Keeper Security Is Zero Trust
20 September 2022

Keeper’s cybersecurity platform enables organizations to achieve full visibility, security and control across your data environment. By unifying Enterprise Password Management (EPM), Secrets Management (SM) and Privileged Connection Management (PCM), Keeper provides organizations with a single, pervasive pane of glass to track, log, monitor and secure every user, on every device, from every location, as they transact with all permitted sites, systems and applications.

With a zero-trust framework and zero-knowledge security architecture, Keeper uses best-in-class security to safeguard customer data at the vault, shared folder and record levels with multiple layers of encryption keys.

What is Zero Trust?


Zero trust is a framework that assumes that all users and devices could potentially be compromised, which is why everyone, human and machine, must be verified before accessing the network. The zero-trust security model was created for cybersecurity solutions architects, systems integrators and DevOps teams. It integrates cybersecurity capabilities into a pervasive IT environment, empowering cybersecurity planning and decision-making.

Even before remote work surged due to COVID-19, zero trust was becoming essential to data and network security in contemporary digital workplaces, which rely on cloud-based, distributed data environments. In the post-pandemic workplace, IT infrastructure isn’t the only thing that’s distributed; workforces are too, making zero-trust that much more important to preventing data breaches and ransomware attacks.

Historically, all users located inside an organization’s network perimeter were trusted; only those outside it were not. The COVID-19 pandemic turned this traditional perimeter-based network model on its head. Organizations of all sizes migrated en masse to cloud-based solutions, including multi-cloud and hybrid environments. The race to the cloud, which coincided with a mad rush to remote work environments, resulted in an exponential increase in the number of endpoints, websites, systems, databases and applications that require authentication and end-to-end encryption. 

In this new environment, traditional security models were exposed as being grossly insufficient. Traditional, disparate solutions across heterogeneous IT environments made the task of providing comprehensive visibility, security and control of an organization’s networks and endpoints impossible.

Enter Zero-Trust Network Access (ZTNA). In contrast to traditional security models, zero trust does not trust any human users or devices, regardless of where they are located. In a zero-trust environment, all users and devices must be authenticated before they can access organizational resources, because it is assumed that any human or machine could be compromised.

Zero-trust network access isn’t about deploying specific tools, and it’s not a model that can be adopted piecemeal. It involves fundamentally changing how the organization approaches security, which requires an “all or nothing” mindset with firm commitment by all levels of leadership and teams. Instead of relying on where users are, zero-trust makes them prove who they are. Further, once users are authenticated into the network, least-privilege access ensures that they can access only the network resources they need to perform their jobs, and no more.

Implemented properly, zero-trust network access provides IT administrators with full visibility into all users, systems, and devices. People, apps, and services can communicate securely, even across network environments. It doesn’t matter if users are connecting from their homes, hotels, coffee shops or airports, or even if they’re using their own devices. Administrators can see exactly who’s connecting to the network, from where, and what they’re accessing – and users can’t get in at all until they’ve explicitly proven they are who they claim to be.

How Zero Trust Strengthens Password Security

User and device verification are at the core of zero trust. A zero-trust solution must include a number of functions to ensure its effectiveness. Some of those functions include:

  • Multi-factor authentication (MFA)
  • Principle of least privilege (PoLP)
  • Monitoring and validation

For this reason, organizations that want to successfully deploy zero trust must be able to enforce comprehensive password security among their users, including the use of strong, unique passwords for every account, multi-factor authentication (2FA) on all accounts that support it, role-based access controls and least-privilege access.

Without an enterprise password management platform, organizations have no visibility or control over what their users are doing with their passwords, and they will be unable to successfully adopt the zero-trust network access model.

How Does Keeper Help Organizations Achieve Zero Trust?

Keeper’s cybersecurity platform enables zero-trust security and compliance by unifying Enterprise Password Management (EPM), Secrets Management (SM) and Privileged Connection Management (PCM), all built on our proprietary zero-knowledge encryption model.

Zero-knowledge is a security model that utilizes a unique encryption and data segregation framework that prevents IT service providers from having any knowledge as to what is stored on their servers. In Keeper’s case, this means that: 

  • Customer data is encrypted and decrypted at the device level (not on the server).
  • The Keeper application never stores plain text (human readable) data.
  • Keeper’s servers never receive data in plain text.
  • The keys to decrypt and encrypt data are derived from the user’s master password.
  • Multi-layer encryption provides access control at the user, group and admin level.
  • Sharing of data uses public key cryptography for secure key distribution.
  • Data is encrypted on the user’s devi
    ce before it is transmitted and stored in Keeper’s digital vault. When data is synchronized to another device, the data remains encrypted until it is decrypted on the other device.

No one but the end user can view the plain-text data in their Keeper vault — not even Keeper’s own employees.

Keeper offers a suite of complementary products to support your company’s zero-trust deployment:

  • Keeper’s enterprise password management platform provides organizations the total visibility and control over employee password practices that they need to successfully implement a zero trust security model. IT administrators can monitor and control password use across the entire organization and enforce security policies and controls, such as MFA, RBAC and least-privilege access.
  • Keeper Secrets Manager provides DevOps, IT security, and software development teams with a cloud-based platform for managing all of your infrastructure secrets, from SSH and API keys to database passwords and RDP credentials. All servers, CI/CD pipelines, developer environments, and source code pull secrets from a secure API endpoint. Each secret is encrypted with a 256-bit AES key, and then encrypted again by another AES-256 application key. The client device retrieves encrypted ciphertext from the Keeper cloud, and secrets are decrypted locally on the device — not on the server.
  • Keeper Connection Manager is an agentless remote desktop gateway that provides DevOps and IT teams with effortless, zero-trust network access (ZTNA) to RDP, SSH, databases and Kubernetes endpoints through a web browser. All users and devices are strongly authenticated before they are permitted to access organizational resources. 

