Implementation Overview
High level steps for successful rollout of Keeper Enterprise
For the most successful rollout of Keeper Enterprise, follow the steps below.
Create Enterprise Trial
If you haven't already, create a Keeper Enterprise Trial from our website or by contacting the sales team. Be sure to allocate the necessary number of total users you expect to onboard.
Managed Service Provider (MSP) customers: Please sign up for the Keeper MSP product trial. Keeper MSP is a specialized version of the Keeper Enterprise product. To jump to the Keeper MSP guide, click here.
After creating your trial, login to the Admin Console and go through the onboarding.
Provision to Users
Setup and configure your provisioning and authentication methods as described in the User and Team Provisioning section of this document. You can choose from many different provisioning methods such as:
Manual provisioning through the Keeper Admin Console
Active Directory provisioning with the Keeper Bridge service
Single Sign-On (SAML 2.0) with Just-In-Time (JIT) provisioning
SCIM automated provisioning
Email provisioning
Keeper Commander API / SDK provisioning
Contact us if you require assistance in configuring your environment.
Deploy the Vault
Deploy the web vault, browser extensions and desktop application as described in our deployment guide or direct your users to install Keeper from our Download Page.
The Web Vault is available to Enterprise users at the URLs below:
US Data Center: https://keepersecurity.com/vault
US Public Sector / GovCloud: https://govcloud.keepersecurity.us/vault
EU Data Center: https://keepersecurity.eu/vault AU Data Center: https://keepersecurity.com.au/vault CA Data Center: https://keepersecurity.ca/vault
JP Data Center: https://keepersecurity.jp/vault
Upon first login, the user is walked through a simple onboarding experience.
Attend Training Sessions
Users are invited to join a training session via Google Meet or the customer's preferred meeting platform. This training invite can be contained within the email invitation body content, or sent separately by the Admin to their users. Contact your Customer Success manager at success@keepersecurity.com to start training your team.
Monitor Usage
The Keeper Admin can monitor the usage of users via the Risk Management Dashboard, Reporting & Alerts Module and also configure realtime web-hook alerts to Slack or Microsoft Teams. Installing Keeper Commander is also helpful for running automated reports.
Disable Built-In Password Manager
We recommend that the Keeper Admin notifies users regarding the timeline in which built-in password manager saving will be disabled by GPO.
After the specified amount of time, the Keeper Admin should disable legacy built-in browser password managers, thus requiring and enforcing the use of Keeper on the browser.
Learn more about how to disable the built-in password manager.
Require Usage of Keeper
It's critical that all employees use Keeper to manage their passwords and to prevent sharing of information over insecure channels. Update your password policies and employee onboarding processes to ensure that Keeper is utilized. Sharing new employee onboarding records to the user's vault is a great way to encourage them to login and start using the platform. Your customer success manager can also assist you with strategies.
Protect Infrastructure
Once the Enterprise Password Manager has been deployed to all of your employees, reach out to your security, compliance and engineering teams to review the privileged access capabilities that Keeper offers.
KeeperPAM consolidates enterprise password management, secrets management, connection management, zero-trust network access, remote browser isolation and an cloud-based access control plane in one unified product.
Learn more about the advanced capabilities of KeeperPAM.
Last updated