The challenge was not simply to introduce a new access technology. The organisation was working with a broad application landscape, different hosting patterns across on-premises and cloud environments, varying levels of clarity around ownership and user populations, and a legacy access model that no longer matched the needs of a more distributed business. LCG helped bring structure to that complexity by establishing the foundations for a more modern and policy-driven access approach.
The programme began with a discovery phase designed to create the clarity needed before implementation. LCG helped identify the remaining applications in scope, determine where they were located, map the users who required access, and define the access rights and permission levels needed for each one. In parallel, the engagement established a current-state baseline and a target architecture, creating a much clearer understanding of both the desired access model and the practical gaps that had to be addressed before rollout.
That method was central to the success of the engagement. Rather than compressing everything into a single deployment, the programme was shaped as a phased journey: discovery first, then private application access, validation, broader enablement, and continued refinement of controls. This sequencing reflected a disciplined approach to Zero Trust. Before policy can be enforced consistently, the application landscape has to be understood. Before user access patterns can be changed safely, the identity model and permission structure have to be clear. And before a new model can scale, the architecture has to support repeatable onboarding of applications and users.
From there, the engagement expanded into a broader access and traffic control model. LCG helped shape secure internet traffic controls, filtering and inspection policies, internal gateways for private application access, and advisory work around segmentation, modern access principles, and least-privileged access. Testing, validation, and change management were also part of the programme, helping ensure that the model could move from design into practical adoption.
The result was more than a planned Zero Trust initiative. LCG helped create a working access model that reduced ambiguity, improved control over internet traffic, modernised private application access, and reduced dependence on traditional VPN-based remote access. For the client, this meant a more mature and scalable approach to access - one better suited to the way the organisation operates today.