Business and Enterprise
Protect your company from cybercriminals.Start Free Trial
Employees' inability to keep track of all the passwords they need to do their jobs harms productivity, wastes money, and complicates identity and access management (IAM) and security throughout the enterprise.
Single sign-on (SSO) solves some of these problems but still leaves organisations with significant logistical and security gaps. Keeper SSO Connect fills these gaps by extending SSO deployments with an integrated zero-knowledge password encryption system that provides advanced password management, sharing, and security capabilities.
Instead of having to keep track of dozens of different passwords, employees have to memorise only one.
On average, employees devote nearly 11 hours every year to entering and resetting passwords. By simplifying access to resources, SSO helps keep users productive.
The Gartner Group estimates that up to 50% of help desk support calls are for password resets, and the average labor cost to address one password reset is $70. Greatly reducing or eliminating password reset tickets saves money and frees up help desk employees to focus on more complex support tasks.
SSO is a common component in enterprise IAM stacks. SSO simplifies and speeds up IAM deployment by enabling administrators to easily configure strong authentication and other access controls. Administrators also gain visibility into user access throughout the SSO deployment.
By simplifying and speeding up IAM deployments, SSO supports zero-trust environments, which require strong authentication for all users.
SSO systems are an easy way to extend audit and reporting capabilities to include user sign-on data, which is required by many compliance frameworks.
For all the benefits of SSO, it’s not a silver bullet. SSO solutions leave significant security and functionality gaps. Ironically, these gaps involve the very problem that businesses seek to solve with SSO: password management and security.
One of the biggest shortcomings of SSO platforms is that they’re a single point of failure. If a user forgets their password, they’re locked out of multiple sites and apps instead of just one. Conversely, if a user’s password is compromised, cybercriminals can access multiple systems instead of just one.
The typical organisation uses anywhere from several hundred to several thousand cloud apps. In addition to business productivity applications that everyone in the company uses, specific departments and teams utilise their own subsets of job-specific applications. These frequently include legacy line-of-business (LOB) apps that don’t support SSO and aren’t feasible to refactor or replace because they contain essential data or perform critical business functions.
Left on their own to keep track of passwords for non-SSO accounts, individual users and teams come up with their own systems, such as storing passwords in text files or spreadsheets or writing them down on sticky notes. These “homemade” solutions are neither efficient nor secure. Users may also engage in poor password practices, such as using weak passwords, reusing passwords across accounts, sharing passwords without authorisation, and not enabling multi-factor authentication (MFA).
As a result, despite having invested in an SSO deployment, organisations are left vulnerable to password-related data breaches -- especially since administrators have no visibility or control over password usage in these sections of the data environment. They’re unable to enforce security policies such as using a strong, unique password for non-SSO accounts or enabling multi-factor authentication (MFA) on all accounts that support it.
Keeper SSO Connect is a fully-managed SaaS solution that can be used without deploying any on-premise or customer-managed components. It is hosted and managed by Keeper Security while maintaining zero-knowledge architecture and allowing for seamless integration with any IdP in any data environment.
Keeper SSO Connect doesn’t require any on-premises or customer cloud-hosted services, nor does it require any additional software or equipment. Setup is accomplished in two easy steps:
Step 1: Enable and configure the Keeper Application within the IdP
Step 2: Configure SSO Connect within the Keeper Admin Console
Keeper SSO Connect utilises client-side generated ECC (Elliptic Curve Cryptography) private/public key pairs for seamless, secure integration with SSO identity providers. By using device-level ECC keys to protect user vaults, Keeper maintains zero-knowledge while offering a fully cloud-based SSO integration. All data in transit and at rest is encrypted and cannot be viewed by any outside party, not even Keeper Security employees.
Device authorisation is a core component of a zero-trust security model. With Keeper SSO Connect, every approved user device has a local, private, ECC key. With Keeper’s advanced zero-knowledge encryption, keys are securely exchanged between the user’s devices, or through Keeper administrator approvals. Device approvals can also be automated.
Organisations can configure push-based device approval to be performed one of two ways:
Keeper SSO Connect’s streamlined login flow promotes efficiency by simplifying end-user login. If Keeper recognises an end user’s email domain as an SSOenabled enterprise, the user will be automatically routed to their identity provider. When combined with SCIM auto-provisioning or Just-In-Time (JIT) provisioning, onboarding new users is fast and secure.
Keeper SSO Connect gives your administrators access to all of the capabilities of the top-rated Keeper password management platform, including:
Your end-users benefit from features that help them optimise their workflows and improve their password security, including:
SSO platforms are designed to solve security and functionality problems related to user passwords, but unless organisations also invest in a password management solution, they are left with significant security and functionality gaps. Keeper SSO Connect bridges these gaps by extending SSO deployments with comprehensive password management and encryption through the top-rated Keeper password management platform.
Keeper SSO Connect works with any tech stack and seamlessly integrates with all popular IdP platforms. Deployment is simple and fast. The platform improves usability for end-users, provides administrators with visibility and control over employee password practices, enhances employee efficiency, eliminates password-related help desk tickets, and helps organisations prevent password-related data breaches.