Microsoft has introduced new security features for Power Automate desktop flows, enhancing identity protection, secret management, and infrastructure security. These updates strengthen compliance and safeguard automation processes, ensuring a more secure and resilient desktop automation experience.

Here are the new security features:

Secure desktop flow credentials with Azure Key Vault and CyberArk secrets: Encrypt and manage passwords securely to reduce unauthorized access risks.
Certificate-Based Authentication (CBA) with MFA: Strengthen security with this passwordless solution, ensuring compliance for both attended and unattended scenarios.
Credentials for Desktop flow actions: Protect sensitive information by keeping credentials out of scripts and logs, ensuring only authorized access.
VNet support for Hosted machine groups: Easily scale RPA workloads on Microsoft-managed virtual machines hosted on Azure infrastructure.
Network Level Authentication (NLA) for Microsoft Entra joined & hybrid devices: Enforce user authentication before remote desktop connections.