Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

May 2024

The Benefits of Passwordless Authentication

Many organizations are planning to adopt passwordless authentication or are already in the process of doing so. Passwordless authentication has many benefits such as being more secure than traditional passwords, providing a better user experience, reducing helpdesk costs and enhancing productivity. Continue reading to learn more about the benefits of implementing passwordless authentication in your organization and how Keeper helps with its implementation.

How To Prevent Data Loss

Up to 94% of companies that experience severe data loss never recover, making it important for every organization to take steps to protect their data. To prevent data loss, organizations should regularly back up data, keep software up to date, store sensitive data in encrypted storage, use antivirus software, implement least privileged access and equip employees with a password manager.

KeeperMSP

KeeperMSP is the most secure, cybersecurity and password management platform for preventing password-related data breaches and cyberthreats. Designed exclusively for Managed Service Providers, KeeperMSP provides a powerful, easy-to-use platform to protect you and your customers’ passwords and sensitive data in secure, encrypted vaults. Web Vault Keeper’s Web Vault is where each provisioned user will securely store and access their passwords, credentials, files and any private data.

Fraud Alert vs Credit Freeze: Which One Should I Use?

Both fraud alerts and credit freezes are free of charge, but there are some differences between the two you should be aware of if you’re deciding on placing one over the other. Both fraud alerts and credit freezes are meant to protect you from identity theft and fraud, however, fraud alerts add an extra layer of verification and only last a year, whereas credit freezes prevent new credit from being opened and don’t expire.

Breaking Barriers: Demystifying Zero Trust with Chase Cunningham & Keeper Security

Zero trust is a powerful cybersecurity approach, but its implementation remains a challenge for many organizations. In this webinar, renowned expert Chase Cunningham demystifies the concept of zero trust and provides practical strategies to overcome the barriers to its adoption. Cunningham explores the core principles of zero trust, dispelling common misconceptions and highlighting its benefits in protecting against modern cyber threats. Drawing from real-world experiences, he'll guide you through the process of implementing robust zero-trust architectures tailored to your organization's needs.

Keeper 101 | Enterprise - How to Set Role-based Access and Controls in Keeper

Learn how to set role-based access and controls in Keeper with our step-by-step guide. In Keeper’s architecture, Roles and Teams are separate concepts. A Role defines permissions, policies and what features and security settings apply to users. Roles also define the administrative capabilities of those users. Teams are specifically used for sharing privileged accounts among users within the vault. Teams and Roles can be linked to automatically assign a role policy to all members of a team.

Keeper 101 | Enterprise - How Keeper's Advanced Reporting & Alerts Module Works

Learn how Keeper's Advanced Reporting & Alerts Module works within Keeper Enterprise. This module provides insight to assess vulnerabilities related to administrative changes, password reuse, unauthorized access, password stuffing attacks and insider threats.. The “Reporting Dashboard” provides a quick view of top events, the “Recent Activity” and "All Security Events” reports and any saved custom reports. Monitoring these events can assist in the detection of several threat vectors and help establish enforcement policies around vault and privileged account access.

What's New With Keeper | May 2024

Keeper Security is excited to announce that we now support passkeys on Android and iOS mobile apps. This update extends passkey management functionality in the Keeper Vault beyond the Keeper browser extension support for Chrome, Firefox, Edge, Brave and Safari that we announced last year. Passkeys are a new type of credential that can entirely replace passwords or be used for multi-factor authentication.

Best Practices for Securely Onboarding Employees

Some best practices for securely onboarding employees include conducting comprehensive background checks, providing security training for new hires, ensuring employees have least privilege access, equipping employees with a password manager and continuously monitoring employee activity for unusual behavior. The more secure an onboarding process is, the easier and more secure it’ll be to offboard employees.

How To Prevent Ransomware Attacks on Your Devices

Ransomware is one of the fastest-growing cyber attack vectors, making it crucial to learn how to prevent it. To prevent ransomware attacks on your devices, you should avoid clicking suspicious links and attachments, never insert random USBs into your device, keep your Operating System (OS) up to date, use a Virtual Private Network (VPN) when connecting to public WiFi and use a password manager to ensure your passwords are strong.

Enterprise Management Associates Report: Information Security and Compliance Future Trends 2024

The cybersecurity industry has seen radical changes over the past year–changes that may alter the trajectory of the industry. In partnership with analyst firm Enterprise Management Associates (EMA), today Keeper announces Information Security and Compliance Future Trends 2024, a report that analyzes recent research and industry data to highlight key shifts in the cybersecurity industry and offer insights into current trends and future directions.

