How NAXION Maintains Client Trust
For NAXION, trust is also central to the business, but the risk calculus looks different.
The Philadelphia-based market research and consulting firm works with clients across finance, healthcare and technology, often handling highly sensitive data sets that include personally identifiable information and protected health information. That makes data exposure — whether through user error, compromised accounts or unsecured endpoints — a constant concern.
Rather than relying on perimeter-based controls, NAXION shifted toward a more distributed, platform-based security model built around Check Point’s Harmony suite.
“I had long been frustrated that a cybersecurity solution can only protect you from what it can see,” says Joe Stern, vice president of information security at NAXION. “Because more than 90% of traffic is encrypted, the only acceptable choice was to break and reseal encryption at the firewall, which blows up a lot of websites, irritating users and burdening IT.”
EXPLORE: The anatomy of a phishing attack and how to navigate this security scenario.
That trade-off — security versus usability — is a familiar one. NAXION’s approach was to eliminate it.
By extending protection directly to user devices and browsers, the firm moved security controls closer to where work happens. Instead of forcing traffic through a centralized inspection point, endpoints themselves enforce policy and detect threats.
“With Harmony Browse, I am pushing the protection from the centralized firewall back out to the edge where it belongs, on the laptops,” Stern says. “Now, they are all tethered to the same immune system.”
That shift has improved both security and user experience, a combination that’s often difficult to achieve. Employees encounter fewer disruptions, while IT gains broader visibility across encrypted traffic and Software as a Service usage.
The platform also helps NAXION manage a growing ecosystem of cloud applications. By monitoring authentication tokens and flagging risky conditions, the firm can identify abandoned connections, stale accounts and other overlooked vulnerabilities that frequently lead to breaches.
Recently, NAXION added zero-trust network access capabilities to ensure that every connection to its environment is verified and tightly controlled.
“My goal was to make every connection accountable for who is connecting and the trustworthiness of their identity,” Stern says. “I only want connections for approved devices and only allow the necessary ports.”
Taken together, these capabilities are delivering a quieter — and safer — operating environment.
“The users I support receive very little spam, not even the bogus QR code variety,” Stern says. “We don’t have business email compromise attacks leak through. You don’t realize how much the din can disrupt your workflow until you experience real quiet.”
That “quiet” is more than a convenience. It’s a signal that security is working as intended, protecting sensitive data without getting in the way of business.