Novix brand logo
Representative Engagement

Multinational Healthcare.

Zero Trust Network Transformation

Anonymized engagement led by the Novix team for a healthcare organization (12,000+ employees)

Engagement summary
Before

Legacy VPN dependence, flat networks, and exposed clinical devices were limiting safe access at scale.

Intervention

The team redesigned access around identity, segmentation, ZTNA, and cloud-delivered enforcement.

Outcome

Secure access became faster and more consistent while the attack surface and VPN dependence dropped sharply.

Engagement Frame
Context

Anonymized engagement led by the Novix team for a healthcare organization (12,000+ employees)

Delivery
  • 01Perimeter & Identity Audit
  • 02Zero Trust Architecture Design
  • 03ZTNA & SASE Deployment
Result
Identity-Led
Access Model
Zero
Broad VPN Access

The Challenge

Vulnerable perimeters
restricting agility.

  • Over-reliance on VPNs: Legacy access patterns were carrying too much risk for a distributed workforce.
  • Lateral movement risks: Limited segmentation meant internal threats could move too freely.
  • Medical endpoint exposure: IoT and clinical devices created difficult entry points and uneven controls.
  • Inconsistent access policy: Security rules varied across clinics, users, and headquarters.

Delivery Protocol

  • 01
    Perimeter & Identity Audit
  • 02
    Zero Trust Architecture Design
  • 03
    ZTNA & SASE Deployment
  • 04
    Network Micro-Segmentation
  • 05
    Monitoring & Handover

Execution Detail

The team replaced broad network trust with identity-driven validation, segmentation, and secure access patterns aligned to clinical reality.

  • 01Identity-driven ZTNA: Direct-to-app access based on identity risk and device health rather than network location.
  • 02Micro-segmentation: Clinical, administrative, and IoT traffic separated to reduce lateral movement.
  • 03SASE rollout: Cloud-delivered edge controls applied consistently across remote and on-site users.
  • 04Continuous evaluation: Live telemetry used to adapt access and enforce safer policy decisions.

Outcome

Identity-Led
Access Model
Zero
Broad VPN Access
Segmented
Traffic Flows
Faster
Secure Access

Transformation Snapshot

Before Engagement

  • Open perimeter-style network
  • Legacy VPN-based remote access
  • Limited internal traffic filtering
  • Identity treated as a secondary control

After Delivery

  • + Identity-centric Zero Trust model
  • + Direct-to-app secure access
  • + Segmented workloads and sites
  • + Continuous risk-based evaluation

Ready to modernize your network security?

Discuss Zero Trust