Zero-Knowledge, Zero Trust for All With Keeper Security and Duo
Passwords are a problem. We are fatigued with many things in our lives from juggling work life balance, to constant video calls as we transitioned to working remote, to struggling to maintain all the passwords for all the applications we use to do our work. According to Keeper Security’s Workplace Password Malpractice Report, 57% of employees admitted to writing their passwords on sticky notes. With so many applications and passwords to manage, it is easy to understand why an employee might not practice good password hygiene and potentially be at a higher risk of phishing.
The Password Problem
We are all likely aware that we should create a unique password for each application or account we have. Keep the passwords unique, 12 characters or more, do not reuse passwords, use special characters, and stay away from personal information and dates. These are best practices, but when the mental tax is so high along with the amount of time investment to manage and update these passwords is also high, employees (and even IT administrators) are going to be lax and break the rules.
The Ponemon Institute published a recent study uncovering the security behaviors of individuals and IT Professionals. Spoiler alert, the IT Professionals surveyed were more likely to reuse passwords across workplace accounts. The study showed 39% of individuals were likely to reuse passwords at work, and more IT professionals were likely to reuse passwords at 50%. When you consider that IT professionals have access to the crown jewels within an organization's network, it is clear that a better way to manage passwords is needed.
The Password Solution
Enter the solution, use an encrypted enterprise password management and security platform to store, create strong passwords. Never reuse a password, and manage logins to all the applications employees use at work. Keeper Security is well known for their password management solution that supports Duo’s multi-factor authentication, bringing strong authentication to lock the information stored within. With an eye on the future of continuing to remove the friction workers encounter with passwords and password resets, organizations can now extend their Duo SSO to include access to Keeper Security with their new Keeper SSO Connect Cloud™.
"SSO provides great convenience for enterprise employees to access a handful of cloud applications with a single login. However, this leaves large security gaps for protecting the thousands of websites and services that employees use, in addition to other confidential information that needs to be protected in an encrypted vault." — Craig Lurey, Keeper Co-Founder and CTO.
Utilizing a cloud solution of Duo SSO + Keeper SSO Connect is easy to set up as both do not require on-prem installation, but can work to protect hybrid environments. Duo SSO provides users with an easy and consistent login experience for any and every application, whether it’s on-premises or cloud-based. An organization will be able to use the zero trust access of Duo to verify the identity of the user, the security posture of their device, and apply access policies each time an access request is made to ensure only trusted users and devices are accessing the sensitive password information stored within Keeper.
"Keeper is the only enterprise password management solution that uses zero-knowledge encryption while at the same time providing a seamless login experience with any SAML 2.0 compatible identity provider, like Duo. Unlike other solutions, Keeper's integration does not require the user to type in a master password to access their vault. Keeper's security model ensures that the enterprise is in complete control of their encryption keys" — Craig Lurey, Keeper Co-Founder and CTO.
As the world continues to move to the cloud and embrace remote work, the urgency to adopt a zero trust security framework is important. Breaking away from passwords and embracing a stronger, better security of zero trust (never trust, always verify each time an access request is made), protects organizations and their users from potential breaches.
Click here to learn more about how Keeper SSO Connect works with Duo to protect your organization.
Try Duo For Free
See how easy it is to get started with Duo and secure your workforce, from anywhere and on any device with our free 30-day trial.