Company

State of Michigan

Using Centrify Zero Trust Privilege, the State of Michigan has implemented a least privilege model to comply with a myriad of federal regulations and industry standards as well as policies ensuring audits are passed and the process is simplified.

Centrify solves our audit and compliance issues by providing both centralized, privileged identity management and granular access controls.

Brad Settles, Technical Services Administration Manager, State of Michigan

Challenge

Before implementing Centrify Zero Trust Security Services, the State of Michigan Department of Technology, Management and Budget (DTMB) spent significant resources developing and managing a homegrown identity solution. To do so, they leveraged the native Lightweight Directory Access Protocol (LDAP) client inherent to UNIX and Linux systems, often along with the open source security application sudo (Superuser Do) for controlling privileged access.

After two years of struggle, without the ability to manage access centrally and with granularity, audit findings indicated the department was falling short. At the same time, the information technology (IT) environment was growing exponentially. DTMB evaluated commercial options and replaced its less-secure system with Centrify Zero Trust Privilege Services — delivering one of the critical pillars of Zero Trust Security. Now, DTMB effectively addresses federal/industry compliance and can easily provide identity-related data to auditors upon request.

Project Drivers

  • Implement a model of least privilege across a hybrid environment of Windows and Linux servers to ensure compliance with government and industry regulations/policies, including Criminal Justice Information Services Security Policy (CJIS, FBI security policy), Centers for Medicare & Medicaid Services (CMS), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI DSS).

  • Ensure audits pass and the process is simple by implementing the required password expiration, complexity, and privilege escalation mechanisms.

  • Reduce the time required to investigate and report on incidents.

THE SOLUTION

The State of Michigan leveraged the following Centrify Zero Trust Privilege capabilities to achieve their objectives:

  • PRIVILEGED ELEVATION
  • SHARED PASSWORD MANAGEMENT
  • PRIVILEGED ACCESS REQUEST
  • SESSION RECORDING & MONITORING
  • AUDITING & REPORTING

Aha Moment

Centrify has helped DTMB to comply with a myriad of federal regulations. “There isn’t a regulation that Centrify hasn’t helped us to meet. Today, every time an administrator touches a server, I have a record of it. I can pull up a report, print it, and hand it to the auditor,” said Peter Manina, IT Specialist and UNIX Systems Architect, State of Michigan.

A Look Ahead

Michigan is regularly cited among the top three states in the U.S. for successfully executing IT best practices, and the state boasts several National Association of State Chief Information Officers (NASCIO) awards. DTMB expects that Centrify will assist in continuing Michigan’s time-honored tradition of achievement in IT.

Centrify Zero Trust Services presented us with all the centralized user identity management we’d been trying to build for years. It would allow us to eliminate both the hodgepodge of password files that had existed across the environment and the sudo files that had been usurping IT resource time.

Brad Settles, Technical Services Administration Manager, State of Michigan

Previous Case Study                             Next Case Study

Ready to protect against the #1 Attack Vector?

Register for a 30-day trial of Centrify's Privileged Access Management (PAM) software to minimize your attack surface and control privileged access to your hybrid environment.

Free Trial