Re: Timeout/Lockout Settings

["Stanclift, Michael" <michael.stanclift () ROCKHURST EDU>]

Our current policies: http://help.rockhurst.edu/accounts/protection

For faculty and staff system, we enforce them through a login script that checks the screensaver settings and adjusts 
them to be in line with policy. Doing it this way allows a bit of flexibility for the end users, allowing them to 
select their own screensaver, and a timer less than the 30 minute policy if they want. They can still adjust their 
personal settings to be outside these guidelines if they're so inclined, but they are reset at the next login. I can 
send a copy of the script I wrote to do this, if needed.

Student systems are a flat 10 minutes of inactivity, then automatic log out (with 30 prompt to cancel).

We had a lot of backlash when we instituted this policy at the end of 2007. But when do we not?


Michael Stanclift
Network Analyst
Rockhurst University

http://help.rockhurst.edu
(816) 501-4231

Think before you print!


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Adam 
Richard
Sent: Wednesday, June 10, 2009 9:35 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Timeout/Lockout Settings

I am curious to know how other peer institutions are setting up their
timeout/lockout settings.  

How are you enforcing the timeouts (pointsec, windows settings,
screensaver,etc)?

How long must the PC be inactive for the timeout setting to take effect? Do
the time limits vary based on user?

Thanks all!

Adam Richard '05
IT Security Analyst/Operations Specialist

Messiah College
Hoffman 211
(717) 796-1800 x.6570

One College Ave.
Information Technology Services
Box 3055
Grantham, PA 17027

"ITS will never ask you for your password"