Endpoint

9/28/2015
06:00 PM
Sara Peters
Sara Peters
Slideshows
Connect Directly
Twitter
RSS
E-Mail

10 Password Managers For Business Use

Beyond helping end users keep track of their logins, some password managers can integrate with Active Directory and generate compliance reports.
3 of 11

Keeper Security

Keeper Security's selling points are its mobile-first strategy, wide range of platforms it operates upon, and secure digital vault in which any files (not just credentials) can be stored.   

The company has been around since 2008 when its founders sketched out an idea for the iPhone app during a flight to China, and has had a mobile-first strategy ever since, says Keeper CEO and co-founder Darren Guccione. It's since been chosen by Orange to be pre-loaded onto their Orange 70 Dive smartphone and by AT&T to be pre-loaded onto all the Android and Windows phones it sells in the U.S. This week, expanding the relationship with mobile operators and resellers, Keeper is announcing its new Channel Partner program, as well as its Enterprise 2.0 product. 

Keeper is not only a password manager, but also a secure vault, which stores and encrypts -- and allows sharing of -- any kind of files, not just credentials. When operating within Keeper, new files that are created are encrypted and stored within it. Darren Guccione, CEO and co-founder of Keeper Security, proposes the example of a surgeon who needs to keep records during surgery -- the photos she takes with her phone while in the vault won't appear in the phone's Camera Roll. As Guccione puts it, 'What happens in the vault, stays in the vault.'

However, the secure file storage is an additional cost.

 
Pricing: $750 per year plus $48 per user per year. Secure file storage is another $18 per user per year. Keeper Enterprise is sold through VAR, Carrier, MSP, and OEM channels. Keeper provides volume-based discounts for enterprise customers based on number of users, in addition to Enterprise License Agreements (ELA's).

Interoperability: Keeper works with Android, iOS, Blackberry, Windows Phone, iPad, Surface, Kindle, Mac, Windows, and Linux, plus has browser extensions for IE, Chrome, Firefox, Safari, and Opera. Also integrates with a variety of Enterprise Mobile Management software platforms.

Sharing and management: Has  central admin console where you can provision and de-provision employees, and integrates with Active Directory. Ownership of keys is transferrable, and they can be set to self-destruct.

Compliance and regulations: HITECH- and HIPAA-compliant. Certified with SOC-2, TRUSTe, McAfee Secure, US-EU Safe Harbor, PCI-DSS, and the U.S. Department of Commerce's Bureau of Industry and Security.

Multi-factor: Integrates with biometrics on iOS and other options

Keys: Local-only encryption/decryption. Vault resides in an Amazon AWS instance, but Keeper can also set up an on-premise system. Uses 256-AES encryption, perfect-forward secrecy. Each file is encrypted with a separate key on each device on which it resides.

Other features: FastFill of forms, password generator.

Beyond passwords: Secure data vault

Keeper Security

Keeper Security's selling points are its mobile-first strategy, wide range of platforms it operates upon, and secure digital vault in which any files (not just credentials) can be stored.

The company has been around since 2008 when its founders sketched out an idea for the iPhone app during a flight to China, and has had a mobile-first strategy ever since, says Keeper CEO and co-founder Darren Guccione. It's since been chosen by Orange to be pre-loaded onto their Orange 70 Dive smartphone and by AT&T to be pre-loaded onto all the Android and Windows phones it sells in the U.S. This week, expanding the relationship with mobile operators and resellers, Keeper is announcing its new Channel Partner program, as well as its Enterprise 2.0 product.

Keeper is not only a password manager, but also a secure vault, which stores and encrypts -- and allows sharing of -- any kind of files, not just credentials. When operating within Keeper, new files that are created are encrypted and stored within it. Darren Guccione, CEO and co-founder of Keeper Security, proposes the example of a surgeon who needs to keep records during surgery -- the photos she takes with her phone while in the vault won't appear in the phone's Camera Roll. As Guccione puts it, "What happens in the vault, stays in the vault."

However, the secure file storage is an additional cost.

Pricing: $750 per year plus $48 per user per year. Secure file storage is another $18 per user per year. Keeper Enterprise is sold through VAR, Carrier, MSP, and OEM channels. Keeper provides volume-based discounts for enterprise customers based on number of users, in addition to Enterprise License Agreements (ELA's).

Interoperability: Keeper works with Android, iOS, Blackberry, Windows Phone, iPad, Surface, Kindle, Mac, Windows, and Linux, plus has browser extensions for IE, Chrome, Firefox, Safari, and Opera. Also integrates with a variety of Enterprise Mobile Management software platforms.

Sharing and management: Has central admin console where you can provision and de-provision employees, and integrates with Active Directory. Ownership of keys is transferrable, and they can be set to self-destruct.

Compliance and regulations: HITECH- and HIPAA-compliant. Certified with SOC-2, TRUSTe, McAfee Secure, US-EU Safe Harbor, PCI-DSS, and the U.S. Department of Commerce's Bureau of Industry and Security.

Multi-factor: Integrates with biometrics on iOS and other options

Keys: Local-only encryption/decryption. Vault resides in an Amazon AWS instance, but Keeper can also set up an on-premise system. Uses 256-AES encryption, perfect-forward secrecy. Each file is encrypted with a separate key on each device on which it resides.

Other features: FastFill of forms, password generator.

Beyond passwords: Secure data vault

3 of 11
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
DavidJ883
50%
50%
DavidJ883,
User Rank: Apprentice
2/13/2017 | 9:45:51 PM
Intuitive Password online password manager
I use "Intuitive Password" online password manager. I have tried many password managers and I keep coming back to Intuitive Password. It is absolutely the easiest to use, will suggest dynamic passwords for me, it works on all devices (mobile phones, tablets, laptops and desktop PCs) without installation. It is free but has an inexpensive yearly subscription if necessary. One of the best part is if I need to fill in a user name and password on a specific site, I just click on the little login button shown on the plugin, and Intuitive Password will fill in the info requested for me. There is not a word great enough to express my feelings on this awesome product!
TejGandhi1986
50%
50%
TejGandhi1986,
User Rank: Apprentice
10/5/2015 | 6:33:03 AM
Weekest link in security
Passwod managers can still be one more additional layer of security that can be added to the prevent compromising of security ,the best solution to ensure the passwords are protected is to educate the users regarding how to save passwords,how to prevent password sharing.

 

-Tej Gandhi

[email protected]
Blog Voyage
50%
50%
Blog Voyage,
User Rank: Strategist
10/3/2015 | 9:18:16 AM
Re: Passwordstate
Thanks for feedback mate
cyberinferno
0%
100%
cyberinferno,
User Rank: Apprentice
9/28/2015 | 11:14:06 PM
Passwordstate
We use ClickStudios Passwordstate at work. It runs on an IIS/MSSQL backend (self-hosted) and features Active Directory authentication. IT is free for up to 5 users, and that's all we've had need for thus far (will likely be purchasing a license later). You can customize just about anything you want regarding password fields, different lists, permissions (group or individual), etc. I've never tried using the mobile site (no app available). A Chrome extension is available, but I've honestly never used it.
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
CVE-2018-18375
PUBLISHED: 2018-10-16
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.
CVE-2018-18376
PUBLISHED: 2018-10-16
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.