History

Priority

should

2010

Agencies should:• configure systems with a session or screen lock• configure the lock to activate either:– after a maximum of 15 minutes of system user inactivity– if manually activated by the system user• configure the lock to completely conceal all information on the screen• ensure the screen is not turned off or enters a power saving state before the screen or sessionlock is activated• have the system user reauthenticate to unlock the system• deny system users the ability to disable the locking mechanism.

2008

Agencies should: a. configure systems with a screen and/or session lock b. configure the lock to activate: 1) after a maximum of 15 minutes of system user inactivity or 2) if manually activated by the system user c. configure the lock to completely conceal all information on the screen d. ensure the screen does not appear to be turned off while in the locked state e. have the system user re-authenticate to unlock the system f. deny system users the ability to disable the locking mechanism.