We’re excited to announce that Keeper has launched new and exciting capabilities for Business and Enterprise customers!
Keeper is now used by thousands of business customers globally. We have amassed a deep level of understanding of the unmet customer needs in the business and enterprise cloud market. SMBs, SMEs, universities, managed service providers and complex enterprise environments require the necessary tools to deploy and manage critical password management software in their organization. For SSO solutions, the need for more comprehensive controls and protections for metadata, non-cloud (native) and hybrid-cloud applications was essential. As part of our GSA certification process, we gained a deeper understanding about the needs and nuances of government agencies.
Today, we launched several new capabilities built to address the growing needs of our business and enterprise customers. The product updates in this release are, on many levels, both innovative and revolutionary in our industry.
Admin Console >> New Design
First, we redesigned the entire Admin Console with a more modern interface having greater usability and scalability. The UI was created using the latest technology stack and additional features to enhance the ongoing administration and expansion of your Keeper cybersecurity infrastructure. Here are the highlights:
- New UI updates covering fonts, color schemes, nodes, delegated admin expansion views and filters on every screen, menu and sub-menu of the application
- Replaced the “AD/SSO” tab with an expansive “Provisioning” tab which provides multiple provisioning methods covering your organization’s needs, regardless of its size or provisioning complexity. Once the admin selects the provisioning method they want to use, the admin console curates the admin, step-by-step, through the process (See next sections for details on each method)
- Added several back-end updates to increase speed and performance
- Implemented more granular, multi-select operations on “User” screens
- Added multi-level warnings prior to deleting user objects
Automated SCIM and Azure AD Provisioning
Organizations that utilize Microsoft Azure AD can now activate SCIM (System for Cross-Domain Identity Management) endpoints to automatically provision users and teams in Keeper. Once activated, users and teams are automatically created in Keeper without any manual user intervention. Steps for this method follow:
- Login to the Admin Console and turn on “Show Node Structure” from Advanced Configuration
- If you have not created a new Node that contains your AD users, create a new node.
- Visit the “Provisioning” tab and click on “Add Method”
- Select Azure AD / SCIM and proceed with the steps.
To activate the Keeper SCIM endpoint from Azure AD, follow this guide from the Microsoft documentation portal.
Note: If you plan to authenticate users with SSO and provision users with SCIM at the same time, please uncheck “Enable Just-In-Time Provisioning” from the SSO provisioning screen.
Automated Email Provisioning
To facilitate rapid onboarding of Keeper to a large number of end-users such as a university (e.g. faculty, staff and students), Keeper supports email auto-provisioning. This method uses a security, domain-verification process. For example, anyone with the email address having a domain of “acme.com” can be automatically provisioned to a particular node and role within the “Acme Corp” Keeper Enterprise account upon creating their vault. Steps for this method follow:
- Create a role within the Keeper Admin Console and click the checkbox “Add role to new users created in this Node…” to set it as the default role.
- From the “Provisioning” tab, click on “Add Method” then select “Email Auto-Provisioning”.
- Follow the on-screen prompts to validate your domain name ownership by either DNS record modification or uploading an HTML file to the root directory of your website.
Once your domain has been verified, you can begin inviting your users. You can send users a link to signup that is either pre-populated with their email address, or just a generic link to the site. For example: https://keepersecurity.com/vault/#new/email/EMAIL (Replace EMAIL with the email address of the user) OR https://keepersecurity.com/vault/#new/
Alternatively users can simply go to our app store or download page: https://keepersecurity.com/download
Anyone who signs up with the specified domain name will be automatically invited to join the enterprise with a verification code upon creating their account.
API Provisioning with Keeper Commander™
Keeper supports API-based provisioning through the use of our Python-based Keeper Commander SDK. Keeper Commander is open source and can be installed from our Github Repository. The Commander SDK can now assist in the following use cases:
- Provisioning users and teams
- Accessing your vault through an interactive terminal interface
- Importing passwords, folders and shared folders
- Creating and onboarding user vaults
- Sharing records and folders with users and teams
- Performing targeted password rotation
Since Keeper Commander is an open source SDK and written in Python, it can be also be customized to meet your needs and integrated into your back-end systems.
Subfolders for Mobile Devices >> iOS, Android and Windows Surface
We recently announced subfolders and improvements to the organizational structure and user experience of the Desktop and Web Vault apps for both consumer and enterprise users.
Subfolders are now implemented and rolled out on mobile device platforms including iOS, Android and Microsoft Surface / Windows Store versions of Keeper.
To update your app, visit your app store or go to Keeper’s download page: https://keepersecurity.com/download
Please note that advanced provisioning methods including SCIM are available to Keeper Enterprise customers, at no additional charge. If you are a Keeper Business customer and would like advanced provisioning and curated onboarding added to your account, please contact your account representative for pricing or email us at email@example.com.
If you have any questions, please contact our Business Support team at firstname.lastname@example.org.
We greatly appreciate your business and look forward to bringing you more innovative features soon!
Darren & Craig
CEO & CTO of Keeper Security