AC-11: Device Lock
NIST Baseline: Moderate
TAMUS Required By: 02/01/2024
Review Date: 08/27/2024
- The information resource owner, or designee, shall:
- Prevent access to an information resource by initiating a session/device lock after no more than 15 minutes of inactivity or upon receiving a request from a user.
- Session/device locks will conceal information previously visible on the display with a publicly viewable image and/or screensaver.
- Retain the session/device lock until the user re-establishes access using established identification and authentication procedures.
- Prevent access to an information resource by initiating a session/device lock after no more than 15 minutes of inactivity or upon receiving a request from a user.
References/Additional Resources
None. See any applicable internal procedures.