Business and Enterprise
Protect your company from cybercriminals.
Start Free TrialProtect your passwords and secrets against targeted attacks.
Request a DemoLeast-Permission Access Requires a Flexible and Secure Sharing Model
Some employee accounts and projects might require password sharing among team members. For example, IT admins might share passwords for server or database access. The organization may also need to share credentials with contractors and other third parties, often for a limited time and with limited permissions.
Unfortunately, when team members share passwords with each other and with third parties, things start to get complicated – and insecure. Users may share passwords to critical systems and apps, like production systems and social media accounts, through email, SMS, Slack, sticky notes, spreadsheets or other insecure methods.
Common password sharing methods put your organization at risk for catastrophic data breaches, ransomware and other cyberattacks. Email and text messages can be intercepted by cybercriminals. Text files and spreadsheets aren’t encrypted. Sticky notes can easily fall into the wrong hands.
Since over 80% of data breaches are due to weak or compromised passwords, it’s crucial for organizations to ensure that company passwords are locked down, and are securely shared only when absolutely necessary.
To better protect passwords that need to be shared, use Keeper’s password management and security platform. Keeper provides a secure, encrypted vault for each employee to store their work-related passwords. IT administrators can control who has access to which passwords, enforcing least-privilege and role-based access by restricting access permissions only to authorized users.
Secure Sharing of Credentials is Critical to Maintain Zero Trust and Protect Your Organization
Keeper’s top-rated enterprise password management (EPM) platform offers a highly scalable and flexible sharing model to meet all your business needs. Often, organizations need to share the same credentials and secrets to teams and users both inside and outside the organization. Keeper accommodates this need with a broad mix of sharing options.
For example, contractors may be restricted to receiving credentials through their vault but not allowed to share the credentials with others. Privileged users may be able to edit and share credentials with others, as well as add and remove records and users from a shared folder. External sharing with Keeper users in other organizations can be limited to specific email domains, which is useful when you need to restrict external sharing to business partners. Keeper also supports one-way sharing restrictions that only allow sharing to an external organization but not from the external organization.
Automated Team Sharing to Streamline User Provisioning
Keeper supports automated team sharing from existing Active Directory (AD) or Azure Groups through SCIM or Active Directory Bridge.
Secure Vault-to-Vault Sharing with Elliptic Curve Encryption
Keeper offers secure vault-to-vault sharing with Elliptic Curve encryption, meaning that cybercriminals cannot intercept passwords or other shared records in transit. Only the intended recipient can access the shared record.
Shared Team Folders and Customized Permissions to Support Least-Privilege Access
Keeper allows IT admins to create shared team folders, with tools to limit how much control each team member has. Admins can specify whether each user can add or remove users or records. They can also control whether users can edit or share a record. They can even choose to mask passwords so that users can access and use the passwords, but not view them. This prevents users from writing passwords down or copy-pasting them.
Time-Limited Permissions to Ensure Temporary Access
Access to Keeper shared folders and records can be time-restricted for users and teams. In support of least-privilege, temporary access to credentials may be required for some users, such as vendors, contractors and partners. When the allotted time expires, the users automatically lose access to the credentials, preventing threat actors from compromising them.
One-Time Share Access For Non-Keeper Users
In addition to securely sharing credentials through user vaults, Keeper offers the ability to share a credential using a link that is bound by a time limit. One-time shares are extremely useful when there is a need to give contractors access to system credentials for a limited period of time. The ability to create one-time shares is granted based on the access policies associated with user roles.
Administrative Control of All Company Credentials, Secrets and Sensitive Data
“Share administrators” have escalated privileges to access and manage all shared folders and records in the organization. They can change access permissions, and they can add and remove users and records from a shared folder. Share administrators can also transfer record ownership when users leave the company.
Import Shared Data and Folders from Any Source
Import passwords and other secure files from any source, whether it be CSV, JSON or from password managers like LastPass and KeePass.
Receive Activity Reports and Alerts to Monitor and Audit Privileged Access
Get instant alerts when shared records are accessed or changed. Run security reports or receive real-time alerts over email, SMS, Slack, Microsoft Teams and more. Use Keeper Compliance Reports to see and audit user access permissions for all your company credentials and secrets.
Market-Leading Security Infrastructure and Policies
Keeper holds the longest-standing SOC 2 attestation and ISO 27001 certification in the industry. Keeper utilizes best-in-class security, with a zero-trust framework and zero-knowledge security architecture that protects customer data with multiple layers of encryption keys at the vault, shared folder and record levels.
Hackers Know the Value of Stolen Credentials.
Request a Demo Try it Free
