Standards Group:
YALE-MSS-7: Data Protection
YALE-MSS-7.8: Use inactivity locks
Low Risk Endpoint
Not Required
Moderate Risk Endpoint
Required
High Risk Endpoint
Required
Low Risk Server
Not Required
Moderate Risk Server
Required
High Risk Server
Required
Low Risk Mobile Device
Not Required
Moderate Risk Mobile Device
Required
High Risk Mobile Device
Required
Low Risk Network Printer
Not Required
Moderate Risk Network Printer
Required
High Risk Network Printer
Required
Details
Inactivity locks help prevent unauthorized physical access to a system or mobile device and obfuscate sensitive information on the screen.
An inactivity lock must automatically disable access and require a password to unlock after 45 minutes or less of inactivity.
If the IT system is hosted in a Yale Critcal IT Space, this requirement is met.