Keeper Enterprise provides the highest levels of security and at the same time provides a simple user experience - with over 15 million users worldwide, Keeper is the proven industry leader. Keeper is SOC-2 and ISO27001 certified. Passwords are the single greatest cause of a data breach. 81% of data breaches are due to weak or stolen passwords. Password management solutions provide an affordable and simple way for companies to solve the root cause of most data breaches. By helping businesses generate strong passwords as well as manage and securely share them among teams, they significantly reduce the risk of a data breach.
Keeper's architecture is the most secure in the industry. Built from the ground up with record-level encryption and client-side key generation, the foundation of Keeper Enterprise is built upon a model that ensures only the user is able to decrypt and access their privileged information.
The Keeper platform is built on an access layer and encryption layer. Access and authentication controls who is able to sync the encrypted ciphertext, and client-side encryption controls who is able to physically encrypt/decrypt the data. This foundation is what gives Keeper the ability to apply the most granular level of protection to user data and enables the core features and capabilities of the product. Users, Roles, Teams, Records and Shared Folders are all protected and managed through the use of client-side generated keys. This complex distribution of keys is completely managed by the software with a simple and easy-to-use user interface.
SSO and SAML simplify login to many cloud applications, however, it does have its limitations. Keeper (with Keeper SSO Connect) complements the two major gaps with your SSO deployment:
Offering privileged access to applications that don’t support SAML protocols.
Enabling non-password use cases, such as management and sharing of digital certificates, SSH keys, API keys, secret notes, lists, files and more.
With Keeper SSO Connect, you can easily add Keeper to the apps that your IdP services. Whether you use AD FS, Azure, Okta, Centrify, Ping, Jumpcloud or any other SAML 2.0 Identity Provider, Keeper will easily integrate. Keeper SSO Connect logs the user directly into their encrypted vault while maintaining full zero knowledge. Keeper SSO Connect is an on-prem hosted high availability solution that the customer hosts and manages. This architecture preserves zero knowledge and allows the end-user to authenticate directly into their vault.
The ability to provide least privileged access to an employee is critical in the deployment of an Enterprise Password Manager. Keeper gives fine-grained control over what users are capable of accessing and managing within the platform through the use of customizable role policies. By providing a flexible role policy engine, you can lock down restrictions and access based on the risk profile of the employee. For example, you may want your IT Admins to be restricted from accessing their vault outside of the office network. Or you may want administrative assistants the ability to onboard new users, manage teams and run reports. The entire process is fully customizable through a user friendly interface. Role Enforcements Include:
Password Complexity Rules and Biometrics
Multi-Factor Authentication, Token Expiration and Device Restriction
Offline Access Restrictions
IP Whitelisting, Sharing and Data Export Restrictions
Account Transfers (employee offboarding and break-glass scenarios)
Keeper Administrators can create organizational units (called Nodes). A role can be given Administrative permissions over the node (or sub-nodes) for which a role exists. This delegated administration allows different people in the organization to have management controls over subsets of teams of users, roles and shared folders. Users within different nodes can be provisioned and authenticated with different methods.
Keeper's Zero Knowledge Account Transfer capabilities provide Enterprise customers with the peace of mind that an employee will never walk away with critical data when they leave the organization.
Keeper is a cross-platform solution that provides full capabilities from every major platform and device including iOS, Android, Windows, Mac and Linux. Browser plugins are compatible with Chrome, Firefox, Edge, Safari, Opera and Internet Explorer.
The Keeper Administrator can restrict vault access to specific platforms based on security requirements of the enterprise. End-user vault applications can be used completely independent of one another, or used together. For example, using the Web Vault or Desktop Application does not require the installation of a browser plugin.
Since 50% of help desk calls are estimated to be password related, there is a significant productivity gain by rolling out a password manager to your organization. When employees don't need to worry about remembering passwords, the cost savings are massive.
Compliance is becoming even more complex with requirements mandating internal control policies and standards. Organizations in heavily regulated industries are audited for password enforcement policies and practices. Keeper's password security platform solves many of compliance and regulation enforcement requirements that organizations face. Keeper Security is SOC 2 Certified, ISO27001 Certified, GDPR Compliant, GSA Certified, SAM Certified and Privacy Shield Compliant.