Customer Overview
The Royal Marsden is a world-renowned NHS Foundation Trust specialising in cancer diagnosis, treatment, research, and education. Serving over 60,000 patients annually across sites in London and Surrey, it is internationally recognised for its contributions to oncology and medical innovation. As part of the NHS, the Trust operates within the UK public sector and is subject to rigorous healthcare data protection standards, including the NHS Digital Data Security and Protection Toolkit (DSPT) and the National Cyber Security Centre’s Cyber Assessment Framework (NCSC CAF).
Challenge
The Royal Marsden’s transformation agenda focused on modernising its IT infrastructure to support growing demand for digital services, particularly clinical imaging workloads. At the heart of this effort was a need to secure healthcare applications handling highly sensitive patient data — not just at rest or in transit, but throughout their operational lifecycle.
The Trust required a platform that could enforce access boundaries, validate application configurations in real time, and continuously detect potential misuse. Without robust application-layer security, workloads risked breaching NHS regulations, undermining patient confidentiality, or disrupting critical clinical services. The solution had to provide not only compliance with DSPT and NCSC CAF, but also continuous assurance that applications remained secure, well-governed, and threat-resilient.
Why Cloudscaler and AWS
Royal Marsden selected Cloudscaler and AWS to deliver a compliant digital platform where application access and security assurance were embedded into the design from day one. AWS-native services offered the flexibility and depth required to support tight identity governance, continuous compliance validation, and proactive threat monitoring — all aligned with national healthcare standards.
The Trust specifically required:
- Role-based access control tailored to NHS job roles;
- Continuous monitoring of access behaviours and application configuration drift;
- Real-time dashboards to surface risks across application services;
- And the ability to rapidly detect and respond to security threats at the application layer.
Solution
Cloudscaler delivered a secure AWS Landing Zone engineered to enforce governance
across application deployment, access, and monitoring. Role-based access was established using AWS IAM Identity Center, federated with the Trust’s internal identity provider. IAM permission sets were tightly scoped to clinical and operational responsibilities, and IAM Access Analyzer was used to detect overly permissive or unused roles.
Accounts were organised under AWS Organizations with Service Control Policies (SCPs) to control region usage and restrict unauthorised services. IAM configurations were deployed using Terraform, giving full traceability and version control. Identity and access policies were reviewed quarterly in line with DSPT requirements.
To secure applications during operation, Cloudscaler embedded AWS Config conformance packs based on the NCSC CAF. These validated configuration compliance across workloads, while AWS Security Hub tracked real-time security posture across all application services. Security findings were visualised through Amazon CloudWatch dashboards, supporting internal and external audit requirements.
For threat detection, Amazon GuardDuty and AWS CloudTrail were configured to detect abnormal user activity and signs of application misuse, such as unauthorised API calls or suspicious access attempts. Amazon EventBridge was used to trigger alerts and remediation workflows, enabling rapid response to potential misconfigurations or access risks.
This layered approach ensured that clinical applications were not only compliant, but continuously secured against misuse — with real-time visibility, automated guardrails, and policy-driven governance embedded across the platform.
Outcomes
The Royal Marsden now operates a secure AWS environment in which clinical applications are tightly governed, continuously monitored, and resilient to evolving threats. Key results include:
- All application access provisioned through federated IAM Identity Center workflows, eliminating reliance on IAM users or long-lived credentials.
- Application permissions scoped and validated using IAM Access Analyzer, significantly reducing overly broad or unused privileges.
- Continuous configuration validation using AWS Config conformance packs, ensuring full alignment with NHS DSPT and NCSC CAF.
- Real-time compliance dashboards and remediation workflows, improving audit readiness and accelerating issue response.
- Proactive application-layer threat detection with CloudTrail and GuardDuty, allowing fast mitigation of unauthorised behaviour or policy drift.
Technical Implementation Highlights
To support the Trust’s security and compliance objectives, the following AWS-native services were deployed:
- IAM Identity Center – Federated access and job-aligned permission sets
- IAM and IAM Access Analyzer – Scoped roles and detection of excess permissions
- AWS Organizations and SCPs – Policy-driven account structure and service controls
- AWS Config with NCSC CAF conformance pack – Continuous compliance validation
- AWS Security Hub – Security posture aggregation and monitoring
- Amazon CloudWatch – Dashboards for access, identity, and configuration risk
- Amazon GuardDuty and AWS CloudTrail – Runtime anomaly detection and activity logging
- Amazon EventBridge – Automated response to security findings
All infrastructure and policy definitions were codified in Terraform, while standardised deployment templates were delivered via CloudFormation.
Conclusion
Cloudscaler helped the Royal Marsden establish a secure AWS foundation purpose-built to protect healthcare applications. By embedding access governance, configuration validation, and anomaly detection directly into the platform, the Trust achieved continuous security assurance — not just at the infrastructure layer, but within the application environments clinicians depend on every day. The result is a high-trust, audit-ready system that enables digital innovation without compromising on patient data security.
