“TAC got us moving forward with our Office 365 project. Now, all ZS employees have access to Office 365, each of them fully protected by TAC. Everyone we’ve worked with at PortSys has been extremely helpful — any time we’ve had an issue or needed to discuss a solution, the team has been more than willing to get on a call with us, all the way up to the CEO.”

“The TAC use case has broadened exponentially since 2016, to the point now that it serves as landing zones for more than 1,300 federated applications — including those in RDweb, AWS and even those that have HIPAA and HITRUST CSF requirements. All these resources and applications are fronted with TAC’s multi-factor authentication, which enables us to seamlessly authenticate the users’ full context of access before granting access — at no additional cost beyond the user licenses we already have.”

Axis Neuromonitoring technologists work from operating rooms across Texas, transmitting sensitive patient neural monitoring data to remote interpreting physicians in real time. ePHI in transit needed HIPAA-compliant protection without disrupting the OR clinical workflow.

TAC deployed in front of all clinical data systems. All OR-to-physician connections proxied through TAC’s encrypted single-port channel with MFA and continuous session validation. No clinical application changes required.

Patient data in transit fully protected. HIPAA Technical Safeguard requirements satisfied. Clinical workflow completely undisrupted. During the COVID-19 pandemic the company was able to rapidly extend secure remote access enterprise-wide overnight.

“TAC allowed us to have the flexibility of enabling remote, secure access for our entire field force, and for our interpreting physician experts, wherever they may be working from. And once the pandemic hit, we had to put our mobility strategy into overdrive almost overnight across our entire enterprise.”

The trust needed to provide secure remote access for clinical and administrative staff across multiple sites, while protecting legacy EHR and clinical systems that could not support modern authentication protocols or be modified due to clinical validation requirements.

TAC deployed as a single-tenant reverse proxy across the trust’s environment. MFA injected in front of legacy clinical systems including EHR and forms-based applications with zero code changes. SSO established across all protected applications from a single portal. Device posture validation enforced on every access request.

Clinical staff gained consistent, secure access to all applications through a single portal. NHS data security standards achieved. Legacy EHR systems protected with MFA and device posture checks without any application modifications or clinical re-validation.

“We were able to bring legacy clinical systems up to current authentication standards without touching the applications themselves. That was the critical requirement, and TAC delivered it.”

A 550-bed NHS University Hospital Trust with nearly 5,000 employees and approximately 1,000 partner users needed to replace Microsoft UAG. The hospital had no BYOD capability — 80% of remote access requests came from personal or partner devices. Staff needed to access hospital applications from any device, from anywhere.

TAC evaluated and approved by the Executive Management Board. The TAC portal went live with full application connections in less than a day. Per-application security policies configured in Active Directory. Soft tokens replaced physical tokens for MFA. Partner organisations onboarded without requiring hospital hardware.

Complete BYOD and partner device access enabled. Granular per-application policies deployed. Full audit trail implemented. Service desk provisioning time reduced significantly. Surrounding NHS trusts benchmarked against the hospital’s capabilities.

“TAC enables us to stand out from the crowd and, most importantly, provide better patient care.”

A UK county council serving over 1 million residents with 8,000+ employees needed to modernise remote access to support flexible working and NHS partner collaboration. Existing VPN provided no application-level control and no device-level enforcement.

TAC replaced legacy VPN with application-aware zero trust access. Staff and NHS partners granted access to specific applications based on role. MFA and device posture enforced across all council systems, with context-aware policies to deny access from unsecured public networks.

Application-level policy enforcement replaced broad network VPN access. NHS staff and partners securely onboarded without council hardware. Zero trust model achieved aligned with UK public sector security requirements.

“The TAC deployment was extremely quick. It was pretty much plug and play. We turned it on and it was very straightforward.”

A Canadian federal non-profit health technology organisation with a highly mobile, contractor-heavy workforce needed to replace Microsoft UAG during a Windows 10 migration. UAG failed entirely for Mac users — contractors had to physically travel to the office to access systems.

TAC deployed as a direct UAG replacement in one to two days. Reverse proxy architecture provided application access from any device and any browser. Context-aware policies denied connections from outside North America. VPN capability added for users requiring full-tunnel connections.

Any-device, any-browser access achieved. Mac users gained full remote access without office visits. Contractors freed from supported hardware list. Printer mapping eliminated the workaround of emailing documents for local printing.

“TAC is unbeatable. The decision was made really fast and easily because, as I said, there is no other product. I did a lot of research and I couldn’t find anything similar.”

The agency needed to secure remote access to legacy control systems and administrative applications across multiple facilities, without disrupting critical operations, modifying existing applications, or creating new attack surface through open firewall ports.

TAC deployed across the agency’s facilities as a reverse proxy, publishing all applications through a single encrypted port. MFA injected in front of legacy systems with no application changes. Device posture validation enforced on every access request. All other inbound firewall ports closed.

Zero application modifications required. MFA enforced across legacy and modern systems alike. Inbound attack surface reduced to a single port. NIST 800-171 access control requirements satisfied across all facilities.

OMPA needed secure remote access across distributed power generation facilities while meeting NERC CIP compliance requirements. Legacy VPN left multiple inbound ports exposed with no application-level controls for OT and SCADA interfaces.

TAC replaced VPN across all OMPA facilities. All inbound access ports closed except TAC’s single encrypted port. SCADA and OT interfaces published through TAC with MFA and device posture on every request.

VPN decommissioned and inbound attack surface reduced to a single port. NERC CIP requirements satisfied. OT and SCADA secured without impacting operational workflows.

“With TAC, I can set up a connection within hours that would have taken days or even weeks with our previous approach. TAC makes our security posture significantly stronger while also making things much easier for our team to manage.”

A global financial services firm providing portfolio management tools needed to replace UAG while improving upon its secure remote access and endpoint security capabilities. The firm manages IT infrastructure for clients with over $1 trillion in aggregate assets under management.

TAC deployed across the firm’s full application portfolio after an extensive review found it offered more features than UAG on a zero trust architecture. Multi-directory identity federation and per-application least-privilege policies with MFA on every session.

Zero trust access achieved across all financial applications with a complete audit trail. UAG capabilities exceeded. Regulatory compliance requirements met. SSO improved user experience across all applications.

“TAC offered even more features and functions than UAG, on a Zero Trust platform, and the pricing was straightforward. For most of our clients, we are their IT infrastructure — security is non-negotiable.”

A financial services firm managing clients with over $1 trillion in assets needed risk-based access security across a mixed device environment. Existing controls were binary with no ability to apply contextual decisions based on device state or risk level.

TAC’s unified policy engine implemented continuous risk-based access. Device posture checks provide real-time risk signals feeding into per-application policies. High-risk devices blocked; compliant devices receive full access on every request.

Risk-based context-aware access implemented across all financial applications. Any-device security achieved. Point-in-time authentication gap eliminated through continuous per-request evaluation.

“With TAC, we have the ability to set policies at the application level, not just the user level. We can require additional authentication for more sensitive applications. This granularity is something we simply didn’t have before.”