Keeper Security CEO: Zero-Trust Essential to a Strong Identity Security Strategy

Keeper Security recently won a 2022 Tech Ascension Award for Best Identity Management Solution. We sat down with Darren Guccione, CEO and Co-Founder of Keeper Security to discuss the importance and intricacies of zero-trust as a key to a strong identity security strategy.

What is Keeper Security, and how does it provide zero-trust security? Why is this, along with a zero-knowledge security model, important in today’s evolving threat landscape?

While many companies are taking advantage of zero trust as a wave they want to ride, Keeper Security adopted zero trust and zero knowledge as foundational design and architecture principles from day one. Now, Keeper is the leading provider of zero-trust and zero-knowledge cybersecurity software covering enterprise password management, role-based access control (RBAC), event tracking, dark web monitoring, secure file storage, secrets management, remote desktop access, and encrypted messaging. Every aspect of Keeper’s products are zero trust and zero knowledge. This includes Keeper’s zero-trust Enterprise Password Manager (EPM), Keeper Secrets Manager (KSM), and Keeper Connection Manager (KCM).

All of the products in Keeper’s security suite help organizations take an important step toward adopting zero-trust security. For example, KCM allows a company to implement the least-privilege principle by allowing remote connections only to the specific systems that users need to access. Keeper’s vault can hide credentials and secrets from users, store them securely and provision them dynamically. Capabilities like timed password sharing and RBAC ensure that all users, including interns and contractors, only have access to the systems they need for the time they need.

Keeper’s zero-trust and zero-knowledge EPM provides organizations with total visibility and control over employee password practices, enabling them to defend against the most common attacks successfully. IT administrators can secure, monitor, and control passwords and infrastructure secrets across the organization, both remote and on-prem. They can also set up and enforce RBAC, multi-factor authentication (MFA) and least-privilege access. All activity is logged, can be reported on, and can be fed to leading security information and event management (SIEM) systems. Keeper offers full auditability and compliance reporting.

Keeper’s zero-trust and zero-knowledge security architecture is unmatched in safeguarding information and mitigating the risks of a data breach. What’s more, Keeper is a leading FedRAMP Authorized password management solution. Keeper combines device-level, elliptical curve cryptography with multiple layers of encryption (at the vault, folder and record level), multi-factor and biometric authentication, FIPS-140-2 validated AES 256-bit encryption, plus PBKDF2 to protect organizations of all sizes.

What is Keeper Connection Manager (KCM), and why do organizations need it?


Keeper Security’s Keeper Connection Manager (KCM) is a remote-access gateway that provides DevOps and IT teams with simple and highly secure access to remote desktop protocol (RDP), secure shell (SSH), VNC, MySQL, and Kubernetes endpoints, through any standard web browser.


KCM significantly enhances security by enabling organizations to adopt zero-trust remote access to IT infrastructure. This approach is unique because it enables zero-trust security with no need for client or agent software, with features such as least-privilege access, role-based access control (RBAC) and multi-factor authentication (MFA). Not all password managers are created equal. Some are more difficult to set up and maintain, particularly when integrating them with single sign-on (SSO) or MFA. Keeper provides a stellar experience for both IT admins and end users, enabling seamless access to critical cybersecurity solutions–ultimately helping businesses keep pace with new threats in the ever-changing cybersecurity landscape.

How does the addition of Keeper Connection Manager amplify Keeper’s robust suite of cybersecurity products?


The addition of Keeper Connection Manager (KCM) to the Keeper Security cybersecurity platform provides organizations with modern, cloud-based privileged access management (PAM) to protect every user on every device, enterprise-wide. KCM enhances the Keeper portfolio and supports multiple use cases, including remote infrastructure access for IT teams connecting to databases; secure shell (SSH) and Kubernetes (container deployments) nodes; PAM with session recording and auditability; virtual private network (VPN) replacement with zero-trust access to systems following least-privilege principles; and remote desktop protocol (RDP) for distributed workforces that need to use centralized applications and data.


KCM is integrated with Keeper Secrets Manager (KSM) and the Keeper Vault, so access to remote infrastructure happens in one click and one second without exposing credentials. KSM provides these credentials dynamically (i.e. SSH keys), so the user does not need to ever see them. Access can be locked by a user or group and locked to a specific IP address. Additionally, a user can set an expiration time frame.


All access is logged, and interactions can be recorded. Connections are extremely fast, and the system supports multiple users sharing a session and managing numerous sessions concurrently. Keeper is transforming how organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity security-related cyberattacks, while gaining visibility and control. Businesses across the globe trust Keeper to protect their digital assets and help mitigate the risk of password-related data breaches and cyberthreats.

What workplace and industry-wide challenges do Keeper’s products address?


Major shifts in workplace models and norms, including the move to hybrid and remote work, have transformed the cybersecurity landscape. The volume and severity of attacks is intensifying as a result, creating the need for more advanced cybersecurity solutions. Internal and external threats are also increasing with the shift in workplace models. In a recent report Keeper Security published, the 2022 U.S. Cybersecurity Census Report, 79% of the U.S. IT professionals surveyed reported being concerned about a breach from within their organization, with 39% of respondents seeing rising external threats as one of their top three concerns. Keeper is the leading cybersecurity and productivity application that protects every remote employee and all their devices against password-related data breaches and cyberthreats.


Keeper’s business and enterprise password management solutions help thousands of companies all over the world prevent password-related data breaches, improve productivity and enforce compliance with industry-leading features. With Keeper, users have a three-in-one solution for small businesses: Keeper can be used as the user's password manager, single sign-on (SSO), and privileged access management (PAM). Users also have support for role-based access control (RBAC), multi-factor authentication (MFA), auditing, event reporting, and multiple compliance standards including HIPAA, DPA, FINRA and GDPR. As Keeper advances its vision, the company continues to develop cutting-edge solutions to connect people with all of the digital resources they need in the simplest and most secure way possible.


What is the future of passwords and where does Keeper Security fit in?


Despite news headlines that often tout a passwordless future, it is unrealistic to believe that passwords will disappear anytime soon. Even with the latest innovations, passwordless solutions do not provide a full end-to-end identity and access management solution. Passwords are intrinsically linked into the backend architecture of authentication and encryption systems by design; to protect user data against cyber theft, the backend of any hardened system requires passwords and layered encryption keys. Since a passwordless future is far from reality, we must prioritize providing the utmost support for safe use of the passwords we have now. Millions of consumers and thousands of businesses worldwide trust Keeper Security to mitigate the risk of password-related cyberattacks and data breaches. Keeper is committed to providing users with the highest levels of security to protect their organizations.

###