Re: [EXTERNAL][SECURITY] student information system timeout length

["McClenon, Brady" <Brady.McClenon () ONEONTA EDU>]

Note that you need to pick through to find the latest ones.  Some of these are older than dirt...

https://www.unifiedcompliance.com/products/search-controls/control-result/7771/





From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Thomas, Chuck
Sent: Monday, October 29, 2018 1:48 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [EXTERNAL][SECURITY] student information system timeout length

20 minutes is working well for us.

Chuck

Chuck Thomas, CISSP
Director of Information Security and Network Infrastructure
Wor-Wic Community College

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Kevin Shalla
Sent: Monday, October 29, 2018 12:23 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [EXTERNAL][SECURITY] student information system timeout length

I'm guessing there's a sweet zone for session timeouts that balances between very secure and very productive. Does 
anyone have a reference to a best practice or industry standard for a student information system session timeout?

Kevin Shalla
Manager of Technology
Campus and Student Life
University of Chicago



Confidentiality Notice: This email and any files transmitted with it are confidential and intended solely for the use 
of the individual or entity to whom they are addressed. If you are not the intended recipient you are notified that 
disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly 
prohibited.