Remote access to company resources through web browsers has grown exponentially in recent years. With that growth comes an increased risk of exposing sensitive information and
Organizations rely on Keeper Security to store more than just passwords, passkeys and other credentials. Keeper’s Secure File Storage solution enables users to securely store and share files, photos, documents and more.
From the Keeper Admin Console, administrators can configure the Account Transfer Policy which enable the contents of one user’s vault to be transferred to another user’s vault in the case of employee decommissioning or termination. This feature ensures that the passwords, credentials, photos, videos and all other files (including attachments) stored in an employee’s vault are not lost when that employee exits the organization.
About Secure File Storage
Cloud storage is ubiquitous in organizations of all sizes. However, popular cloud storage solutions like Dropbox and Google Drive are primarily organizational tools that are not meant for securing highly sensitive data.
With cloud storage solutions, encryption is generally done at the service level, not the individual file level. This means that the encryption keys are managed by the service provider, and not unique to each file. Additionally, cloud storage providers do not offer a complete zero-knowledge model, as they control the encryption keys and must be able to decrypt data for various purposes, such as indexing for search or previewing files.
Keeper’s Secure File Storage encrypts all files at the record level, leveraging zero-knowledge encryption to ensure that only the user and those with share permissions can access and decrypt stored files. With Keeper, AES-256-bit encryption keys are generated locally at the device level. The Keeper User Interface (UI) is intuitive and friendly to non-technical users. Users can easily add files by dragging and dropping them into the web vault or desktop app. On iOS and Android, users can load content directly from their local devices.
Keeper also provides secure, vault-to-vault sharing with other Keeper users and even one-time record sharing to non-Keeper users, with Public Key Infrastructure (PKI) encryption ensuring that only the intended recipients can decrypt the shared files.
Use Cases for Secure File Storage
Organizations can leverage Keeper’s industry-leading encryption technology and architecture to securely store and share sensitive data and materials, such as:
- Bank account data
- Sensitive photos and videos
- Confidential PDF file attachments
- Personally Identifiable Information (PII) such as driver’s license photos or health insurance documents
- Secure notes
Secure file storage provides a robust solution for organizations looking to safeguard their sensitive documents and files. By utilizing advanced encryption technology and granular Role-Based Access Controls (RBAC), Keeper ensures that all stored data is shielded from unauthorized access. The Keeper Vault delivers a user-friendly interface and intuitive search feature that enables streamlined organization and retrieval of stored information.
Keeper’s secure sharing feature enables users to share their sensitive files with trusted parties without exposing them to the risks associated with traditional file-sharing methods. This combination of high-level security, convenience and control makes Keeper an ideal choice for any sized organization that prioritizes the integrity and confidentiality of their digital assets.
About Account Transfer
Keeper’s Account Transfer Policy enhances the value of secure file storage by providing organizations with the ability to transfer a user’s vault if they are terminated or leave the organization. Account transfer is an optional capability that is available to all business and enterprise customers.
The Account Transfer policy option gives administrators the ability to migrate the entirety of a user’s vault to another user but does not grant the administrator access to the contents of the transferred vault, ensuring zero knowledge.
Performing an account transfer is simple.
- An employee departs the organization.
- An administrator with Account Transfer privileges locks that user’s account from the user configuration panel in the Admin Console under “User Actions”.
- From within that same configuration panel, select “Transfer Account.” This will open a window with a list of users.
- Select the user that will receive the transfer as the recipient and select “Transfer.”
- The records, folders and subfolders in the initial user’s account are then transferred to the recipient’s vault into a single folder and the original owner’s account is permanently deleted.
Example Use Case – Transferring Attachments With a Vault
Background: A Human Resources (HR) recruiter at a corporation is responsible for conducting initial screening interviews with potential candidates. As part of the company’s due diligence process, the recruiter is required to collect personal identification documents, such as driver’s license photos, to verify the identity of each candidate.
Challenge: The recruiter has accumulated a substantial number of sensitive documents and stored them in their Keeper Vault. These documents contain Personally Identifiable Information (PII), which is subject to strict data protection regulations. The recruiter is unexpectedly terminated from their position, creating an urgent need to transfer these sensitive files to their supervisor or another HR team member without compromising the security and confidentiality of the stored candidate’s information.
Solution: The corporation utilizes Keeper Security’s Secure File Storage capability to address this challenge. The process is as follows:
- Secure Upload and Storage: The HR recruiter uploads the driver’s license photos directly into their secure Keeper Vault during the interview process, ensuring that the PII is encrypted and protected against unauthorized access.
- Role-Based Access Control: Access to sensitive files is governed by RBAC policies. The recruiter has exclusive access to their vault, with the HR department head having overarching access rights set by the Keeper Admins.
- Event of Termination: Upon the recruiter’s termination, the Keeper Admins are notified to initiate the secure transfer protocol.
- Secure Transfer of Files: The Keeper Admins use Keeper’s secure transfer feature to reassign ownership of the recruiter’s vault to the supervisor. This process is encrypted end-to-end, ensuring no PII is exposed or compromised during the transfer. Even the Keeper Administrator does not have access to the contents of the transferred vault.
- Supervisor Access: The supervisor receives access to the transferred files and is now able to continue the recruitment process without any loss of data or breach of confidentiality.
- Audit and Compliance: Keeper’s activity logs record the transfer of files, providing an audit trail for compliance purposes and ensuring that all actions taken with the PII are documented and traceable.
Outcome: The supervisor successfully receives all the candidate’s driver’s license photos securely, with no interruption to the recruitment process. The integrity and confidentiality of the candidate’s PII are maintained throughout the transition, demonstrating the corporation’s commitment to data security and compliance with data-protection laws.
Streamline Employee Offboarding
Ensuring compliance and maintaining operations when employees leave has historically been a frustrating process. Account Transfer eases that transition.
Keeper’s Transfer Account functionality provides a host of benefits including:
Security: Keeper’s encryption ensures that sensitive documents are always protected.
Compliance: The use of RBAC and audit trails help to maintain compliance with data-protection regulations.
Continuity: Day-to-day processes remain fluid, despite changes in personnel.
Efficiency: The secure transfer feature minimizes the time and effort required to manage digital assets during staff changes.
Trust: By safeguarding information, organizations maintain their reputation as a trustworthy employer.
To learn more about Keeper, schedule a demo today.