Educause Security Discussion mailing list archives
Re: passworded screen savers with timeouts, do you enforce?
From: Michelle Mueller <muellerm () MTMARY EDU>
Date: Mon, 8 Jan 2007 16:43:21 -0600
We set our screen savers to start and lock at 15 minutes of inactivity. We have this set campus wide via Active Director Group Policies. The users cannot change the setting. We informed everyone that the setting is for the security of the college and student's information. Shortly after we enable this Group Policy one person said something to the effect of, "I don't know why we have to do this. We're not Fort Knox." I explained that the student information is protected under federal law. If someone sat down at her computer while she was away and got sensitive information the college could be sued and lose all its grant money. And that her spending a couple of seconds typing a password was preferable to that. I also added that my own password is 15 letters long and that I lock my computer every time I walk away from my desk. The nay sayers really don't have a say in the security of our data. And if they complain too much, just ask them how they'd feel if a malicious person got their hands on all their employee data due to someone in HR leaving a computer logged in and unlocked. Michelle Mueller Mount Mary College Milwaukee, WI Michael Fox wrote:
Last month I asked for reasons why we should utilize passworded screen savers and I want to say thanks to everyone that responded. Now I need to ask if you enforce the screen saver password lockout and if you do how do you do it? Also how did you go about getting it past the nay sayers that don't want to have anything make them type their password in more than once a day. Any help would be appreciated. Thanks for the help. Mike Mike Fox Georgia Southern University Information Technology Services Office of Information Security mfox () georgiasouthern edu (912)871-1592 Jeremiah 29:11-16 NOTE: This email message is intended only for the named recipient(s) above and may contain information that is privileged, confidential, and or exempt from disclosure under applicable law. If you have received this message in error, or are not the named recipient(s), please immediately contact the sender and delete this email message.
Current thread:
- passworded screen savers with timeouts, do you enforce? Michael Fox (Jan 08)
- <Possible follow-ups>
- passworded screen savers with timeouts, do you enforce? Michael Fox (Jan 08)
- Re: passworded screen savers with timeouts, do you enforce? Waller, Michael A. (HSC) (Jan 08)
- Re: passworded screen savers with timeouts, do you enforce? Michelle Mueller (Jan 08)
- Re: passworded screen savers with timeouts, do you enforce? John Piercy (Jan 09)
- Re: passworded screen savers with timeouts, do you enforce? Parker, Ron (Jan 09)
- Re: passworded screen savers with timeouts, do you enforce? RL Vaughn (Jan 09)
- Re: passworded screen savers with timeouts, do you enforce? Parker, Ron (Jan 09)
- Re: passworded screen savers with timeouts, do you enforce? Harold Winshel (Jan 09)