Keeper Standard Test: guide

The Keeper Standard Test is a critical framework in modern talent management and cybersecurity practices. Originally pioneered by Netflix, this test has evolved to become a benchmark for assessing and maintaining high performance within organizations. This comprehensive guide delves into the origins, principles, and industry adoption of the Keeper Standard Test, its security benchmarks, and recommended settings, as well as its advantages and disadvantages. Additionally, we explore alternative approaches to talent management and relevant certifications and compliance standards.

Key Takeaways

• The Keeper Standard Test was pioneered by Netflix and has become a benchmark for high performance in organizations.
• Security benchmarks and recommended settings are crucial for achieving zero trust and zero knowledge security.
• Vulnerability disclosure and testing are essential components, with Keeper partnering with Bugcrowd for this purpose.
• The Keeper Test has both advantages and disadvantages, impacting company culture and employee performance.
• Alternative approaches to talent management, such as upskilling and skills-based hiring, offer more compassionate strategies.

Understanding the Keeper Standard Test

The Keeper Standard Test is an ongoing method of talent assessment that enables a company to prioritize its highest performers. It was pioneered by Netflix, the streaming service and producer of series such as Stranger Things and House of Cards, and popularized by a set of slides that went viral in 2012.

Origins and Evolution

The Keeper Test requires managers to ask themselves, “Which of my people, if they told me they were leaving for a similar job at a competitor or peer company, would I fight hard to keep?” This question helps managers identify their most valuable employees and make informed decisions about retention and development.

Core Principles

The core principles of the Keeper Test revolve around transparency, performance, and accountability. Managers are expected to be forthright with their staff, providing regular feedback and opportunities for improvement. Lower performers are also given plenty of opportunities to ask for feedback and identify ways to improve. This ensures that underperformers aren’t caught off guard by an unexpected firing.

Industry Adoption

The Keeper Test has been adopted by various industries beyond entertainment, including tech and finance. However, it is not without its criticisms. Some argue that the test is incompatible with diversity and inclusivity, particularly for neurodiverse individuals who may find the constant pressure to perform alienating. Despite these concerns, many companies continue to use the Keeper Test as a tool for maintaining high performance standards.

The Keeper Test can also hurt your company’s reputation. Fired employees might talk about their experience, which can spread to potential new hires. This can damage your ability to hire the best performers in the future, undermining the whole point of the test.

Security Benchmarks and Recommended Settings

Administrative Recommendations

Administrative recommendations for Keeper Security policies and settings are crucial for maintaining a robust security posture. Keeper Security Benchmarks measure your organization’s baseline of compliance with recommended security settings, policies, and controls for achieving best-in-class zero trust and zero knowledge security.

Compliance Measures

To ensure compliance, organizations should adhere to the following measures:

1. Create at least two Keeper Administrators.
2. Enforce 2FA on the Keeper Administrator Role.
3. Ensure an Administrator Exists Outside of SSO.
4. Reduce Administrator Privilege.
5. Lock down your SSO Provider.
6. Disable Account Recovery When Appropriate.
7. Enforce a Strong Master Password.
8. Enforce Two-Factor Authentication for End-Users.
9. Configure IP Allowlisting.

Zero Trust and Zero Knowledge Security

Zero trust and zero knowledge security models are foundational to Keeper’s approach. These models ensure that even if data is intercepted, it cannot be decrypted without the proper keys. This approach significantly reduces the risk of data breaches and enhances overall security.

Keeper’s zero trust and zero knowledge security models are designed to provide the highest level of data protection, ensuring that sensitive information remains secure even in the event of a breach.

Vulnerability Disclosure and Testing

Internal and External Testing

Keeper conducts extensive internal and external testing, including pen tests performed by NCC Group and Cybertest with full source code access. These rigorous tests ensure the highest level of security for Keeper’s products.

Partnership with Bugcrowd

Keeper operates its vulnerability disclosure program in partnership with Bugcrowd. This collaboration benefits the entire industry and supports social good. The program encourages good-faith security testing and disclosure of discovered vulnerabilities.

Good-Faith Security Testing

To encourage good-faith security testing and disclosure of discovered vulnerabilities, we ask that you:

• Avoid violating user privacy, harming the user experience, disrupting production or corporate systems, and/or destroying data.
• Perform research only within the scope set out by the Bugcrowd vulnerability disclosure program linked below, and respect systems and activities which are out-of-scope.
• Contact us immediately at security@keepersecurity.com if you encounter any user data during testing.

If at any time you are concerned or uncertain about testing in a way that is consistent with the guidelines and scope of this policy, please contact us at security@keepersecurity.com before proceeding.

