Centrify Corporation, the leader in securing identities from cyberthreats, today announced that Centrify is currently in the second stage of compliance with the Federal Risk and Authorization Management Program, or FedRAMP. Centrify is now listed as “In Process” on the FedRAMP website and expects to receive its full FedRAMP compliant designation by the end of the year.
FedRAMP compliance is a significant achievement because it enables Centrify to provide identity management solutions to the federal market, while also helping federal agencies comply with security and compliance requirements such as NIST 800 Least Access, FISMA, HSPD-12, ICAM and more.
“We are excited to reach our first major milestone in the FedRAMP process. This is a clear signal to our federal customers that we are very serious about the security of their data, and that we continue to lead the pack when it comes to highly secure identity and mobile management solutions,” said Tom Kemp, CEO of Centrify. “Our progress will continue towards full compliance over the next few quarters as we work to address every control in the FedRAMP framework.”
FedRAMP is a government-wide initiative that provides a standardised approach to security assessment, authorisation, and continuous monitoring for cloud products and services. The FedRAMP program uses a “do once, use many times” framework that saves an estimated 30 to 40 percent of government costs, as well as both time and staff required to conduct redundant agency security assessments.
Federal customers have a mandate to move to the cloud while also adhering to laws and directives to ensure security and compliance. Centrify’s presence in the market as a FedRAMP compliant vendor can help federal customers with the secure adoption of cloud applications. Centrify’s SaaS and privilege services offerings benefit federal agencies with two specific capabilities; first, by allowing identity data to stay behind the agency firewall, thus eliminating the need to put employee identities in the cloud or maintain complex federation models, second by eliminating the need for government employees and contractors to know and maintain account credentials to access cloud applications. Employees and contractors are granted rights to securely access and use applications based on their role in the organisation. These capabilities provide the agency increased identity security and granular access control to the applications and ease of use for the government employee or consultant. Additionally, Centrify’s SaaS offering works seamlessly with the Centrify data center solution that many agencies already employ today.
Centrify solutions meet a number of federal compliance and certifications requirements such as FIPS 140-2, Common Criteria EAL 2+, Certificate of Networthiness (CON), and more. Centrify also provides for the use of Personal Identity Verification (PIV) and Common Access Card (CAC) from within the network and soon will deliver the ability to use PIV, CAC, and derived credentials for mobile devices. The use of PIV and CAC are federal mandates that are being aggressively enforced on desktops and are now part of all cloud discussions within federal agencies.
Centrify strengthens enterprise security by managing and securing identities from cyber threats. As organizations expand IT resources and teams beyond their premises, identity is becoming the new security perimeter. With our platform of integrated software and cloud-based services, Centrify uniquely secures and unifies identity for both privileged and end users across today’s hybrid IT world of cloud, mobile and data center. The result is stronger security and compliance, improved business agility and enhanced user productivity through single sign-on.