Keeper Security Launches Multi-cloud Password Rotation

Keeper Security, a provider of cloud-based zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets, connections and privileged access, has launched password rotation, a feature that allows organizations to rotate service accounts and other privileged credentials securely on demand or on an automated schedule.

Keeper’s password rotation capability enables organizations to automate the changing and resetting of system credentials including active directory service accounts, Azure AD accounts, AWS IAM accounts, SSH keys, database passwords, Windows local users, Linux users, Mac users and more.

Password rotation is an enhancement to Keeper’s Privileged Access Management (PAM) solution. KeeperPAM was designed to address the cybersecurity industry’s growing demand for modern solutions that are cost-effective, easy to implement and engaging for end users.

Keeper’s recent Privileged Access Management Survey: User Insights on Cost & Complexity revealed that more than half of all IT and security leaders (56 percent) have tried to deploy a traditional PAM solution but never implemented it fully. Of those, 92 percent said it was because the solution was too complex.

Unlike traditional PAM solutions, Keeper’s Password Rotation architecture is managed through the cloud-based vault and admin console interface, with a lightweight component that’s installed in the customer’s cloud and on-prem environment, called the Keeper Gateway service.

The Gateway service and Keeper’s multi-cloud routing infrastructure does not require security teams to make any firewall changes, and it uses native protocols for implementing rotation.

Password rotation enables customers to:

  • Automatically rotate credentials for machines, service accounts and user accounts across their infrastructure, and schedule rotations to occur at any time or on-demand.
  • Perform post-rotation actions such as restarting services or running other applications as needed.
  • Securely store all credentials in the Keeper Vault, and control and audit access to credentials.
  • Log all actions to Keeper’s Advanced Reporting and Alerts Module (ARAM) and third party SIEM providers.
  • Create compliance reporting on shared privileged accounts.

Password Rotation through KeeperPAM is available through the web vault, desktop app for Windows/Mac/Linux and the admin console. The feature enables admins to manage rotation for users and records, create gateways, configure cloud environments and enforce least-privilege access.

Password Rotation as part of KeeperPAM supports Keeper’s zero-knowledge, zero-trust architecture, which always encrypts and decrypts data at the local device level.