Keeper Security - Where Cybersecurity Starts
Keeper Security
Darren Guccione
Co-Founder & CEO
“With Keeper, employees no longer have any reason to reuse passwords or use weak passwords, and IT administrators have the visibility they need to ensure compliance with the rules”
Preventing unauthorized access is a major challenge for many companies looking to protect their valuable data. In most cases, passwords play a critical role in maintaining system security and data protection. However, many companies consider it as their biggest struggle to secure their employees’ passwords. Over 80% of data breaches, and about 75% ofransomware attacks, involve compromised login credentials. Keeper Security—creators of the leading cybersecurity platform for preventing password-related data breaches and cyberthreats—solves this problem by giving IT administrators complete visibility into employee password practices. As a result, administrators can monitor the adoption of password requirements and enforce password security policies organization-wide, including strong, unique passwords and multi-factor authentication (2FA). The solution’s fine-grained access controls allow administrators to set employee permissions based on their roles and responsibilities, as well as set up shared folders for individual groups, such as job classifications or project teams.
With Keeper, each employee receives a private, encrypted digital vault that they can access from any device using one master password—the only password the employee will ever have to remember. Keeper generates strong, unique passwords for every account and automatically fills in login fields on websites and apps. “With Keeper, employees no longer have any reason to reuse passwords or use weak passwords, and IT administrators have the visibility they need to ensure compliance with the rules,” begins Darren Guccione, CEO & Co-Founder, Keeper Security.
In a nutshell, Keeper provides security solutions for consumers, businesses of all sizes, managed service providers (MSPs), government agencies, and nonprofit organizations. Additionally, Keeper is currently listed on the FedRAMP Marketplace and is SOC-2 (Type 1 and 2) and ISO 27001 Certified, and listed for use by the federal government through the System for Award Management (SAM).
Safety at its Peak
For enhanced protection, organizations can deploy valuable add-ons such as Keeper Secure File Storage, which enables employees to securely store and share documents, images, videos, and even digital certificates and SSH keys, and BreachWatch, which scans Dark Web forums and notifies IT administrators if any employee passwords have been compromised in a public data breach.
Organizations that use single sign-on (SSO) solutions can use Keeper SSO Connect to bridge SSO security gaps and extend their SSO deployment with Keeper’s end-to-end password management and security. Keeper SSO Connect is a fully managed, SAML 2.0 SaaS solution that can be deployed on any instance or in any Windows, Mac OS, or Linux environment, in the cloud or on-prem. It easily and seamlessly integrates with all popular SSO IdP platforms, including Microsoft 365, Azure, ADFS, Okta, Ping, JumpCloud, Centrify, OneLogin, and F5 BIG-IP APM. “Keeper is a modern zero-trust platform that provisions within a few hours, is easy to manage and scales to meet the cybersecurity needs of any organization – regardless of its size or industry,” says Guccione.
What makes the company stand out is its zero-knowledge architecture—a security model that utilizes a unique encryption and data segregation framework that protects against remote data breaches. IT service providers that use a zero-knowledge framework are prevented from having any knowledge as to what is stored on their servers. As Guccione puts it in Keeper’s case, “We embed zero-trust as the foundation with a zero-knowledge security architecture. This prevents knowledge of or access to a user’s master passwords, secrets and encryption keys by us or a third-party. All encryption and decryption of data is performed at the client level.”
The Modern Cybersecurity Strategy
To protect passwords and files, Keeper uses PBKDF2 to derive authentication keys based on the user’s Master Password, then generates individual record-level AES-256 encryption keys locally on the device to encrypt each stored record. Keeper’s cloud only holds the encrypted ciphertext of each file. Sharing between users is performed using PKI to ensure that only the recipient of a shared file can decrypt it.
Keeper also securely manages the lifecycle of privileged account credentials with role-based access control (RBAC) and controlled credential sharing. Further, businesses can choose to add single sign-on (SAML 2.0) authentication, automated team management, advanced two-factor authentication, (DUO & RSA), Active Directory and LDAP sync, SCIM and Azure AD provisioning, email auto-provisioning, command line provisioning, and developer APIs for password rotation and backend integration.
While explaining the value proposition of Keeper’s cutting-edge solutions, Guccione recalls an instance when they assisted DefenTec to defend its clients’ systems from cyberattacks. As a managed security services provider (MSSP), password management is DefenTec’s top security priority, both internally and when securing clients’ systems. Because MSPs/MSSPs manage other companies’ IT systems, they have unique password management needs themselves. In addition to all of DefenTec’s internal passwords, they needed to keep track of and secure all of their clients’ passwords as well. DefenTec’s team struggled to find a platform that could house all of their data, and sometimes, it was spread across three different platforms. They needed the ability to manage all of the client information from one dashboard. DefenTec was able to solve this issue with Keeper. In addition to using Keeper internally, DefenTec offers it as a managed service to their clients. Keeper’s security audit score provides clients with a visualization that helps them understand the importance of password hygiene to their overall cybersecurity. In addition to helping DefenTec improve internal efficiency and keep its clients secure, KeeperMSP provides an additional revenue stream, with the company able to mark up each subscription it sells to its clients.
The Ransomware Impact Report
With a vision to create a clear picture of ransomware and how it is impacting businesses and individuals, the company released ‘The 2021 Keeper Ransomware Impact Report,’ which surveyed 2,000 employees across the U.S. whose employers had suffered a ransomware attack in the previous 12 months. According to the research report, 29% of employees didn’t know what ransomware was before their organizations were attacked. Phishing emails caused 42% of ransomware attacks, malicious websites accounted for another 23% and compromised passwords caused 21%.
A whopping 49 percent of respondents told Keeper that their employers paid the ransom, but 93 percent also reported that their employers tightened budgets in other areas following the ransom payment. Meanwhile, 77percent of respondents were temporarily unable to access systems or networks post-attack. 83percent said that their organizations installed new software or made other major updates post-attack, such as migrating some assets to the cloud. 71 percent of respondents said that these updates were inconvenient or disrupted productivity. This report signifies only the tip of an iceberg. With its advanced technology, Keeper protects thousands of businesses across the globe from such critical security threats.
Building the Futuristic Cybersecurity
Founded in 2011 by Darren Guccione and Craig Lurey, CTO & Co-founder, Keeper is the market-leading, top-rated cybersecurity platform for preventing password-related data breaches and cyberthreats. Millions of people and thousands of businesses across the globe trust Keeper to mitigate the risk of cyberattacks, boost employee productivity and meet compliance standards. Under the leadership of Guccione and Lurey, Keeper is launching new, modern applications to further enhance Keeper’s ubiquitous cybersecurity platform against the most common attack vectors. “We’re also making significant investments to protect the U.S. Public Sector in support of the recent White House Executive Order mandating greater cybersecurity protection in the sector,” concludes Guccione.