Mission Possible: More Security, More Compliance With State and Local Regulations
Centrify Zero Trust Privilege helps state and local governments in securing access to their ever-expanding attack surface while fulfilling the most stringent state and local compliance mandates. Centrify allows them to control, audit and report on privileged access to sensitive data while reducing complexity and keeping privileged users productive.
Today's Threat and Compliance Challenges

Big Targets for Cyber-Attacks

Security Budgets Stretched Tight

You Next Audit is Just Around the Corner
TACKLE YOUR STATE AND LOCAL REGULATIONS WITH CENTRIFY
Regulation/Standard | Purpose | Centrify's Demonstrable Value-Add |
---|---|---|
CIS: Critical Security Controls for Effective Cyber Defense by SANS Institute |
Recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks. |
Centrify Zero Trust Privilege solutions help state and local agencies address the CIS Critical Security Controls in eight key areas:
|
CJIS: Criminal Justice Information Services Security Policy |
Security policies for protecting sensitive information like fingerprints and criminal backgrounds gathered by local, state, and federal criminal justice and law enforcement agencies. |
Centrify Zero Trust Privilege solutions help state and local agencies address the CJIS Security Policy in the following areas:
|
FERPA: Family Educational Rights and Privacy Act of 1974 |
Federal law that protects the privacy of student education records. It applies to all state and local schools that receive funds under an applicable program of the U.S. Department of Education. |
Centrify Zero Trust Privilege solutions help state and local schools address FERPA in the following areas:
|
FISMA: Federal Information Security Management Act | US legislation that defines a comprehensive framework to protect government information, operations, and assets against natural or man-made threats. |
Centrify Zero Trust Privilege solutions help state and local agencies address key FISMA provisions recommended in NIST SP 800-53, including sections:
|
HIPAA: Health Insurance Portability and Accountability Act | US legislation that provides data privacy and security provisions for safeguarding medical information. |
Centrify Zero Trust Privilege solutions help state and local agencies address:
|
HITECH: Health Information Technology for Economic and Clinical Health Act | US legislation that widens the scope of privacy and security protections available under HIPAA; it increases the potential legal liability for non-compliance; and it provides for more enforcement. |
Centrify Zero Trust Privilege solutions help state and local agencies address HITECH in the following major area:
|
MARS-E: Minimum Acceptable Risk Standards for Exchanges | For enrollees of Administering Entities(AEs), MARS-E defines a minimum set of standards for acceptable security risk that the Health Insurance Exchanges must address and aims to facilitate compliance with the myriad of potentially applicable federal requirements under FISMA, HIPAA, HITECH, ACA, Tax Information Safeguarding Requirements, and state requirements. |
Centrify Zero Trust Privilege solutions help ACA Administering Entities to address key MARS-E provisions:
Privacy Controls such as
FTI Safeguards as required by IRS Publication 1075 |
NIST Special Publication 800-Series | Set of documents (NIST SP 800-53, SP 800-171, SP 800-63) that describe US federal government computer security policies, procedures, and guidelines. In many cases, complying with NIST guidelines and recommendations will help state and local government agencies ensure compliance with other regulations, such as HIPAA and FISMA. |
Centrify Zero Trust Privilege solutions help state and local agencies address the NIST SP 800-Series in three key areas:
|
PCI DSS: Payment Card Industry Data Security Standard | Set of security standards designed to ensure that all government agencies that accept, process, store, or transmit credit card information maintain a secure environment. |
Centrify Zero Trust Privilege solutions help state and local agencies address six of the major PCI DSS requirements:
|
Publication 1075: Tax Information Security Guidelines for Federal, State, and Local Agencies by the IRS Office of Safeguards | Safeguards for protecting federal tax returns and return information; aligned with NIST SP 800-53. |
Centrify Zero Trust Privilege solutions help state and local agencies address the IRS Publication 1075 in one of the major aspects:
|
Proven Solutions and Expertise
Grappling to increase your compliance posture while minimizing your attack surface? Centrify can help. We deliver Zero Trust Privilege solutions, allowing you to reduce the possibility of access by bad actors while checking off your state and local regulatory mandates.
Establish Identity Assurance
Limit Lateral Movement
Enforce Least Privilege
Audit Everything
Trusted by State and Local Governments, Worldwide




There isn’t a regulation that Centrify hasn’t helped us to meet. Today, every time an administrator touches a server, I have a record of it. I can pull up a report, print it and hand it to the auditor.
, IT Specialist and UNIX Systems Architect State of Michigan Department of Technology, Management and Budget