KeeperFill v16.9 Update

The latest update to our KeeperFill Browser Extension offers users a refreshed, more intuitive experience. Keeper’s new user interface provides enhanced clarity and navigation – all improving usability in order for you to take full advantage of KeeperFill’s powerful auto filling capabilities. Upon logging in to KeeperFill, you will immediately notice a refreshed home screen, featuring a more modern UI. Records now conveniently appear directly on the home screen as a list, with “suggested records” at the top to easily fill the credentials that match the website you're on.

What To Do if You've Been Scammed

If you’ve been scammed, there are different actions you should take based on what you were scammed into doing. For example, if you accidentally paid a scammer, you should contact your bank immediately. If you gave a scammer your login credentials, you should update your passwords and enable MFA immediately. If a scammer hacked your device, you should run antivirus software and possibly factory reset your device.

Keeper Refreshes Browser Extension for Increased Usability

Keeper Security is excited to announce an updated User Interface (UI) for its browser extension across all supported browsers. The refreshed UI features a modernized design, and simplifies the process of finding and creating records for users. The new browser extension updates continue the recent UI enhancements to Keeper’s end-user vault and Admin Console.

Keeper Secures Repeat Win in CHIP Password Manager Test

Keeper Security has once again clinched the prestigious title of “Test Winner” in a group test of leading password managers conducted by CHIP Magazine, a renowned consumer technology publication in Germany. This marks the second consecutive year Keeper has secured this esteemed recognition, following its victory in the 2023 review.

The Best VPN Alternative for Businesses

Virtual Private Networks (VPNs) are used by businesses to secure remote access to systems and encrypt employees’ internet traffic. However, while VPNs add some level of protection for distributed workforces, they aren’t enough to keep your business and employees safe from common cyber threats since they make internal tracking of users complex, lack adequate protection and don’t scale in a remote work environment.

Security Question and Answer Best Practices

When you create an account, you may be prompted to set up a security question for authentication. Security questions add a layer of security alongside your login credentials. Following best practices for security questions involves using different questions for different accounts, avoiding self-written questions, using multiple security questions and updating security questions and answers regularly.

How Do Cybercriminals Gather Personal Information About Their Targets?

Cybercriminals gather personal information about their targets by using social engineering techniques, looking at social media accounts and collecting data that gets leaked from public data breaches. The more personal information a cybercriminal can collect about their target, the easier it is for them to launch cyber attacks that their targets will easily fall for. Continue reading to learn more about how cybercriminals gather their target’s personal information and how you can keep your data safe.

How Should Sensitive Information Be Stored?

When we think about storing sensitive information, two types of information come to mind: digital data and physical data. While physical data can be securely stored in a physical vault, digital data should be stored in an encrypted cloud storage solution to protect it from common cyber threats. Continue reading to learn the best ways to store your sensitive physical and digital information, plus the storage methods to avoid.

Rising Threats: Navigating the Surge of Cybersecurity Challenges in K-12 Schools

When thinking about which industries get targeted most often in ransomware attacks, many people think that large healthcare and financial institutions would be at the top of the list. Most people don’t associate cyber attacks with K-12 schools. However, a recent cybersecurity report noted that lower education, or K-12 schools, is the single most targeted industry for ransomware attacks, with 80% of schools reporting a ransomware attack in 2023.

How To Prevent Human Error in Cybersecurity

Human errors in cybersecurity can result in cyber attacks that lead to data breaches, financial losses and irreparable impacts to businesses. Verizon’s Data Breach Investigations Report found that more than 68% of data breaches were caused by human error. Human factors that can contribute to a breach include using weak passwords, reusing the same passwords or employees falling victim to phishing scams.

How To Prevent Password Fatigue

Password fatigue is the exhausting feeling individuals experience due to the excessive number of passwords they need to memorize. People need to remember their passwords to access applications and networks that hold their sensitive information. However, constantly resetting and remembering passwords can burden them, resorting to insecure practices such as saving passwords in a spreadsheet.

What Is a Silver Ticket Attack?

A ticket in cybersecurity is a set of credentials used to authenticate users. A silver ticket is a forged ticket an unauthorized user creates. With this forged silver ticket, threat actors can launch a cyber attack that involves exploiting the weaknesses of a Kerberos authentication system. In this system, a Ticket Granting Service (TGS) serves as the credential token, granting authorized users access to particular services.