KeeperMSP is natural extension of Keeper’s Enterprise Password Management solution which allows an MSP to manage multiple independent tenants (a.k.a. "Managed Companies" or "MC’s") from a central console. To serve the MSP market, Keeper Security created an enterprise-class, purpose-built solution which allows Keeper's password management and security software to be managed and distributed by MSP’s. The enterprise version of Keeper has been architected for scale and has the core features and functionality that MSP’s require, including:
Robust enforcement policies
Multiple provisioning methods
Full support for 2FA methods
Robust event logging, auditing and reporting capabilities
Keeper vaults can be provisioned by MSPs to every one of their customers - to protect every employee on every device they use. Keeper is the leading password management application in the industry - with unmatched security, cross-platform capabilities and top ratings by industry services, press and end users. This guide supplements the Keeper Enterprise Guide and details the specific functionality for MSP-level administration and license management. Please refer to the Enterprise Guide for a broader overview of Keeper software which covers core functionality at the Managed Company level.
KeeperMSP can support a wide spectrum of deployment models, from full service (“white glove” ) MSP’s who manage everything for their users all the way to pure resellers who do little or no administration for their clients.
MSP Technicians have access to their MC’s Keeper Admin Console and thus have full rights to provision end users, set up MC-specific roles, login enforcements and teams for sharing credentials. These technicians may also choose to set-up a login credentials for users which can be done by sharing records from their private vaults to those of an MC. This allows an MSP to offer a fully integrated set of services that include a set of pre-configured login credentials they can keep updated if needed.
In this model, resellers primarily act as distributors and sell Keeper software to customers who can administer the solution themselves. The MSP can designate an administrator user at the MC to handle all management of the system.
Both the MSP Technician and the MC Administrator can share responsibilities to manage the system. For frequently changing or highly-specific settings (e.g. which employees are in a team folder) the “local” MC administrator could manage. For large scale initial provisioning and configuration, the MSP may be better equipped to facilitate this with Keeper’s Active Directory bridge, SSO or other provisioning methods.