Keeper Security, a leader in zero-trust and zero-knowledge identity security, has expanded its KeeperPAM platform to enhance privileged access management (PAM) across Google Cloud Platform (GCP) and Google Workspace environments. The update addresses one of the most persistent security blind spots in modern cloud deployments: unmanaged privileged access for both human and non-human identities.
Closing the Cloud Identity Gap
As cloud adoption accelerates, identity-based attacks have emerged as a top cause of data breaches. AI-driven automation compounds the risk by increasing the number and privilege of Non-Human Identities (NHIs) like service accounts and automation tools. Overprivileged accounts and unrotated credentials create a broad attack surface, expanding the impact of potential compromises.
“Cloud security failures rarely stem from a single misconfiguration—they stem from unmanaged identity sprawl,” said Darren Guccione, CEO and Co-founder of Keeper Security. “KeeperPAM applies zero-trust principles across Google Cloud infrastructure and Google Workspace identities, enforcing least privilege and eliminating standing access without adding complexity.”
Unified Privileged Access Management
KeeperPAM integrates with Google Cloud via a dedicated service account and lightweight Keeper Gateway, providing outbound-only, agentless access in line with zero-trust principles. It automatically discovers GCP resources and privileged identities in IAM policies, including Google Workspace users. Key capabilities include:
- Unified Management: Govern both cloud infrastructure credentials and human identities from a single platform.
- Automated Credential Rotation: Rotate passwords for Google Workspace users and cloud service accounts, eliminating standing access.
- Least-Privilege Enforcement: Support for custom minimal-permission IAM roles reduces overprivileged access and limits breach impact.
- Zero-Knowledge Protection: Service account keys and privileged credentials are encrypted in the Keeper Vault, never exposed to users or endpoints.
- Audit-Ready Visibility: Centralized logging and reporting simplify compliance and regulatory audits.
Cloud-Native, Multi-Cloud Ready
Unlike legacy PAM solutions built for on-premises environments, KeeperPAM is cloud-native, requiring no inbound firewall changes, bastion hosts, or agents. Organizations can secure Google Cloud without disrupting workflows, and the platform extends consistent privileged access controls across GCP, AWS, and Microsoft Azure.
“Most PAM tools were never designed to manage cloud identities at scale, especially human identities embedded in SaaS platforms like Google Workspace,” said Craig Lurey, CTO and Co-founder of Keeper Security. “KeeperPAM reflects how cloud environments operate today, delivering least-privilege controls, automated rotation, and visibility across identities attackers increasingly target.”
Reducing Breach Impact with Zero Trust
By enforcing continuous verification and eliminating standing access, KeeperPAM reduces the blast radius of credential compromise, supporting a zero-trust, assume-breach model that limits lateral movement and exposure.
The new Google Cloud capabilities are available immediately as part of the KeeperPAM platform, with full technical documentation provided for enterprise IT teams.
Power Tomorrow’s Intelligence — Build It with TechEdgeAI
