Connect when Privilege Cloud is unavailable
This topic describes how to connect to your accounts securely when the Privilege Cloud service is unavailable.
Overview
Privilege Cloud strives to provide you with secure, uninterrupted access to your accounts whenever you want to access them.
On very rare occasions we may experience a service outage. On such occasions we would like to provide you with an alternative method of accessing accounts that you typically access using Privilege Cloud, in a secure way.
|
Accessing accounts when Privilege Cloud is unavailable is done using the CyberArk Mobile app.
With the CyberArk Mobile app you can select the accounts that you want to store locally on your mobile device and that will be available to you when the Privilege Cloud service is unavailable.
Offline access is relevant only for accounts for which you can retrieve the credentials yourself (show and copy password).
-
Accounts under certain policies cannot be saved offline:
-
Enforced check-in/check-out exclusive access
-
Requires dual control password access approval
-
Enforced one-time password access
-
Ticketing systems integration
-
Smartphone requirements
You need an iOS or Android device with an active phone number.
|
Device |
Minimum version |
|---|---|
|
iOS |
Version 10 |
|
Android |
v6.0, with biometric security feature and Google Services Framework. On devices that support both facial and fingerprint capabilities, make sure that the fingerprinting option is enabled. |
Register to CyberArk Mobile
To begin using CyberArk Mobile, follow the instructions in Register to the CyberArk Mobile app.
Download the accounts for offline access
After you have registered and set up CyberArk Mobile, select the account that you want to be able to access when Privilege Cloud is unavailable.
To download the accounts:
Company users and vendors can download their accounts cached passwords for offline access so that they can view the credentials when PAM services are unavailable.
-
On your mobile device, open the CyberArk Mobile app.
-
Authenticate with either Face or Touch ID, according to your phone settings.
-
Click the menu icon. Select a company and enter your CyberArk Mobile pin code and user authentication details.
The CyberArk Mobile displays your applications.
-
Click on the name of an application and select an account.
The Account Details page opens.
-
Scroll to the bottom of the page, and click Make available offline to download and store the account credentials in your CyberArk Mobile app.
-
If your account password was rotated since last sync, click Sync to retrieve the latest account password.
Syncing offline accounts may take awhile. If you need to sync only individual accounts, you can do this manually by copying your password from the account details page.
Access accounts when Privilege Cloud is unavailable
Company users and vendors can view their accounts cached passwords for offline access when PAM accounts are unavailable.
-
On your mobile device, open the CyberArk Mobile app.
-
Authenticate with either Face or Touch ID, according to your phone settings.
-
Click the menu icon and click Switch to offline mode.
-
Enter your CyberArk Mobile pin code and company user authentication details.
The CyberArk Mobile displays the list of companies allowed for offline access.
-
Select company, and the application you want to access. Find the account you want to access offline and click Show password.
-
Enter the password manually on the target machine.
For security reasons, you cannot copy this password to your device.
Numbers and letters are displayed in separate colors.
-
You can click on the tile of an account to view more details about the selected account.
