Am really keen on exposing PowerApps / Flow news - this was provided from Microsoft Flow. You can read out the full post available on this link:
Power Automate continues to evolve, bringing new security features to help organizations protect their data and automate intelligent processes more securely by design. Here are some of the latest enhancements:
Protect Identities and Secrets with credential management
- Desktop flow connection credentials with Azure key vault and CyberArk secrets: Power Automate now supports storing connection credentials securely in Azure Key Vault (AKV) or CyberArk. This ensures that passwords are encrypted and managed securely, reducing the risk of unauthorized access. This feature includes support for automatic connection updates at runtime (like when a password rotation occurs).
- Certificate-Based Authentication with MFA (Public preview): To further enhance security, Power Automate now supports certificate-based authentication in desktop flow connections. This passwordless solution adds an extra layer of security, meeting multi-factor authentication (MFA) requirements for attended as well as unattended scenarios. This feature is available from Power Automate for Desktop Build 2410.
- Credentials for Desktop flow actions (Public preview): For desktop flows, Power Automate allows the use of credentials directly within flow actions. This ensures sensitive information is handled securely, not stored in scripts or logs, and accessible only to authorized users. This feature is available from Power Automate for Desktop Build 2411.
Protect Networks
- VNet support for Hosted machine groups (Public preview): the Power Automate hosted RPA solution provides a streamlined approach for setting up and scaling robotic process automation (RPA) to run RPA workloads running on virtual machines managed by Microsoft and hosted on Azure infrastructure. You can now connect your own Azure virtual network (VNet) to your hosted machine groups (Public preview) enabling:
- Network isolated, private environments with customized network security measures, such as Network Security Groups and firewalls, to control and monitor traffic.
- Integration with on-premises networks through VPN or ExpressRoute where access to on-premises resources is necessary for RPA workloads.
Please note that connecting your own Azure VNet with individual hosted machines is already a generally available (GA) capability.
- Network Level Authentication support on Microsoft Entra joined or hybrid devices (Public Preview)
- Network Level Authentication (NLA) is a security measure that mandates user authentication prior to the establishment of a remote desktop connection. This feature assists organizations in mitigating the risk of unauthorized access by ensuring that only authenticated users can initiate a remote session, thereby protecting against vulnerabilities associated with the authentication process.
- This feature is now supported when running unattended workload using a MS Entra ID account on a Microsoft Entra joined or hybrid device.
These new security features make Power Automate an even more robust tool for automating intelligent processes while maintaining a high level of security. By protecting identities and secrets, safeguarding networks, and monitoring for threats, organizations can confidently leverage Power Automate to drive efficiency with hypermation.
The post New Security Features for Desktop flows: Enhancing protection of identities, secrets and desktop infrastructure appeared first on Microsoft Power Platform Blog.
Related Posts
Boost productivity: Automate emails, documents, and images with Microsoft AI Builder
The next frontier in enterprise intelligent automations with Microsoft Power Automate
Work and automate simultaneously with picture-in-picture in Power Automate
Elevating Efficiency: How Microsoft Customer Experience & Success streamlines operations with process mining in Power Automate
May 2024 update of Power Automate for desktop
Generative AI Prompts to automate content processing