Keeper’s zero-trust cybersecurity suite enables organizations to adopt zero-trust remote access for their distributed workforces, with strong authentication and granular visibility and control. Secure your business’s credentials, IT infrastructure secrets, and remote desktop connections with zero-trust and zero-knowledge security. 

Wichtige Eckdaten:
  • Verfügbarkeit: Nutzer von E-Commerce und der Testversion haben sofortigen Zugriff. Nutzer ohne E-Commerce-Zugang müssen ihren Administrator darum bitten, die Funktionen der generativen KI über die Admin-App zu aktivieren.
  • Genauigkeit: Da es sich um eine Beta-Funktion handelt, können die Antworten vereinzelt Ungenauigkeiten oder Inkonsistenzen aufweisen. Durch kontinuierliche Updates wird jedoch eine stetige Verbesserung der Zuverlässigkeit angestrebt.
  • Datenschutz und Sicherheit: Dokumenteninhalte werden während der Verarbeitung temporär gespeichert und nach Abschluss der Aufgabe umgehend gelöscht. Nutzerdaten werden nicht zur Schulung von KI-Modellen verwendet.
  • Beta-Status: Der Dokumentenassistent befindet sich derzeit in der Beta-Phase. Obwohl die Funktion vollständig einsatzfähig ist, wird sie fortlaufend weiterentwickelt. Das Feedback der Nutzer spielt eine entscheidende Rolle für die weitere Optimierung.

Zugang zum Nitro Dokumentenassistenten

Der Einstieg in den Nitro Dokumentenassistenten ist unkompliziert. Das Tool unterstützt PDF-Dateien mit einer maximalen Größe von 25 MB. Folgen Sie diesen Schritten:

  • Öffnen Sie Nitro Workspace und navigieren Sie zum Bereich „Tools“.
  • Klicken Sie auf das Symbol „Dokumentenassistent“.
  • Laden Sie das Dokument hoch, indem Sie eine Datei auswählen oder die Drag-and-Drop-Funktion nutzen.

So meistern Sie den Nitro Dokumentenassistenten

Nach dem Hochladen eines Dokuments erstellt der Nitro Dokumentenassistent eine Zusammenfassung und schlägt erste Fragen für die Interaktion vor.
Für maßgeschneiderte Anfragen wird den Nutzern empfohlen, ihre Eingaben klar, präzise und spezifisch zu formulieren. Hier einige Beispiele für mögliche Anfragen:

  • Fasse dieses Dokument für mich zusammen.
  • Fasse es stichpunktartig zusammen.
  • Fasse dieses Dokument für mich auf Spanisch zusammen.
  • Liste die externen Quellen auf, die in diesem Dokument genannt werden.
  • Finde Inhalte zu den Zahlungsbedingungen in diesem Vertrag.
  • Erkläre mir die wichtigsten Punkte [dieses Vertrags] in einfacher Sprache.
  • Schreibe dieses [Benutzerhandbuch] als FAQ um.
  • [In diesem französischen Mietwagenvertrag] Kann ich eine Debitkarte verwenden, um ein Auto zu mieten? Antworte bitte auf Englisch.

Wichtige Hinweise zu Sicherheit und Datenschutz für Ihre Kunden

Nitro legt großen Wert auf Sicherheit und Datenschutz. Dokumente werden während der Verarbeitung nur vorübergehend gespeichert und nach Abschluss des Vorgangs sofort gelöscht. Zudem stellt Nitro sicher, dass Kundendokumente niemals zur Schulung von KI-Modellen verwendet werden. Diese Maßnahmen schützen sensible Informationen und geben Ihren Kunden ein beruhigendes Gefühl.
So verbessern Sie den Nitro Dokumentenassistenten
Nitro schätzt das Feedback der Nutzer zur kontinuierlichen Verbesserung des Dokumentenassistenten. Nach jeder Interaktion werden die Nutzer gefragt: „War dies hilfreich?“ Sie können mit „Daumen hoch“ oder „Daumen runter“ antworten.
Für detaillierteres Feedback können die Nutzer die Feedback-Seite des Nitro Knowledge Assistant besuchen, um zur Weiterentwicklung des Tools beizutragen.

Ermöglichen Sie Ihren Kunden Erfolg mit Nitro, unterstützt durch KI

Der Nitro Dokumentenassistent ist ein wertvolles Tool, um Ihren Kunden zu helfen, ihre Dokumentenabläufe zu optimieren. Ob sie Nitro zum ersten Mal ausprobieren oder von einem anderen PDF-Anbieter wechseln, diese KI-gestützte Funktion zeigt Nitro’s Engagement für Innovation.

Wenn Sie Fragen zu Nitro-Lizenzen oder erfolgreichen Verkaufsstrategien für Nitro-Lösungen haben, wenden Sie sich an das Team von QBS. Wir unterstützen Sie gerne auf Ihrem Weg zum Erfolg mit Nitro!

 

Kontakt aufnehmen