Keeper Security, Zero Trust Security

Additional Info

CompanyKeeper Security
Websitehttps://www.keepersecurity.com/
Company size (employees)100 to 499
Headquarters RegionNorth America

Overview

Keeper Security’s zero-trust and zero-knowledge security architecture is industry-leading and a key competitive differentiator. Keeper Security adopted zero trust and zero knowledge as foundational design and architecture principles from day one, ensuring that even in a worst-case scenario, all contents of a user’s vault would be protected with multiple layers of safeguards and encryption. Now, Keeper is the leading provider of zero-trust and zero-knowledge cybersecurity software covering enterprise password management, Role-Based Access Control (RBAC), event tracking, dark web monitoring, secure file storage, secrets management, remote desktop access and encrypted messaging.

Every aspect of Keeper’s products follows zero-trust and zero-knowledge principles. This includes Keeper’s zero-trust Enterprise Password Manager (EPM), Keeper Secrets Manager (KSM) and Keeper Connection Manager (KCM) and KeeperPAM. Keeper’s patented PAM solution enables organizations to achieve complete visibility, security, control and reporting across every privileged user on every device in your organization. The platform enables zero-trust and zero-knowledge security and compliance by unifying three integral products into one SaaS platform with limited IT staff required.

What’s more, Keeper is the only FedRAMP and StateRAMP Authorized password management solution. Keeper combines device-level, elliptical curve cryptography with multiple layers of encryption (at the vault, folder and record levels), multi-factor and biometric authentication, and FIPS-140-2 validated AES 256-bit encryption, plus PBKDF2, to protect organizations of all sizes.

Keeper’s zero-trust and zero-knowledge security architecture is unmatched in safeguarding information and mitigating the risk of a data breach. Not all password managers are created equal. Keeper’s zero-knowledge and zero-trust security architecture is a differentiator over other solutions. Keeper has stood by its commitment to protect organizations’ most valuable data for more than a decade, through its best-in-class security model and transparent approach to sharing it with the public.

Key Capabilities / Features

User and device verification are at the core of zero trust. A zero-trust solution must include a number of functions to ensure its effectiveness. Some of those functions include:


Multi-Factor Authentication (MFA)
Principle of Least Privilege (PoLP)
Monitoring and validation


Organizations that want to successfully deploy zero trust must be able to enforce comprehensive password security, including the use of strong, unique passwords for every account, MFA on all accounts that support it, role-based access controls and least-privilege access. Without an enterprise password management platform, organizations have no visibility or control over what their users are doing with passwords, and they will be unable to successfully adopt the zero-trust network access model.
Keeper’s cybersecurity platform enables zero-trust security and compliance by unifying enterprise password management, secrets management and privileged connection management– all built on our proprietary zero-knowledge encryption model.


The Zero-knowledge model utilizes a unique encryption and data segregation framework that prevents IT service providers from having any knowledge as to what is stored on their servers. In Keeper’s case, this means:


- Customer data is encrypted and decrypted at the device level (not on the server).
- The Keeper app never stores plain text (human-readable) data.
- Keeper’s servers never receive data in plain text.
- The keys to decrypt and encrypt data are derived from the user’s master password.
- Multi-layer encryption provides access control at the user, group and admin level.
- Sharing of data uses public key cryptography for secure key distribution.
- Data is encrypted on the user’s device before it is transmitted and stored in Keeper’s digital vault. When data is synchronized to another device, the data remains encrypted until it is decrypted on the other device.
- No one but the end user can view the plain-text data in their vault — not even Keeper’s employees.


How we are different

Keeper Security was co-founded by two cybersecurity visionaries, Darren Guccione (CEO) and Craig Lurey (CTO). Fourteen years ago, Darren and Craig conceived the early plans for the world’s top-rated password manager and secure digital vault on a long overseas flight.


Today, Keeper is the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections. Trusted by millions of individuals and thousands of organizations, Keeper is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity-related cyber attacks, while gaining organization-wide visibility and control.
Keeper isn’t just committed to security; they are fanatical about it. Keeper's zero-trust and zero-knowledge cybersecurity solutions are FedRAMP and StateRAMP Authorized, FIPS 140-2 validated, as well as SOC 2 and ISO 27001 compliant. Every organization needs to secure its passwords, credentials, secrets and connections to reduce the risk of cyber attacks and defend against internal and external threat vectors. Keeper’s priority is to create simple, easy-to-use and highly scalable solutions to help meet the needs of today’s IT and security professionals.


Keeper is the first company to unify three essential IAM products - Keeper Connection Manager, Keeper Secrets Manager and Enterprise Password Manager - to create a next generation Privileged Access Management (PAM) solution called KeeperPAM. Keeper provides the most critical components of privileged access management without the complexity of traditional PAM solutions to quickly and seamlessly integrate with any existing tech and IAM stack, and achieve enterprise-wide coverage and visibility. The solution enables zero-trust and zero-knowledge security and compliance by unifying password, secrets and connections management into one platform.