Skip to main content

YALE-MSS-7.9: Use inactivity locks

Standards Group:
YALE-MSS-7: Data Protection

YALE-MSS-7.9: Use inactivity locks

Low Risk Endpoint Not Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Not Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Not Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Not Required Moderate Risk Network Printer Required High Risk Network Printer Required


Use an inactivity screen lock that automatically disables access and requires a password to unlock. The system must lock after 45 minutes or less of inactivity.

If the system is located in a Critical IT Space that implements the physical security controls outlined in Yale-MSS-4.1, the system does not need a screen lock and no policy exception is required.