Skip navigation

An Enterprise Healthcare CISO’s Journey to Zero Trust

In this guide, you’ll find:

  • A detailed account of one healthcare CISO's experience with a zero-trust security model
  • An overview of the needs of his hybrid, mobile and cloud environment, as well as the need to meet HIPAA compliance
  • How he balanced usability and security and fit Duo Beyond into his existing network architecture
  • Plus - the hefty number of shadow devices that surprised him after they gained device insight with Duo

At Duo, success starts with our customers. As a healthcare Chief Information Security Officer (CISO), you're responsible for identifying patient safety or care issues, while driving the selection and adoption decisions on technology purchases to help address those concerns.

We talked to the CISO of a large enterprise healthcare network with over 20,000 users, managing 60,000 devices - and serving the needs of over half a million patients a year.

A healthcare enterprise that large needs a powerful, flexible and low-maintenance access security solution that doesn't introduce friction to workflows, and can work with complex, interconnected systems. Oh, and it must work for every user scenario, with technical accessibility limitations. Did we mention it also has to provide a rich dataset for compliance audits and reporting needs? No big deal.

Here’s how the CISO was able to do it all and employ a zero-trust security model with Duo’s trusted access solution, Duo Beyond.

A sample of the questions answered by a CISO that’s been through it all before, available in the full guide:

  • Who are your users? How are you using Duo Beyond?
  • How did your users and admins respond?
  • What did you learn about your users and how they work? How did this change your endpoint strategy?
  • Was there a business benefit you were able to present based on gathering insight from those devices?
  • Any other advice or tips for other peers starting to research a project like yours?