Securing a Distributed Workforce Through a Fortinet SASE Deployment

Modern financial services firms no longer operate from a single, controlled office environment. This institution's workforce was spread across a collection of offices, remote workers, and co-working spaces, each representing a different network, a different set of risks, and a different level of underlying control. For a sector where data sensitivity and regulatory expectations are high, that variability had become a problem.

The organisation recognised the need to standardise the way in which its data and its users were secured, regardless of where they happened to be working. Security applied unevenly across locations is, in practice, security applied at the level of the weakest link, and for a multinational financial institution, that level needed to be substantially higher than the existing setup could guarantee.

Alongside the broader workforce security challenge, the customer operated a proprietary cloud-based, client-facing application that held particularly sensitive data. Access to this application needed to be tied down tightly, limited to specific people, governed by strong identity and posture checks, and protected by genuine Zero Trust principles rather than perimeter-style assumptions.

Formation Tech designed and deployed a Fortinet SASE solution, providing a single, standardised security framework spanning the organisation's offices, remote workers and co-working spaces. The solution encompassed a cloud gateway, localised firewalls at the office locations, and centralised alerting and monitoring configurations, bringing the institution's distributed environment under a unified security and visibility model.

The local Fortinet firewalls provided application routing and management at each site, ensuring that performance and visibility were maintained across all locations. Importantly, traffic from these locations could be treated as a higher-trust source within the wider SASE framework, supporting both the security model and the user experience for staff working from established offices.

For the customer's proprietary cloud-based client-facing application, Formation Tech implemented Zero Trust principles. Access was tied down to both the posture and identity of the user, alongside two-factor authentication, ensuring that critical, sensitive data could only be accessed by the right people, on the right devices, in the right security state. By deploying Zero Trust rather than relying on traditional perimeter-based controls, the customer gained granular, verifiable assurance over how its most sensitive application was accessed.

Formation Tech delivered the engagement end-to-end, helping design the solution, implementing it, and managing it on an ongoing basis. The managed service included defining and implementing the security requirements, alongside handling any service issues and providing the enhanced reporting that the customer required going forward.

The institution now operates a standardised security posture across every type of location it works from. Whether a user is in a major office, a co-working space or working remotely, the same framework, controls and visibility apply, removing the previous variability that came with managing different environments in different ways. For a firm in financial services, that consistency is not just operationally cleaner; it is the foundation of a defensible security position.

The proprietary client-facing application is now protected by Zero Trust controls that bind access to user identity, device posture and two-factor authentication. The most sensitive data the institution handles is no longer reachable on the basis of credentials alone, the security model now reflects the sensitivity of what is being protected.

Operationally, Formation Tech provides ongoing design, implementation and managed service delivery, including enhanced reporting and management of any service issues, meaning the customer is not carrying the burden of running the environment day-to-day. The result is a single, unified, professionally managed SASE framework that secures the workforce wherever they work, protects the institution's most critical application under Zero Trust, and gives the security and IT functions the visibility they need to operate with confidence.