Best Practices and Recommended Alerts for Advanced Reporting System
Keeper's Advanced Reporting System provides built-in Alerting capabilities that will notify users and Administrators for important events. As a best practice, Keeper has created a list of recommended alerts that can be configured by the Keeper Administrator.
To create an alert, login to the Admin Console and visit Reporting & Alerts > Alerts.
It is important that the Keeper Admin is notified when any administrative changes are made on the Keeper Admin Console which can affect the security and usage of the platform. We recommend selecting all "Policy Change" events.
Critical system events in this category include the following:
We recommend that the Keeper Admin (and the user who performs the action) is notified when any User-Specific changes occur. At minimum, we recommend generating alerts on several key events within the "Security" category.
User Management and Security Alerts
Critical User Management and Security Change events include the following:
BreachWatch provides organizations oversight of the vulnerabilities of user's passwords through active monitoring of dark web breach data. Users and administrators are notified if any of their passwords in a record have been used in publicly known breach that could leave your organization vulnerable to a credential stuffing attack or an account takeover.
Before you configure the alert, ensure that BreachWatch events are configured to flow through the Advanced Reporting & Alerts module. This is disabled by default.
Go to the Role of the users affected by the policy > Enforcement Policies > Vault Features and turn the setting to ON.
Enable BreachWatch events to ARAM
In the Alerts section of the Advanced Reporting & Alerts module, create an alert with all 3 event types within the BreachWatch category.
Critical BreachWatch events include the following:
Depending how many Keeper Administrators you have in the organization, you may want to be alerted every time an Admin Console login occurs.
Admin Console Logins
Note that new Keeper events are added on a monthly basis as the functionality and features of the platform are enhanced. Therefore, we recommend reviewing the latest event types on a regular basis to ensure that you are informed of the latest capabilities.