Enterprise Zero Trust & Endpoint Modernization at the National Institutes of Health
Customer
National Institutes of Health (NIH)
Supporting 27 Institutes, Centers, and Offices (ICOs)
Overview
The National Institutes of Health operates one of the largest and most complex civilian research and healthcare IT environments in the federal government. With a highly distributed workforce, diverse mission needs, and a growing attack surface across endpoints, NIH required a modern approach to endpoint security and management—one that could scale across all 27 Institutes and Centers while aligning to Zero Trust principles.
Our team was engaged to provide enterprise endpoint architecture, endpoint platform-as-a-service, security engineering, and cybersecurity operations, supporting more than 50,000 endpoints across the NIH enterprise.
Challenge
NIH faced several structural challenges common to large, decentralized federal environments:
-
A highly federated endpoint landscape spanning 27 ICOs with varying technical maturity
-
Limited enterprise-wide visibility into endpoint health, security posture, and compliance
-
Legacy endpoint management and security models that were not designed for Zero Trust
-
Increasing cybersecurity risk driven by remote work, hybrid computing, and evolving threat actors
-
The need to improve security without disrupting mission-critical biomedical research
NIH required a solution that could modernize endpoint security at scale while respecting decentralized governance and enabling enterprise-level consistency.
Our Approach
Our team designed and executed a Zero Trust–aligned endpoint modernization strategy focused on architecture, platform standardization, and security engineering rather than individual tools.
Key elements of the approach included:
-
Enterprise Endpoint Architecture
Defined a unified endpoint architecture that aligned to Zero Trust device principles, enabling consistent security enforcement across disparate organizations while supporting local operational needs. -
Endpoint Platform as a Service (EPaaS)
Delivered a centrally engineered, scalable endpoint platform that NIH Institutes and Centers could consume as a service, reducing duplication, improving consistency, and accelerating adoption. -
Security Engineering & Cyber Resilience
Integrated modern endpoint security capabilities, including continuous monitoring, behavioral threat detection, and automated response, to significantly improve enterprise-wide risk reduction. -
Federated Governance Model
Enabled each ICO to retain operational control while benefiting from shared enterprise security baselines, visibility, and reporting. -
Scalable Operations & Adoption
Supported large-scale enrollment, onboarding, and operational sustainment across tens of thousands of endpoints without disrupting research or clinical missions.
Results & Impact
The modernization effort delivered measurable improvements across the NIH enterprise:
-
Secured 50,000+ endpoints across all 27 Institutes, Centers, and Offices
-
Improved enterprise visibility into endpoint health, compliance, and security posture
-
Reduced cybersecurity risk through modern detection, response, and continuous monitoring
-
Standardized Zero Trust device controls across a highly federated environment
-
Enabled faster onboarding and scalability for new users, devices, and programs
-
Strengthened NIH’s overall cybersecurity maturity without sacrificing mission agility
The result was a more resilient, secure, and manageable endpoint environment capable of supporting NIH’s evolving research, healthcare, and operational demands.
Why It Matters
This initiative demonstrates that Zero Trust at scale is achievable—even in large, decentralized federal environments—when architecture, security engineering, and platform strategy are aligned.
By focusing on outcomes over tools, NIH was able to modernize its endpoint ecosystem in a way that improved security, reduced risk, and established a sustainable model for future growth.