Keeper Security, the
leading provider of zero-trust and zero-knowledge cybersecurity software
protecting passwords, passkeys, privileged access, secrets and remote
connections, introduces two major privileged access capabilities now available
in the Keeper platform: Time-Limited Access and Self-Destructing Records.
Designed for encrypted record access and sharing, these features provide new
methods to quickly and securely elevate access and revoke access rights after
they have been granted - vastly reducing the gradual accumulation of
unnecessary privileges and reducing the potential attack surface for
organizations.
Today's fast-paced business
environment demands secure solutions as organizations are under increasing
pressure to protect sensitive data and systems. Effective privileged access
management is crucial for compliance with regulations such as SOX, PCI DSS and
HIPAA, to ensure the security, accountability and integrity of sensitive data
in accordance with specific industry requirements. Time-Limited Access and
Self-Destructing Records ensure that users have the necessary access to
credentials and files when required, but the permissions are automatically
revoked or adjusted once the timeframe or project is completed. The precise
control over permissions and access management make compliance requirements
easier to maintain.
"The implementation of
Time-Limited Access and Self-Destructing Records is a significant leap forward
in secure credential sharing and addressing the risks posed by privilege
escalation," said Craig Lurey, CTO and Co-founder of Keeper Security. "These features
empower both individuals and organizations to share information securely -
providing a higher level of control over data access."
With Time-Limited Access, users
can securely share records for a predetermined length of time. This can be any
record in a user's vault, including credentials, files or payment information.
When that time ends, access is revoked automatically with no further action
required by either party. When paired with Keeper Secrets Manager
(KSM), users are able to schedule automatic rotation of a shared credential
upon the expiration of access, mitigating the risk of unauthorized access and
minimizing privilege abuse. This feature is beneficial when working with
contractors and third parties.
Self-Destructing Records builds
on this with records that automatically delete after the recipient opens the
shared record. The destruction occurs after a designated period of time or once
the recipient has viewed the record for five minutes, whichever comes first. A
typical scenario is employee onboarding, when IT needs to share login
credentials with a new staff member. IT can share the record containing those
credentials and upon receipt, the original record will self-destruct,
eliminating the risk associated with too many people having access to the
employee's login information. This not only enhances security by reducing the
exposure window, but also helps maintain a clean and organized data
environment, making it easier to identify and manage relevant information.
In an era where cyber threats
are constantly evolving, Keeper remains committed to staying at the forefront
of technological advancements to ensure the highest level of protection for its
users. The addition of encrypted record sharing to the Keeper platform provides
a robust defense against a range of potential threats in both online and
offline environments. By limiting access privileges, organizations can
significantly reduce their attack surface and minimize the potential impact of
security incidents. Learn more about Time-Limited Access and Self-Destructing
Records here.