#United States #Chicago #Keeper Security #Privileged Access Management #FedRAMP

Keeper Security Earns Prestigious FedRAMP High Authorization

Keeper Security, a leader in zero-trust and zero-knowledge Privileged Access Management (PAM) software, recently announced it has obtained the FedRAMP High Authorization for its Keeper Security Government Cloud (KSGC) platform. This milestone represents a critical leap forward for the company as it seeks to bolster security for high-impact federal systems. The FedRAMP (Federal Risk and Authorization Management Program) High designation specifically aims to fortify the protection of unclassified data that federal civilian agencies manage, outlining extensive risk evaluations and security protocols necessary for safeguarding sensitive information.

Significance of FedRAMP High Authorization

The attainment of FedRAMP High Authorization allows Keeper to expand its efforts in securing vital systems indispensable to law enforcement, emergency response, and critical infrastructure. The company's previous achievement of FedRAMP Moderate Authorization in August 2022 laid a robust groundwork, and this advancement highlights Keeper's unwavering commitment to adhering to stringent U.S. federal cybersecurity protocols.

As stated by Zoya Schaller, Director of Cybersecurity Compliance at Keeper,

"Achieving FedRAMP High Authorization underscores Keeper's readiness to protect agencies operating in the most demanding environments."

This authorization further validates the depth of Keeper’s security framework and the strength of its technical and organizational controls. Keeper Security's mission aligns deeply with supporting federal organizations to achieve their objectives with enhanced confidence.

Understanding FedRAMP’s Role in Cybersecurity

FedRAMP establishes a standardized method for evaluating and continuously monitoring the security of cloud services utilized by federal agencies. The High Impact designation applies to systems at risk where unauthorized access could lead to severe disruptions or damages to agency operations, assets, or personnel. Keeper's KSGC has successfully been assessed against and complies with the rigorous FedRAMP High baseline controls laid out in NIST SP 800-53 Rev. 5. This enables federal agencies to adopt best practices for zero-trust models and expedites their secure cloud transformations.

Comprehensive Features of KSGC

The KSGC platform is an all-encompassing, cloud-native zero-trust PAM solution that incorporates various features including:

• - Password, Passkey, and Secrets Management: Ensuring secure storage and access of critical credentials.
• - AI-Enabled Privileged Session Monitoring: Allowing real-time insights into user activity and potential risks.
• - Zero-Trust Network Access: Enforcing rigorous access controls to minimize vulnerabilities.
• - Endpoint Privilege Management: Managing user permissions effectively to reduce risks associated with unauthorized access.
• - Remote Browser Isolation: Safeguarding the network from threats stemming from internet activities, enhancing overall security.

These innovative features collectively help agencies uphold least-privilege access, control credential usage, and maintain comprehensive visibility into privileged activity across their operational environments.

Compliance and Integration

KSGC seamlessly integrates with federal identity platforms, and it supports the use of CAC (Common Access Card) and PIV (Personal Identity Verification) smart card authentication. This ensures compliance with federal identity verification protocols, including FIPS 201 and NIST SP 800-63. The architecture of the KSGC platform is designed with zero-trust and zero-knowledge principles in mind, meaning users retain exclusive control over their data and encryption keys, thus protecting against common threats like ransomware and insider breaches.

Furthermore, the platform aids agencies in satisfying Federal Information Security Modernization Act (FISMA) requirements and Federal Information Technology Acquisition Reform Act (FITARA) reporting duties. This includes maintaining role-based access controls, implementing multi-factor authentication, and supporting various regulatory frameworks, including NIST and ITAR (International Traffic in Arms Regulations).

Aiming for Resilience against Evolving Cyber Threats

In response to the growing complexity of cyber threats, Darren Guccione, CEO and Co-founder of Keeper Security, emphasized the necessity of agile, zero-trust solutions that offer speed, simplicity, and robust security. He stated,

"Keeper is honored to protect the public sector's data and systems, contributing to the safety of government operations and the well-being of U.S. citizens."

Keeper's achievement of the FedRAMP High Authorization enriches a broad spectrum of independent validations the company holds, including FIPS 140-3, GovRAMP Authorization, SOC 2 Type II and SOC 3 attestations, and various ISO certifications. Serving over 100,000 organizations worldwide, including major federal agencies such as the Departments of Justice, Energy, Transportation, and NASA, Keeper Security's commitment to empowering organizations against contemporary cybersecurity threats remains steadfast.

The Keeper Security Government Cloud can now be found in the FedRAMP Marketplace, further demonstrating its commitment to public sector solutions. For more information on Keeper's offerings, visit KeeperSecurity.com/federal-government.