Latest Keeper Blogs

Professional services, IT, and tech companies in the UK are under siege from cybercriminals, according to Keeper Security’s 2021 UK Cybersecurity Census Report. UK professional service organisations, a category that includes lawyers, accountants and consultancies, experienced an average of 62 cyber attacks over the past year, or one attack every six days. Meanwhile, IT and

At its core, Keeper Security has always been about making people’s lives easier and protecting them while they connect to the information, resources, and data they need. Today we take one big step to advance this vision. Initially, we focused on password security use cases, allowing users to securely store their passwords and easily sign

While acknowledging that zero-trust implementation will be a “journey” with “learning and adjustments along the way,” the Office of Management and Budget (OMB) has finalized and released a memorandum detailing specific zero trust milestones for federal agencies to achieve by the end of Fiscal Year (FY) 2024. Under the memo, which is dated January 26,

Data privacy issues are a key concern for businesses, and not just because data privacy and data security are closely linked. As more and more business is conducted online, consumers are becoming increasingly concerned about how the companies they patronize are using their data. One Pew Research Study found that 81% of consumers feel that

As our world rapidly digitizes, more of our personal information is being exposed online. However, many people remain unaware of the extent to which organizations are tracking their online activities and using their personal data. Even those who are aware may not know what they can do to protect themselves. With this in mind, it

Keeper is excited to introduce a powerful new tool that’s available to all Keeper users: Custom Record Types. Record Types builds upon Keeper’s proprietary zero-knowledge security and encryption technology, enabling organizations to easily store any type of confidential business information (CBI) within their Keeper vaults. This release includes several new features for Keeper’s business, enterprise,

With over 80% of successful data breaches being due to compromised login credentials, password managers are an essential tool for consumers. However, while cybersecurity starts with password security, it doesn’t end there. As ever-greater portions of our lives shift online, more of our data is being digitized. All of it needs to be properly secured,

Can you keep a secret? How about your organization’s data environment? In an IT network, a “secret” is any compact datum that must remain confidential. Typically, secrets are used for authentication or as input to a cryptographic algorithm. Common secrets include: Since IT network secrets unlock access to highly privileged systems and data, securing secrets

Why Is Accessibility Important? According to the World Health Organization (WHO), about 15% of the world’s population has a disability. The U.S. Census Bureau estimates that 18.7% of the U.S. population has a disability with almost 30 million people having motor or vision difficulties that impact their ability to access online websites, applications, and documents.

Between the year-end holidays and breach fatigue, it’s easy for consumers and organizations to fall into a sense of complacency around cybersecurity. Cybercriminals know this, so while many people are vacationing, they’re hard at work. Case in point: Numerous users of the LastPass password manager have been receiving disturbing emails over the past few days,

On Dec 10, 2021, Keeper’s security team researched a publicly-reported vulnerability regarding an open-source Java logging library developed by the Apache Foundation called Log4j (vulnerability number CVE-2021-44228). Within 24 hours following the public disclosure of CVE-2021-44228, Keeper’s security and DevOps teams published updates to its infrastructure and enterprise software applications to remediate and replace all

Cloud computing isn’t inherently less secure than on-prem infrastructure — if organizations configure their cloud instances properly. Unfortunately, in many cases, they do not. Cloud misconfigurations account for 65% to 70% of cloud security issues. What does “cloud misconfiguration” mean? It’s a rather broad term that covers many possible errors, but by far, the most

The holiday season may be in full swing, but cybercriminals don’t take holidays. In fact, during major holidays, they frequently take advantage of thinner staffing levels and distracted employees to up their ante. We can expect the breaches, ransomware, and other cyber hits to keep coming, and possibly even increase over the next few weeks.

Trading platform Robinhood has suffered a breach compromising the personal information of about 7 million customers. In an official blog post, Robinhood said that the incident took place on November 3, when a cybercriminal “socially engineered a customer support representative by phone” to gain access to the company’s customer support system. After exfiltrating data, the

Active duty service members, veterans, and their families are disproportionately targeted by cybercrime. According to the Federal Trade Commission (FTC), the military and veteran community lost over $420.5 million to online scams between 2016 and 2020, a figure that was 44% higher than the civilian population. Most cybercrimes targeting veterans involve phishing and other social

The 2021 holiday shopping season is upon us, and the National Retail Federation (NRF) expects sales to rise by 8.5% to 10.5%, an all-time high. However, retailers are also facing serious challenges, including labor shortages, global supply chain disruptions, and cybersecurity concerns. In a recent survey by the NRF, 76% of retail loss prevention professionals

The White House Executive Order on cybersecurity and the push for all federal agencies to adopt a zero-trust security framework will fundamentally reshape public sector information security strategies. The work ahead will be a continuing journey, from migrating legacy systems to cloud environments, to mandating Multi-Factor Authentication (MFA), to improving software supply chain security and

Updated on July 3, 2023. Supply chain attacks are a clear and present danger to organizations in all industries, but many companies underestimate this threat. To protect against supply chain attacks,  organizations should establish vendor security requirements, use a zero-trust model, keep up with regular software updates and prepare an incident response plan. Continue reading

While many organizations treat governance, risk, and compliance (GRC) as a standalone department, GRC impacts every area of the enterprise. The negative impact of siloing GRC from the rest of the organization is especially clear during compliance audits. The audit process — already complex and time-consuming — is made even more difficult as GRC personnel

Microsoft made a bold statement last week when it suddenly announced that their users can now ditch their passwords and log in using Microsoft Authenticator, Windows Hello, a physical security key like a Yubikey, or an SMS/email verification code. Microsoft rolled out passwordless login for its business and education customers earlier this year, but this