Educause Security Discussion mailing list archives
Re: Suggestions on best practices for idle timeouts
From: Frank Barton <bartonf () HUSSON EDU>
Date: Thu, 29 Oct 2015 08:58:05 -0400
Emily, We go through this every so often, and "rounds are done" in our case the gripe seems to be more on the "I might put up a powerpoint slide for 45 minutes, and not touch the machine" because most video applications will prevent the computer from screen-saving, or sleeping One thing that I will note is that, while we started with an across-the-board policy, that doesn't work, and you will probably need to break your computers up by business need. PCI Compliance mandates a 15 minute idle-lock for example. I may be the odd duck, but I like to keep my idle timeout *very* low (to the tune of 2 minutes), so one thing that we are looking at doing is mandating maximums, but allowing people to set them lower. The other thing that we found helpful was to put in a "warning" state - i.e. screen-saver after 5 minutes, require password after 30 seconds of screen-saver. so that if the user was in a situation where they had a slide up, they had a brief window to abort the lock That being said, we picked up a handful of these mouse jigglers ( https://www.cru-inc.com/products/wiebetech/mouse_jiggler/) for use at the help-desk, when we are running time-consuming processes on machines that are brought in. As you go through your discussions, I would be interested in hearing what you decide, what policies are written, etc. as I am sure others on the list would be too Thank You Frank On Wed, Oct 28, 2015 at 1:43 PM, Emily Harris <emharris () vassar edu> wrote:
We are in very lively discussions about best practices for idle machine timeouts. Most of the discussion is around timeouts for faculty machines, as they could set up a computer with a video or movie and not touch the machine again for 2 hours. We are specifically talking about timeouts for Single Sign On applications. Has anyone been through these discussions and come up with some acceptable standards? Thanks! ---- Emily Harris Interim Information Security Officer, CIS Vassar College 845-437-7221
-- Frank Barton ACMT IT Systems Administrator Husson University
Current thread:
- Suggestions on best practices for idle timeouts Emily Harris (Oct 28)
- Re: Suggestions on best practices for idle timeouts Frank Barton (Oct 29)
- Re: Suggestions on best practices for idle timeouts Tim Doty (Oct 29)
- Re: Suggestions on best practices for idle timeouts Brad Judy (Oct 29)
- Re: Suggestions on best practices for idle timeouts Tim Doty (Oct 29)
- Re: Suggestions on best practices for idle timeouts Eric Lukens (Oct 29)
- Re: Suggestions on best practices for idle timeouts Velislav K Pavlov (Oct 29)
- Re: Suggestions on best practices for idle timeouts Brad Judy (Oct 29)