Case Study: NHS North West London achieves Zero Trust enforcement, stronger threat prevention and reduced IT costs with Heimdal Security

NHS North West London Enhances Cybersecurity with Heimdalʼs PEDM, Application Control, and DNS Security

NHS North West London Integrated Care Board (ICB), responsible for securing 400 GP practices and over 10,500 devices, faced serious admin-privilege risks, cultural resistance to removing local admin rights, and high IT costs from required site visits. To modernize its security and enforce Zero Trust, the ICB engaged Heimdal Security and deployed its Privileged Elevation & Delegation Management (PEDM), Application Control, DNS Security, plus compliance auditing and remote security management.

Heimdal Security piloted the solution across five practices then rolled it out to all 400, removing permanent admin rights, allowing only approved applications, blocking malicious domains, and providing 90‑day logs to meet CAF/DSPT requirements. The deployment enabled real-time isolation of compromised devices, significantly reduced on-site IT visits and operational costs, and strengthened the ICB’s overall security posture across more than 10,500 devices.

NHS North West London

Abhilash Abraham

Head of IT Security & Cybersecurity