Business and Government
Protect your organization in the public or private sector.
Start Free TrialProtecting your crown jewels: database edition.
Request a DemoSecure Database Access Without Credential Exposure
Providing access to your most sensitive systems is necessary, but it introduces risk. VPNs typically provide too much access, especially for contractors, vendors and occasional-use employees.
Exposing database credentials introduces even more risk. Understanding who has access to systems is difficult when shared root or sa accounts are used.
Keeper Connection Manager (KCM) allows administrators to provide direct database access to MySQL. Other database types can be accessed via SSH and RemoteApp – all without having to share credentials. Access can be revoked at any time, and a robust audit trail identifies when and how the system was used.
Multiple Access Paths: Direct Database Connections or RemoteApp
Keeper Connection Manager is built on a foundation of both Zero-Knowledge and Zero-Trust security, with granular access rules. Administrators can provide a DBA with access to the whole target system – or just one component.
For MySQL, a specific SSH-like connection type can be configured. If your DBAs prefer to work in a UI like SSMS (SQL Server Management Studio), RemoteApp can be set up to just allow access to SSMS.
Meet Compliance Needs with Audited and Recorded Sessions
Nearly all compliance frameworks address the risks associated with privileged systems access by mandating that access requests be logged and recorded, including any database systems considered “in scope.” KCM satisfies these core needs.
Keeper Connection Manager is easy to deploy. Simply install a gateway, and you have support for MySQL, RemoteApp, and other non-database connections like SSH, VNC, Kubernetes, databases and RDP. There are no agents, your web browser is the client, and there is no impact on your database servers or other services.
Clientless and Agentless Deployment Model
Implementing a Privileged Access Management solution should be as painless as possible. This is often not the case. Some solutions require custom clients to be installed for all privileged users, and agents to be installed on all privileged endpoints, in addition to one or more bastions to broker the connections. Some require changes to your Active Directory, or direct access to your domain controllers.
Keeper Connection Manager is easy to deploy. Simply install a gateway, and it supports SSH, VNC, Kubernetes, databases and RDP out-of-the-box. There are no agents, your web browser is the client, and there is no impact on your domain controllers or other services.
A Secure Bastion = Superior Security
The Keeper Connection Manager gateway can be completely locked down to the customer's infrastructure to limit access between the client device and the target server. Secrets that are used to connect to the target servers can be managed within the Keeper Secrets Manager encrypted vault. Pass-through credentials also provide users with dynamic access to target instances without secrets storage anywhere in the gateway.
Detailed Monitoring, Auditing and Reporting Options
Keeper offers extensive reporting on privileged user behavior. In addition to providing aggregate security audits, Keeper also provides event logging for over 140 event types, event-based alerts, and integration with popular 3rd party SIEM solutions. Keeper’s compliance reporting functionality also allows admins to monitor and report on access permissions for privileged accounts across the entire organization, in a zero-trust and zero-knowledge security environment.
Market-Leading Security Infrastructure and Policies
Keeper holds the longest-standing SOC 2 attestation and ISO 27001 certification in the industry. Keeper utilizes best-in-class security, with a zero-trust framework and zero-knowledge security architecture that protects customer data with multiple layers of encryption keys at the vault, shared folder and record levels.
