Using Centrify Zero Trust Privilege, the State of Michigan has implemented a least privilege model to comply with a myriad of federal regulations and industry standards as well as policies ensuring audits are passed and the process is simplified.
Centrify solves our audit and compliance issues by providing both centralized, privileged identity management and granular access controls., Technical Services Administration Manager, State of Michigan
Before implementing Centrify Zero Trust Security Services, the State of Michigan Department of Technology, Management and Budget (DTMB) spent significant resources developing and managing a homegrown identity solution. To do so, they leveraged the native Lightweight Directory Access Protocol (LDAP) client inherent to UNIX and Linux systems, often along with the open source security application sudo (Superuser Do) for controlling privileged access.
After two years of struggle, without the ability to manage access centrally and with granularity, audit findings indicated the department was falling short. At the same time, the information technology (IT) environment was growing exponentially. DTMB evaluated commercial options and replaced its less-secure system with Centrify Zero Trust Privilege Services — delivering one of the critical pillars of Zero Trust Security. Now, DTMB effectively addresses federal/industry compliance and can easily provide identity-related data to auditors upon request.
Implement a model of least privilege across a hybrid environment of Windows and Linux servers to ensure compliance with government and industry regulations/policies, including Criminal Justice Information Services Security Policy (CJIS, FBI security policy), Centers for Medicare & Medicaid Services (CMS), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI DSS).
Ensure audits pass and the process is simple by implementing the required password expiration, complexity, and privilege escalation mechanisms.
Reduce the time required to investigate and report on incidents.
The State of Michigan leveraged the following Centrify Zero Trust Privilege capabilities to achieve their objectives:
SHARED PASSWORD MANAGEMENT
PRIVILEGED ACCESS REQUEST
SESSION RECORDING & MONITORING
AUDITING & REPORTING
Centrify has helped DTMB to comply with a myriad of federal regulations. “There isn’t a regulation that Centrify hasn’t helped us to meet. Today, every time an administrator touches a server, I have a record of it. I can pull up a report, print it, and hand it to the auditor,” said Peter Manina, IT Specialist and UNIX Systems Architect, State of Michigan.
A Look Ahead
Michigan is regularly cited among the top three states in the U.S. for successfully executing IT best practices, and the state boasts several National Association of State Chief Information Officers (NASCIO) awards. DTMB expects that Centrify will assist in continuing Michigan’s time-honored tradition of achievement in IT.
Centrify Zero Trust Services presented us with all the centralized user identity management we’d been trying to build for years. It would allow us to eliminate both the hodgepodge of password files that had existed across the environment and the sudo files that had been usurping IT resource time., Technical Services Administration Manager, State of Michigan