All Events Tech Field Day Events

Securing Sensitive Infrastructure Credentials with Keeper Secrets Manager

Today it’s not just users in the IT, even non-human entities can have real-time permissions and access to databases and cloud services. Cybercriminals on a mission to unlock unauthorized access to enterprise secrets understand this and use it to their advantage. That explains how some attacks spread well beyond the initial scope of the breach. At the Security Field Day in March, Keeper Security presented the Keeper Secrets Manager (KSM), a Knowledge platform designed to aid businesses cope with the new challenges around secrets management in enterprises.

Hardcode Sensitive Information Is High-Value Target

With the uptick of successful data breaches, attackers are now too close to comfort. It all starts with a password breach and once past that point, there’s unfettered access to critical infrastructure secrets like AWS access keys, API keys, certificates, database passwords, service account passwords, SSH keys and whatnot. And yet password security is still in the fringes of the bigger cybersecurity discussion.

This problem is exacerbated by the secrets sprawl that enterprises are experiencing in their journey of digitization. The way to manage and protect sprawling privileged systems and the confidential data they house is to have an intelligent platform that enforces security policies for both human and non-human identities with a bulletproof security model.

Keeper Security for IT Secrets Management

Since 2011, Keeper Security has been into password management. Slowly branching out to enterprise secrets management in the face of rising supply chain attacks, they are now pivoting towards infrastructure protection with the goals of introducing broader cybersecurity coverage for more diverse use cases. Its recent acquisition of Glyptodon and integration to the proprietary Keeper Secrets Manager is a step in that direction.

In the beginning, their focus was consumer products, like their subscription-based password manager. From there, Keeper Security has built a rich and diverse portfolio of business and enterprise grade products, a customer base with over 1.7 paying customers and offices in the US and Ireland, in just a decade. Now close to acquiring its FedRAMP certification, Keeper Security serves government and public sector companies.

Keeper Secrets Manager

Keeper Security showcased their cloud-based secrets management platform, Keeper Secrets Manager (KSM) at the recent Security Field Day event in March. At the presentation, Craig Lurey, CTO and Co-founder at Keeper Security walked us through the Keeper encryption model and later gave a demo of the platform.

The Keeper Security Manager is a fully cloud-based, multi-platform solution that has two versions, a web-based application called the Web Vault and a native desktop app – the Keeper Desktop App that runs on Mac, Windows and Linux. Browser extension KeeperFill supports all browsers and allows for a faster login for enterprise customers.

At it’s foundation, the Keeper Secrets Manager has two components that form the Keeper encryption model that they adhere to for their security products. It’s Zero Knowledge and Zero Trust. Zero Trust as a security approach does not need an introduction, but Zero Knowledge surely deserves some spotlight.

Keeper Security’s Zero Knowledge approach involves encryption and decryption locally on the device for highest levels of security. Once in the cloud, users have access to their passwords irrespective of where they are logging from. Secured with mechanisms like 256-bit AES, Elliptic Curve cryptography and multi-layer encryption, the data is non-decryptable between users in the same enterprise environment, as well as from the provider.

As part of multi-level authentication, Keeper Security assigns a key to every individual record in the vault with a record level encryption, which is further encrypted by a data key that is either derived from the user’s master password or created using other encryption mechanisms.

Furthermore, protection is offered through a device approval system that disables authentication for unrecognized devices until approved. The Keeper Secrets Manager also has a biometric key which it uses instead of the key created from the master password when a user logs in with a face id.

Final Verdict

The Keeper Secrets Manager, with its multi-step authentication, umbrella protection against varied attacks and latest encryption technologies is a smart choice for enterprises to protect credentials and confidential data from malicious actors. For its fine-grained control access and permissions, it should be in the toolkit of any organization that is looking to find failsafe ways to safeguard its sensitive resources from cybercriminals. Get a free trial today.

Check out the Keeper Security full presentation at the recent Security Field Day on the Tech Field Day website.

About the author

Sulagna Saha

Sulagna Saha is a writer at Gestalt IT where she covers all the latest in enterprise IT. She has written widely on miscellaneous topics. On she writes about the hottest technologies in Cloud, AI, Security and sundry.

A writer by day and reader by night, Sulagna can be found busy with a book or browsing through a bookstore in her free time. She also likes cooking fancy things on leisurely weekends. Traveling and movies are other things high on her list of passions. Sulagna works out of the Gestalt IT office in Hudson, Ohio.

Leave a Comment