WhoshouldIsee Tracks

Customer Story

South London and Maudsley NHS Foundation Trust

Discover how BlueFort Security and iboss empowered South London and Maudsley NHS Foundation Trust by reducing cost, boosting productivity, and protecting our much-loved NHS.
South London and Maudsley NHS Foundation Trust, also known as SLAM, is an NHS Foundation Trust based in London, which specialises in mental health. It comprises of four hospitals, with specialist psychiatric care, and over 100 community sites, and 300 clinical teams. Each year, healthcare centres linked to the trust provide inpatient care for over 5,000 people, and treat more than 40,000 patients in the Lambeth, Southwark, Lewisham, and Croydon communities. With 9,500 users and 5,000 concurrent connections, SLAM previously relied on a legacy VPN and Squid proxy system, which struggled to support their dispersed workforce and growing security demands. To modernise their infrastructure, they transitioned to iboss’ consolidated SaaS network and security service, ensuring seamless, secure, and scalable connectivity while enhancing cybersecurity, compliance, and user experience.

Key challenges

  • Outdated Infrastructure: Legacy on-premise proxy servers couldn’t support a dispersed workforce.
  • Poor User Experience: Clunky access systems led to frequent complaints.
  • High IT Management Overhead: Addressing user issues and maintaining old infrastructure required significant time and resource.
  • Need for a Modern Solution: To reduce IT workload and improve efficiency, a modern solution was required.

Key solutions

  • Infrastructure Modernisation: Replaced outdated proxy systems with iboss’ unified cloud-based platform, delivering a seamless user experience.
  • Enhanced Cybersecurity: Introduced advanced threat management, real-time monitoring, and granular reporting to mitigate risks and strengthen compliance.
  • Regulatory Alignment: Simplified adherence to CAF and DSPT standards through enhanced visibility and structured threat management capabilities.
  • Support for Hybrid Work: Provided secure, reliable network access for remote users, eliminating bottlenecks and ensuring consistent security.
  • Cost Efficiency: Phased implementation spread costs and consolidated multiple legacy systems into a single, high-performance solution.

Overview of the situation

SLAM NHS faced a range of interconnected challenges, stemming from its reliance on outdated proxy systems, and the evolving demands of its hybrid workforce. The trust’s legacy Load Balancer (ADC) and Squid proxy systems had become inefficient and cumbersome. These challenges placed an increased burden on the digital team, detracting from strategic objectives and requiring significant resource allocation to resolve routine issues.

As part of the UK’s Critical National Infrastructure (CNI), SLAM NHS was acutely aware of the escalating threat landscape, with cyberattacks targeting sensitive healthcare data, posing a substantial risk to operations, reputation, and patient safety. Since 2021, over a third of NHS staff have transitioned to hybrid work, exponentially expanding the attack surface. The limitations of the legacy systems made it difficult to scale effectively or manage security risks in a dynamic working environment.

Stuart MacLellan, Chief Technology Officer at SLAM NHS, said: “We had a complicated legacy infrastructure around our on-premises proxy servers which were used for login and monitoring of web activity. This was not fit for purpose, especially with a dispersed workforce. Users were not getting the best experience when accessing the network via our previous clunky system and old proxy servers, and as a result we would get user complaints which then required a lot of management for the IT team. This was an area we needed to remove from our workload and so we decided to look at our options.”

Additionally, the trust faced challenges in meeting the rigorous compliance requirements set out in the Cyber Assessment Framework (CAF) and the Data Security and Protection Toolkit (DSPT). These frameworks are critical for maintaining operational integrity and protecting sensitive data, yet the trust’s legacy systems lacked the necessary visibility and reporting capabilities to streamline compliance processes.

Budget constraints added another layer of complexity. As a public sector organisation, SLAM NHS required a solution that not only met its technical and operational needs, but also aligned with its financial limitations.

Quote marks

“We had a complicated legacy infrastructure around our on-premise proxy servers which were used for login and monitoring of web activity. This was not fit for purpose, especially with a dispersed workforce. Users were not getting the best experience when accessing the network via our previous clunky system and old proxy servers, and as a result, we would get user complaints which then required a lot of management for the IT team. This was an area we needed to remove from our workload and so we decided to look at our options.”

Stuart MacLellan, Chief Technology Officer at SLAM NHS

BlueFort Security and iboss Solution

BlueFort Security, a trusted cybersecurity partner and G-Cloud 14 supplier, introduced the iboss Consolidated SaaS Network and Security Service, addressing the trust’s challenges with a phased, budget-conscious approach. The deployment of iboss’ Zero Trust Core and Advanced packages, replaced the legacy systems with a modern, scalable, and cost-effective solution.

Key Outcomes

  1. Simplified Operations: Consolidated multiple vendors and systems into a unified platform, reducing complexity and administrative overhead.
  2. Improved Compliance: Streamlined reporting and alignment with CAF and DSPT requirements, ensuring robust data protection and operational integrity.
  3. Enhanced Security: Advanced controls, automated threat detection, and real-time monitoring improved resilience against cyber threats.
  4. User Satisfaction: Improved network performance and usability, reducing IT support tickets by 208 hours annually.
  5. Cost Savings: Optimised resource allocation and reduced infrastructure expenses, maximising the return on investment.

Stuart reported: “The granularity of the iboss solution reporting means it is so much easier to gain detail on user activity and potential threats, so we can now support with evidence with the DSPT and CAF requirements. It has given us greater visibility and helped us deliver aspects of the ‘managing vulnerability and threat landscape aspect of the CAF framework’ which we need to stay compliant. This wasn’t possible with our traditional proxy.”

How BlueFort Security Made a Real Difference

BlueFort Security’s expertise and tailored approach transformed SLAM NHS’s web-browsing security posture, addressing its unique challenges with a comprehensive, scalable solution. By deploying iboss’ platform, BlueFort enabled the trust to modernise its infrastructure, improve operational efficiency, and reduce security risks: all while staying within budgetary constraints.

The partnership delivered immediate and measurable benefits, including enhanced compliance, improved user experience, and significant cost savings. Importantly, it set the foundation for a future-ready zero-trust security model, equipping SLAM NHS to adapt to evolving threats and operational demands.

Stuart told us: “We looked at several enterprise-wide proxy servers. iboss commercials were fantastic to help meet our limited budgets. The system also gives us greater visibility on what people are doing remotely on their laptops. This information comes straight into our cybersecurity platform, so we can see potential threats in a timelier manner compared to the existing proxies. We have seen improved usability and visibility across the entire environment, which has led to greater efficiency within my team as less time is needed to resolve service support tickets compared to the legacy solution.”

BlueFort Security’s role as a trusted partner ensured that SLAM NHS could focus on delivering high-quality healthcare services with the confidence that its systems, data, and users are well protected. Through innovative solutions and a deep understanding of the healthcare sector’s challenges, BlueFort Security has established itself as an essential partner for many NHS trusts navigating complex cybersecurity landscapes.

See how BlueFort can help you simplify your cybersecurity

Book a Demo