“Centrify solves our audit and compliance issues by providing both centralized, privileged identity management and granular access controls.”
CENTRIFY INFRASTRUCTURE SERVICES CUSTOMER SPOTLIGHT
Before implementing Centrify Infrastructure Services, the State of Michigan Department of Technology, Management and Budget (DTMB) spent significant resources developing and managing a homegrown identity solution leveraging the native Lightweight Directory Access Protocol (LDAP) client inherent to UNIX and Linux systems, often along with the open source security application sudo (Superuser Do) for controlling privileged access.
After two years of struggle, without the ability to manage access centrally and with granularity, audit findings indicated the department was falling short. At the same time, the information technology (IT) environment was growing exponentially. DTMB evaluated commercial options and replaced its less-secure system with Centrify Infrastructure Services — delivering one of the critical pillars of Zero Trust Security. Now, DTMB effectively addresses federal/industry compliance and can easily provide identity-related data to auditors upon request.
Michigan is regularly cited among the top three states in the U.S. for successfully executing IT best practices, and the state boasts several National Association of State Chief Information Officers (NASCIO) awards. DTMB expects that Centrify will assist in continuing Michigan’s time-honored tradition of achievement in IT.
- Implement a model of least privilege across a hybrid environment of Windows and Linux servers to ensure compliance with government and industry regulations/policies, including Criminal Justice Information Services Security Policy (CJIS, FBI security policy), Centers for Medicare & Medicaid Services (CMS), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI DSS).
- Ensure audits pass and the process is simple by implementing the required password expiration, complexity, and privilege escalation mechanisms.
- Reduce the time required to investigate and report on incidents.
Centrify has helped DTMB to comply with myriad federal regulations. “There isn’t a regulation that Centrify hasn’t helped us to meet. Today, every time an administrator touches a server, I have a record of it. I can pull up a report, print it, and hand it to the auditor,” said Peter Manina, IT Specialist and UNIX Systems Architect, State of Michigan.
“Centrify Infrastructure Services presented us with all the centralized user identity management we’d been trying to build for years,” said Brad Settles, Technical Services Administrative Manager for the State of Michigan. “It would allow us to eliminate both the hodgepodge of password files that had existed across the environment and the sudo files that had been usurping IT resource time.”