National Institutes of Health (NIH)
Supporting 27 Institutes, Centers, and Offices (ICOs)
The National Institutes of Health operates one of the largest and most complex civilian research and healthcare IT environments in the federal government. With a highly distributed workforce, diverse mission needs, and a growing attack surface across endpoints, NIH required a modern approach to endpoint security and management—one that could scale across all 27 Institutes and Centers while aligning to Zero Trust principles.
Our team was engaged to provide enterprise endpoint architecture, endpoint platform-as-a-service, security engineering, and cybersecurity operations, supporting more than 50,000 endpoints across the NIH enterprise.
NIH faced several structural challenges common to large, decentralized federal environments:
A highly federated endpoint landscape spanning 27 ICOs with varying technical maturity
Limited enterprise-wide visibility into endpoint health, security posture, and compliance
Legacy endpoint management and security models that were not designed for Zero Trust
Increasing cybersecurity risk driven by remote work, hybrid computing, and evolving threat actors
The need to improve security without disrupting mission-critical biomedical research
NIH required a solution that could modernize endpoint security at scale while respecting decentralized governance and enabling enterprise-level consistency.
Our team designed and executed a Zero Trust–aligned endpoint modernization strategy focused on architecture, platform standardization, and security engineering rather than individual tools.
Key elements of the approach included:
Enterprise Endpoint Architecture
Defined a unified endpoint architecture that aligned to Zero Trust device principles, enabling consistent security enforcement across disparate organizations while supporting local operational needs.
Endpoint Platform as a Service (EPaaS)
Delivered a centrally engineered, scalable endpoint platform that NIH Institutes and Centers could consume as a service, reducing duplication, improving consistency, and accelerating adoption.
Security Engineering & Cyber Resilience
Integrated modern endpoint security capabilities, including continuous monitoring, behavioral threat detection, and automated response, to significantly improve enterprise-wide risk reduction.
Federated Governance Model
Enabled each ICO to retain operational control while benefiting from shared enterprise security baselines, visibility, and reporting.
Scalable Operations & Adoption
Supported large-scale enrollment, onboarding, and operational sustainment across tens of thousands of endpoints without disrupting research or clinical missions.
The modernization effort delivered measurable improvements across the NIH enterprise:
Secured 50,000+ endpoints across all 27 Institutes, Centers, and Offices
Improved enterprise visibility into endpoint health, compliance, and security posture
Reduced cybersecurity risk through modern detection, response, and continuous monitoring
Standardized Zero Trust device controls across a highly federated environment
Enabled faster onboarding and scalability for new users, devices, and programs
Strengthened NIH’s overall cybersecurity maturity without sacrificing mission agility
The result was a more resilient, secure, and manageable endpoint environment capable of supporting NIH’s evolving research, healthcare, and operational demands.
This initiative demonstrates that Zero Trust at scale is achievable—even in large, decentralized federal environments—when architecture, security engineering, and platform strategy are aligned.
By focusing on outcomes over tools, NIH was able to modernize its endpoint ecosystem in a way that improved security, reduced risk, and established a sustainable model for future growth.
