Federal Certifications, Accreditations, and Authorizations for Centrify Solutions

Centrify ― Next-Gen Access Solutions You Can Trust

Centrify leverages existing infrastructure to centrally secure and audit heterogeneous systems and applications. With a single point of administration for accounts, access controls, privileges and policy for systems and workstations, IT managers can implement security levels appropriate to their individual organization's needs and more easily accomplish the reporting and auditing tasks required for certification and accreditation of their processes.

The following table summarizes some of the federal certifications, accreditations, and authorizations Centrify solutions have received:

Authorization Status Resources
FedRAMP: Federal Risk and Authorization Management Program The Centrify Application Services and Centrify Endpoint Services are built on Windows Azure, which is FedRAMP certified. Centrify's FedRAMP authorization is currently in process. Centrify Application Services

Centrify Endpoint Services
Certifications/Accreditations Status Resources
Common Criteria EAL2+ Centrify Server Suite has achieved Common Criteria certification listed at EAL (Evaluation Assurance Level) 2+. Certification Report
DIACAP: DoD Information Assurance Certification and Accreditation Process Centrify solutions for role-based privilege management is useful in the accreditation process, particularly requirements for authorizing the operation of DoD information systems. Centrify Role-Based Access Control
DITSCAP: Department of Defense Information Technology Security Certification and Accreditation Process Systems using the Centrify Suite for FISMA compliance find that the auditing and reporting features bolster the DITSCAP and NIACAP certification activities.

NIST SP 800-53's guidance for FISMA is also generally used to formulate the specifics of an information system's security posture for the purposes of gaining DITSCAP, NIACAP and similar certification.

FISMA Compliance & Auditing Solution

FISMA Compliance & Auditing White Paper

FDCC: Federal Desktop Core Configuration Centrify's desktop lockdown capabilities proactively develop FDCC-like security configurations for Mac systems. While Mac OS systems are not currently included in the FDCC, many agencies adopt it as a best practice. Mac OS Desktop Management Group Policy
Federal Information Processing Standard FIPS 140-2 Validated (Certificate #2844) Centrify is validated FIPS 140-2 Level 1. FIPS 140-2 requires cryptographic modules in third-party software and hardware that federal agencies and regulated industries use for handling sensitive, non-classified information. FIPS 140-2 Validated
NIACAP: National Information Assurance Certification and Accreditation Process Systems using the Centrify Suite for FISMA compliance find that the auditing and reporting features bolster the DITSCAP and NIACAP certification activities.

NIST SP 800-53's guidance for FISMA is also generally used to formulate the specifics of an information system's security posture for the purposes of gaining DITSCAP, NIACAP and similar certification.

FISMA Compliance & Auditing Solution

FISMA Compliance & Auditing White Paper

SOC II: Service Organization Controls (AICPA) Centrify has passed the SOC II Certification with zero findings and no remediation required for certification.