State of Michigan Case Study
Industry:
Government
Company Size:
10,000+ employees
Using Delinea Zero Trust Privilege, the State of Michigan has implemented a least privilege model to comply with a myriad of federal regulations and industry standards as well as policies ensuring audits are passed and the process is simplified.
Challenge
Before implementing Delinea Zero Trust Security Services, the State of Michigan Department of Technology, Management and Budget (DTMB) spent significant resources developing and managing a homegrown identity solution. To do so, they leveraged the native Lightweight Directory Access Protocol (LDAP) client inherent to Unix and Linux systems, often along with the open-source security application sudo (Superuser Do) for controlling privileged access.
After two years of struggle, without the ability to manage access centrally and with granularity, audit findings indicated the department was falling short. At the same time, the information technology (IT) environment was growing exponentially. DTMB evaluated commercial options and replaced its less-secure system with Delinea Zero Trust Privilege Services — delivering one of the critical pillars of Zero Trust Security. Now, DTMB effectively addresses federal/industry compliance and can easily provide identity-related data to auditors upon request.
Project Drivers
- Implement a model of least privilege across a hybrid environment of Windows and Linux servers to ensure compliance with government and industry regulations/policies, including Criminal Justice Information Services Security Policy (CJIS, FBI security policy), Centers for Medicare & Medicaid Services (CMS), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI DSS).
- Ensure audits pass and the process is simple by implementing the required password expiration, complexity, and privilege escalation mechanisms.
- Reduce the time required to investigate and report on incidents.
The Solution
The State of Michigan leveraged the following Delinea Zero Trust Privilege capabilities to achieve their objectives:- Privileged elevation
- Shared password management
- Privileged access request
- Session recording & monitoring
- Auditing & reporting
Aha Moment
Delinea has helped DTMB to comply with a myriad of federal regulations. “There isn’t a regulation that Delinea hasn’t helped us to meet. Today, every time an administrator touches a server, I have a record of it. I can pull up a report, print it, and hand it to the auditor,” said Peter Manina, IT Specialist and Unix Systems Architect, State of Michigan.A Look Ahead
"Michigan is regularly cited among the top three states in the U.S. for successfully executing IT best practices, and the state boasts several National Association of State Chief Information Officers (NASCIO) awards. DTMB expects that Delinea will assist in continuing Michigan’s time-honored tradition of achievement in IT.
Delinea Zero Trust Services presented us with all the centralized user identity management we’d been trying to build for years. It would allow us to eliminate both the hodgepodge of password files that had existed across the environment and the sudo files that had been usurping IT resource time."
Brad Settles, Technical Services Administration Manager, State of Michigan