Policy
Policy Name
User System Session Policy

Overview
Workstations, to include desktops and laptops used for system processing capabilities, must be secured when users are away from their system or after a period of inactivity.

Statement
  • Workstation sessions must be timed out after 30 minutes of inactivity.
  • Users must re-authenticate to reactivate or re-establish a new session (e.g. password protected login screen).

Justification

The following benefits will be achieved:

  • workstations will be protected from unauthorized access

Scope
All employees, contractors, agents and third-parties

Consequeces for Noncompliance
Noncompliance to this policy can result in disciplinary action up to and including termination of employment or contract.

Topics
Authentication
Access Control