Mission Possible: Secure and Productive Compliance With Federal Regulations
Centrify Zero Trust Privilege helps federal agencies ― including both civilian and defense organizations ― address the specific requirements of key federal regulations, allowing them to control, audit and report on privileged access to sensitive data while reducing complexity and keeping privileged users productive.
Today's Threat and Compliance Challenges

Big Targets for Cyber Attack

Security Budgets Stretched Tight

Your Next Audit is Just Around The Corner
Centrify allows us to adhere to HSPD-12 regulations with a government-certified solution. We don’t have to jump through hoops to configure something that will work with smart cards.
, Systems Integration Branch Chief, National Weather Service, Southern Branch
TACKLE YOUR FEDERAL REGULATIONS WITH CENTRIFY
Regulation/Standard | Purpose | Centrify's Demonstrable Value-Add |
---|---|---|
DHS CDM Phase 2: Department of Homeland Security Continuous Diagnostic and Mitigation Program – Phase 2 |
The Continuous Diagnostics and Mitigation Program by the U.S. Department of Homeland Security is a dynamic approach to fortifying the cyber security of government networks and systems. CDM provides federal departments and agencies with capabilities and tools that:
|
Centrify Zero Trust Privilege solutions are the selected choice of federal agencies for CDM Phase 2 CRED, ensuring that all federal agency associates only have access to servers or network resources based on their unique role and responsibility within their organization. Centrify covers the following CDM Phase 2 CRED requirements:
|
FICAM: Federal Identity Credential Access Management Initiative |
The Federal ICAM (FICAM) program, managed by GSA’s Office of Information Integrity and Access, provides collaboration opportunities and guidance on IT policy, standards, implementation and architecture, to help federal agencies implement ICAM. |
Centrify Zero Trust Privilege solutions help federal agencies address FICAM IT policies and standards like NIST SP 800-53, including sections:
|
FISMA: Federal Information Security Management Act |
US legislation that defines a comprehensive framework to protect government information, operations, and assets against natural or man-made threats. |
Centrify Zero Trust Privilege solutions help federal agencies address key FISMA provisions recommended in NIST SP 800-53, including sections:
|
HIPAA: Health Insurance Portability and Accountability Act | US legislation that provides data privacy and security provisions for safeguarding medical information. |
Centrify Zero Trust Privilege solutions help federal agencies address:
|
HSPD-12: Homeland Security Presidential Directive 12 | A strategic initiative intended to enhance security, increase government efficiency, reduce identity fraud, and protect personal privacy. It requires the development and implementation of a government-wide standard for secure and reliable forms of identification for federal employees and contractors. |
Centrify Zero Trust Privilege solutions help federal agencies to deploy HSPD-12 compliant credential. Centrify brings Mac OS X and Red Hat Linux systems into compliance with HSPD-12 by supporting the Common Access Card (CAC) standard certified by the JITC. |
NIST Special Publication 800-Series | Set of documents (NIST SP 800-53, SP 800-171, SP 800-63) that describe US federal government computer security policies, procedures, and guidelines. In many cases, complying with NIST guidelines and recommendations will help state and local government agencies ensure compliance with other regulations, such as HIPAA and FISMA. |
Centrify Zero Trust Privilege solutions help federal agencies address the NIST SP 800-Series in three key areas:
|
OMB: Office of Management and Budget | Identity Management Guidance by the Office of Management and Budget, including policies on encryption, multi-factor authentication, and digital signatures. |
Centrify Zero Trust Privilege solutions help federal agencies to address the OMB policies by enabling server isolation and encryption of data-in-motion for UNIX and Linux systems. This addresses the OMB mandate for authenticated connections among systems and the encryption of data moving across IP networks (IPv6 Adoption). |
PCI DSS: Payment Card Industry Data Security Standard | Set of security standards designed to ensure that all government agencies that accept, process, store, or transmit credit card information maintain a secure environment. |
Centrify Zero Trust Privilege solutions help federal agencies address six of the major PCI DSS requirements:
|
Proven Solutions and Expertise
Grappling to increase your compliance posture while minimizing your attack surface? Centrify can help. We deliver Zero Trust Privilege solutions, allowing you to reduce the possibility of access by bad actors while checking off your federal regulatory mandates.
Establish Identity Assurance
Limit Lateral Movement
Enforce Least Privilege
Audit Everything
Trusted by Top Government Agencies




Centrify gives us the ability to resolve a finding from a DOI-OIG audit, and to conform to the requirement for PIV authentication.
, U.S. Department of Interior, Enterprise Services