Keeper Security has released a new case study with DrillDocs, a technology startup delivering computer vision software for the offshore oil and gas industry.
The case study documents how DrillDocs deployed KeeperPAM to secure privileged access across a globally distributed workforce, including third-party engineering partners supporting production systems around the clock from personal devices.
DrillDocs had already built a strong foundation for secure DevOps workflows using Keeper Secrets Manager. During automated deployments, credentials were programmatically retrieved and injected directly into memory, ensuring they were never stored in plaintext on production systems. That approach worked well for machine-to-machine access, but as the company expanded internationally and introduced an external engineering services firm to provide around-the-clock production support, its security needs evolved.
Managing interactive privileged sessions across a distributed mix of internal engineers and third-party partners operating on personal devices required a comprehensive identity security solution. Leadership also needed greater visibility into privileged activity, tighter controls over access provisioning and revocation and a platform that could scale securely alongside its global operations.
“We were getting worried about how to best manage security when work is done from personal machines,” said Francois Ruel, co-founder and chief science officer of DrillDocs. “We trust our partners, but we needed to switch to a trust-but-verify culture.”
Recognized in the Gartner Magic Quadrant for Privileged Access Management, KeeperPAM is an AI-enabled cloud-native PAM platform that unifies password management, secrets management, privileged session management and endpoint privilege management in a single zero-trust, zero-knowledge architecture. Engineers and external partners connect to production systems through secure, browser-based sessions with no VPN required and no credentials exposed. Access is scoped by role, every session is recorded and auditable, and provisioning or revocation happens in seconds.
For DrillDocs, full deployment was quick and simple, replacing informal access processes with a security posture that matched the scale and risk profile of its operations within a single onboarding session.
