Secure File Storage & Sharing

Keeper offers Secure File Storage to protect your confidential files, IT documentation, photos, videos and any other type of documents.

File attachments are end-to-end encrypted. The encryption is performed locally on the user's device before being uploaded to the Keeper Cloud Security Vault. The user is in complete control of the encryption keys to access and decrypt the files for complete privacy and security. Users also have the ability to securely share files with other Keeper users via shared folders, individual record sharing and one-time share. Sharing records uses Elliptic Curve encryption, making Secure File Storage the best way to save, transfer and share the most sensitive documents.

Visuals & Use Cases

Keeper Secure File Storage solution can be added on to any Enterprise or public sector subscription. There are several critical use cases:

• Storing and sharing of confidential PDF, Excel, Word or other doc types

• Protection of SSH Keys, SSL certificates and other private keys

• Safe backups of ID cards such as passports and drivers licenses

• Encrypted storage of private financial information

• Sharing confidential IT documentation among engineers

Storing and sharing of confidential PDF, Excel, Word or other doc types

Simply drag-and-drop files into the Web Vault or Desktop App. Or on iOS/Android devices, you can load content from the local device. Files are then encrypted locally on the device and the ciphertext is stored in the Keeper Cloud Security Vault.

SSH, SSL and other Private Keys

The Secure File Storage feature is a secure and convenient method of storing your SSH keys, SSL keys and other cloud infrastructure access keys.

ID Cards

ID cards such as passports and drivers licenses can be easily stored and retrieved on any device with full encryption.

Financial Documents

Confidential financial documents or any other private file can be stored in the vault.

Secure Sharing of Files

Files can be securely shared either directly to other Keeper users, or within a Shared Folder.

Time-Limited Access

One-Time Share

If allowed by role policies, users can also create a one-time share. One-time share links are useful for sharing a file with an outside vendor, contractor or 3rd party. In this case it's set to be revoked after 1 hour. One-time shares can be opened with a QR code or a link sent through email or a messaging platform.

On the recipient side, the one-time share is cryptographically bound to the receiving device.

For more information about one-time shares, see this page.

Self-Destructing Shares

A record can be saved as a self-destructing one-time share. In this scenario, the record is going to be deleted from both sides after the file has been downloaded. When creating a record, select "Add Self Destruct".

Learn more about self-destructing records at this page.

Mobile Device Access

Files can be attached and viewed from the Keeper iOS and Android applications. Files can be stored offline for fast access if an Internet connection is not available.

Event Reporting & Alerts

All file related actions such as uploading a file, downloading a file or sharing a record is tracked and monitored through Keeper's advanced reporting and alerts module. This provides event-based reporting that contains information such as: the user's IP address, location, software version, the record identifier, file identifier and other metadata.

You can run reports right here in the console, or if you are using a 3rd party SIEM solution like Splunk, these event logs can be streamed directly into your SIEM provider's collector endpoint in real time.

Purchasing Secure File Storage

Secure File Storage is pooled among the organization's users. To add storage to your Business or Enterprise plan, from the Admin Console, click on Subscriptions then Add Storage.

At the checkout screen, you will have the opportunity to select the file storage level.

Controlling Access to File Storage and Sharing

Keeper Administrators can configure Secure File Storage capabilities at the role level. To disable sharing or file upload capabilities navigate to Roles > Enforcement Policies > Creating and Sharing.

Automation with Commander CLI

For automation and migration of files into Keeper, the Keeper Commander CLI is useful for IT admins or developers to either bulk add content or build automated actions into workflows.

For example, to add a file attachment to a record, the command upload-attachment is executed:

For more information about Keeper Commander record related commands, see the page below:

https://docs.keeper.io/en/v/secrets-manager/commander-cli/command-reference/record-commands

Benefits of Secure File Storage

• Just like our password encryption technology, Keeper protects your confidential files with 256-bit AES encryption using record-level keys.

• Sharing files between users takes advantage of Keeper's built-in Elliptic Curve cryptography method. The record key or folder key which protects the individual record is encrypted with the public key of the recipient(s).

• Secure file storage is available across all of your devices including iOS, Android, Web Vault, and Desktop App.

• Files can be easily and securely shared with other Keeper users, from vault-to-vault.

• Like your other Keeper records, you can set sharing permissions for records that contain your secure files (can edit, can share, can edit & share, and read only).

• File sizes are supported up to 100MB for Web Vault, 5GB for Desktop App, Android and iOS.