Dynamic Privileged Access – New UK Data Center, Audit Reports

June 27, 2023 Sam Flaster

Dynamic Privileged Access

As global needs for just-in-time (JIT) access and data sovereignty accelerate, CyberArk is proud to announce several new capabilities for CyberArk Dynamic Privileged Access (DPA) and the CyberArk Identity Security Platform Shared Services. 

Improved user experience, IT security audit reporting and improved authentication are key focuses of recent enhancements in May and June. 

Customers can now host CyberArk DPA from the AWS London data center. This allows them to introduce JIT access to workloads in their hybrid cloud environments while complying with data sovereignty and compliance requirements. 

This new data center adds to existing support for CyberArk DPA in U.S. and German data centers. 

Several additional new capabilities in CyberArk DPA enable operational efficiencies for privileged access management (PAM) deployments. First, organizations can now provision JIT access to Windows server targets from multiple domains, simplifying the administration of JIT privileged access management policies. Also, organizations can now add CyberArk DPA connector pools to provision JIT access to multiple on-premises networks. 

And to further enable organizations to reduce risk with JIT access, CyberArk has removed requirements to install the CyberArk Identity connector for JIT connections to any type of target. Simultaneously, Azure Active Directory is now an approved directory for CyberArk DPA. 

Additionally, organizations using CyberArk DPA can now reduce risk by securely storing the strong account that creates ephemeral user identities in the CyberArk Privilege Cloud vault. (Previously, this capability was only available for JIT access to cloud targets.) This additional layer of defense-in-depth security helps organizations restrict use of the strong account and reduce the risk of credential theft. 
 
Finally, CyberArk DPA customers also now benefit from new offline reports available through the CyberArk audit service, one of the CyberArk Identity Security Platform Shared Services. Customers can also now create and download reports from CyberArk Secure Cloud Access, CyberArk Cloud Entitlements Manager, CyberArk Conjur Cloud and CyberArk Secrets Hub. These offline reports can be used to assist internal and external audit processes for both human and machine identities, helping organizations satisfy cyber insurance and compliance requirements. 

To learn more visit the CyberArk DPA “What’s new” page at CyberArk Docs.  

Previous Article
macOS Least Privilege Best Practices to Combat Rising Ransomware
macOS Least Privilege Best Practices to Combat Rising Ransomware

Ransomware accounts for one in every four breaches, and increasingly, it’s going after enterprise macOS use...

Next Article
Securing the Web Browser in an Identity-focused Threat Landscape
Securing the Web Browser in an Identity-focused Threat Landscape

For more than 30 years, we’ve been living in a world where one of the most widely-used applications is the ...