Advantages and Disadvantages of the Keeper Test

Pros of the Keeper Test

The Keeper Test challenges managers to choose the best players for their team, disregarding any factor other than performance to maintain high talent density. One of the key advantages of the Keeper Test is its utilization of advanced artificial intelligence and data-driven insights. By leveraging cutting-edge technology, companies can ensure they are retaining top talent and fostering a high-performance culture.

Cons of the Keeper Test

But ultimately, the Keeper Test comes with many more cons than pros. Here are the most major downsides to the Keeper Test, along with their consequences for your company:

• Creates a culture of fear: Fosters negative health and performance impacts for employees.
• Undermines the psychological safety of employees: Affects a company’s overall efficiency by creating paranoid workers.
• Diminishes job satisfaction: The brutality of the Keeper Test shows your employees – even the top performers – that you view them as disposable.

Impact on Company Culture

The Keeper Test can also hurt your company’s reputation. Fired employees might talk about their experience, which can spread to potential new hires. This can damage your ability to hire the best performers in the future, undermining the whole point of the test.

The Keeper Test can have serious consequences for employee morale because it grants them little relief in their day-to-day lives.

Alternative Approaches to Talent Management

Upskilling and Reskilling

A healthy talent management approach should recognize that organizational policy affects individual performance. By taking a system-focused approach to talent management, rather than an individual-focused one, you can help all your staff to reach their potential. Prioritizing upskilling and reskilling ensures existing workers have the skill sets they need to thrive.

Cultural Change

Fostering an inclusive culture encourages innovation, creativity, and diversity of thought. This approach helps to address systemic issues that keep employees from doing their best. By building an inclusive culture, offering employees scope to learn and grow, communicating clearly, and respecting the dignity of your workers, you can retain and develop the talent you have.

Skills-Based Hiring

Skills-based hiring focuses on the abilities and potential of candidates rather than their formal qualifications. This method can help to identify and recruit talent that might otherwise be overlooked. It also aligns with a more compassionate approach to talent management, understanding the systemic issues that keep employees from doing their best.

Developing an evidence-based approach to talent management can have some short-term benefits. However, when you consider the consequences for company productivity and employee wellbeing, it’s hard to justify taking it seriously as a talent management technique.

Certifications and Compliance

Industry Certifications

Keeper is ISO 27001, 27017, and 27018 certified, covering the Keeper Security Information Management System and Cloud Infrastructure, which supports the Keeper Enterprise Platform. These certifications include the management and operation of the digital vault and cloud services, cloud security controls, data privacy controls, software and application development, and protection of digital assets for both the digital vault and cloud services.

Compliance Standards

Keeper is fanatical about security. It is the most secure, certified, tested, and audited password security solution and privileged access management platform in the world. Keeper has the longest-standing SOC 2 and ISO certifications in the industry. Additionally, Keeper is GDPR compliant, CCPA compliant, HIPAA compliant, FedRAMP and StateRAMP Authorized, PCI DSS certified, and certified by TrustArc for privacy.

Privacy Certifications

Keeper’s encryption has been certified by the NIST CMVP and validated to the FIPS 140 standard by accredited third-party laboratories. This ensures that Keeper meets the highest standards for data protection and privacy.

Keeper’s commitment to security and compliance is evident in its extensive list of certifications and adherence to stringent standards.

Conclusion

The Keeper Standard Test, while a bold and innovative approach to talent management, presents a mixed bag of advantages and disadvantages. On one hand, it promotes high performance and helps companies retain their top talent. On the other hand, it can create a culture of fear and insecurity, which may undermine employee morale and overall company efficiency. By understanding both the strengths and weaknesses of the Keeper Test, organizations can make informed decisions about whether to implement it or explore alternative methods for managing talent. Ultimately, a balanced approach that considers the well-being of all employees will likely yield the best results for fostering a healthy and productive work environment.

Frequently Asked Questions

What is the Keeper Standard Test?

The Keeper Standard Test is an ongoing method of talent assessment that enables a company to prioritize its highest performers. It was pioneered by Netflix and popularized by a viral set of slides in 2012.

Who invented the Keeper Test?

The Keeper Test was invented by Netflix, the streaming service and producer of series such as Stranger Things and House of Cards.

What are the advantages of the Keeper Test?

The Keeper Test is hailed as a bold way to improve team performance by prioritizing top performers. It aims to ensure that only the most valuable employees are retained.

What are the disadvantages of the Keeper Test?

The Keeper Test can create a culture of fear, negatively impact employee health and performance, undermine psychological safety, and diminish job satisfaction.

How does Keeper ensure security in its testing processes?

Keeper conducts extensive internal and external testing, including pen tests performed by NCC Group and Cybertest with full source code access. Keeper also operates its vulnerability disclosure program in partnership with Bugcrowd.

What are some alternative approaches to talent management?

Alternative approaches to talent management include upskilling and reskilling, fostering cultural change, and implementing skills-based hiring techniques.