accounts and thousands of end users and clinical staff accessing resources through VPN, RDP, PowerShell, and CLI tools.
Why now:
Responding to compliance pressure and evolving threats
In the wake of the high-profile Synnovis ransomware attack in 2024 and the introduction of stricter NHS cyber regulations, the NHS trust was under mounting pressure to strengthen identity hygiene and implement modern access controls. Constrained by limited internal resources, the IT team looked for a scalable solution that would ensure compliance with the Cyber Assessment Framework (CAF) and the Data Security and Protection Toolkit (DSPT)—all while minimising disruption to clinical operations.
Moving forward
What began as a targeted MFA tool deployment quickly evolved into a broader identity security transformation. With Silverfort, the NHS trust was able to meet with CAF and DSPT requirements, significantly reduced identity security risk, and gained end-to-end visibility into authentications activity across all users and resources, including on-prem service accounts.
The deployment was completed without disrupting hospital operations, and the IT team is now equipped with granular policy-based controls, real-time monitoring of all the authentications, and complete coverage of privileged access. With Silverfort in place, the NHS trust has laid the foundation for a proactive identity security strategy that protects critical and sensitive patient services and strengthens resilience against identity-based threats.
About Silverfort
Silverfort secures every dimension of identity. We deliver end-to-end identity security that is easy to deploy and won’t disrupt business operations, resulting in better security outcomes with less work. Discover every identity, analyze exposures, and enforce protection inline to stop lateral movement, ransomware, and other identity threats.
About BlueFort Security
BlueFort is the UK’s leading Security Solutions Provider (SSP), trusted since 2007 to help organisations operate securely in an increasingly complex digital world. BlueFort protects hundreds of organisations and millions of users through solutions aligned with globally recognised security and compliance frameworks — from NIST, ISO 27001, and Cyber Essentials Plus to CIS Controls, NIS2, SOC 2, DORA and the UK’s NCSC guidelines. Their expertise begins with robust identity & access management and advanced cloud security, then extends across the full landscape of cybersecurity, including operational technology (OT) security, data protection, threat detection and response, compliance, and the safe adoption of AI tools. BlueFort Security is a trusted cybersecurity partner. A Crown Commercial Services and G-Cloud 14 supplier.
Moving forward
What began as a targeted MFA tool deployment quickly evolved into a broader identity security transformation. With Silverfort, the NHS trust was able to meet with CAF and DSPT requirements, significantly reduced identity security risk, and gained end-to-end visibility into authentications activity across all users and resources, including on-prem service accounts.
The deployment was completed without disrupting hospital operations, and the IT team is now equipped with granular policy-based controls, real-time monitoring of all the authentications, and complete coverage of privileged access. With Silverfort in place, the NHS trust has laid the foundation for a proactive identity security strategy that protects critical and sensitive patient services and strengthens resilience against identity-based threats.
Why now:
Responding to compliance pressure and evolving threats
About Silverfort
Silverfort secures every dimension of identity. We deliver end-to-end identity security that is easy to deploy and won’t disrupt business operations, resulting in better security outcomes with less work. Discover every identity, analyze exposures, and enforce protection inline to stop lateral movement, ransomware, and other identity threats.
About BlueFort Security
BlueFort is the UK’s leading Security Solutions Provider (SSP), trusted since 2007 to help organisations operate securely in an increasingly complex digital world. BlueFort protects hundreds of organisations and millions of users through solutions aligned with globally recognised security and compliance frameworks — from NIST, ISO 27001, and Cyber Essentials Plus to CIS Controls, NIS2, SOC 2, DORA and the UK’s NCSC guidelines. Their expertise begins with robust identity & access management and advanced cloud security, then extends across the full landscape of cybersecurity, including operational technology (OT) security, data protection, threat detection and response, compliance, and the safe adoption of AI tools. BlueFort Security is a trusted cybersecurity partner. A Crown Commercial Services and G-Cloud 14 supplier.
THE CHALLENGE:
CUSTOMER OVERVIEW
About
The London-based NHS trust is one of the largest healthcare providers in the UK, serving over one million residents across multiple boroughs. As a world-class teaching hospital and specialist care provider, the trust plays a critical role in delivering life-saving services to its community.
Environment
The Trust operates a hybrid environment with legacy on-prem infrastructure, Active Directory (AD), and multiple core clinical and administrative applications. Their ecosystem includes 6 domain controllers, 100+ service accounts and thousands of end users and clinical staff accessing resources through VPN, RDP, PowerShell, and CLI tools.
In the wake of the high-profile Synnovis ransomware attack in 2024 and the introduction of stricter NHS cyber regulations, the NHS trust was under mounting pressure to strengthen identity hygiene and implement modern access controls. Constrained by limited internal resources, the IT team looked for a scalable solution that would ensure compliance with the Cyber Assessment Framework (CAF) and the Data Security and Protection Toolkit (DSPT)—all while minimising disruption to clinical operations.
NHS trust strengthens identity security posture and compliance by protecting patient services
PROTECTED ENVIRONMENT
Domain controllers: 6
Core on-prem apps: 12+
Privileged admin tools: PowerShell, CLI, RDP, VPN
PROTECTED ACCOUNTS
4,000+ users
100+ service accounts
INDUSTRY
Healthcare (NHS)
BASED
London, UK
