What's new 2022

Vendors can now be invited through Remote Access to CyberArk Identity web applications, directly from the CyberArk Mobile app.

Vendors are assigned with CyberArk Identity roles during the invitation process, controlling the apps allowed for access.

For more information about vendor access to CyberArk Identity apps, see Vendor access to CyberArk Identity web applications

This release includes security enhancements for the Remote Access CLI.

In this release a new setting allows the Admin or Vendor Manager to select the invitation mail language. Currently, Japanese is supported. To activate this feature, contact CyberArk Support.

For details, see Set vendor invitations general settings.

Currently, administrators or Vendor Managers can assign to vendors an allowed time frame for accessing applications. This release enhances this capability by allowing administrators or Vendor Managers to limit vendor access according to the organization's working days and hours, within the allowed time frame dates.

For more information, see Access time frame.

Currently Remote Access allows administrators to limit the email domains from which all inviters can invite vendors.
This release enhances this capability so that limited email domains can also be defined per Vendor Manager and external vendor manager.

For more information, see Allowed email domains.

Remote Access allows inviters to review the status of their invitations to vendors, where in some cases are pending or in expired status. In cases where pending or expired invitations need to be edited, the inviter needs to create a new invitation from scratch. With this release, inviters can now edit or resend existing pending or expired invitations, without requiring to fill in all the details again.

For more information, see Pending vendor invitations

Remote Access provides vendors with just in time, biometric authentication protection, and VPN-less access to Privileged Access Manager - Self-Hosted. In many cases, vendors require access to other business applications. Therefore, we are expanding vendor access beyond PAM - Self-Hosted to include web and business applications. With this release, vendors can be invited through Remote Access to CyberArk Identity web applications, including capabilities of Remote Access, Identity SSO and Secure Web Sessions. This allows for JIT provisioning, strong authentication, SSO, session recording, continuous authentication and session protection.

Vendors are assigned with Identity roles during the invitation process, controlling the apps allowed for access, and are deprovisioned based on Remote Access time frame expiration.

For more information, see Vendor access to CyberArk Identity web applications

CyberArk PAM - Self-Hosted can be configured with dual control to allow users to connect with a privileged account only after they receive approval from an authorized user.

When this policy is used in high volumes or in time-sensitive events, it may create a great overhead for the authorizer. The approval process must be available with minimal steps, from everywhere and at any time to allow for an efficient business continuity.

With this new release, authorized users can now review incoming requests to access PAM - Self-Hosted accounts via the CyberArk Mobile app, and confirm or reject these requests, in the same way as with the web portal, including bulk action for multiple requests.

This capability is available for Privilege and self-hosted PAM - Self-Hosted customers, utilizing Remote Access’ VPN-less and modern CyberArk Mobile application.

For more information, see Approve access to accounts from the CyberArk Mobile app.

By default, CyberArk Mobile users can use the Offline Access feature to cache the password of any account they have permissions to access. With this new addition, administrators can define specific accounts that are disabled from offline access.

For more information, see Restrict offline access per account.

Remote Access administrators can now view a history of activities for vendor manager and user role permission changes. For more information, see Monitor activities.

As we previously mentioned in What's new 2022 What's New, the Remote Access connector minimum version is 1.0.12409.

The Remote Access connector version 1.0.12002 is now deprecated.

This is happening in accordance with the CyberArk end-of-life policy, and to provide optimal service to our Remote Access customers.

As always, we advise to update to the latest version which contains the latest functionality, performance, and security enhancements, as well as the latest bug-fixes. For more information, see Upgrade connectors.

This release adds security enhancements in the Remote Access service and Remote Access connector.