>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AC-11Session Lock

PBMM (P2)
Secret (P2)
Technical

>Control Description

(A) The information system prevents further access to the system by initiating a session lock after organization-defined time period of inactivity or upon receiving a request from a user. (B) The information system retains the session lock until the user re-establishes access using established identification and authentication procedures.

>Supplemental Guidance

Session locks are temporary actions taken when users stop work and move away from the immediate vicinity of information systems but do not want to log out because of the temporary nature of their absences. Session locks are implemented where session activities can be determined. This is typically at the operating system level, but can also be at the application level.

Session locks are not an acceptable substitute for logging out of information systems, for example, if organizations require users to log out at the end of workdays. Related control: AC-7

>Tailoring Guidance

This security control/enhancement is considered to be best practice. Consequently, inclusion in a departmental profile is strongly encouraged in most cases.

>Profile-Specific Parameters

(A) time period [after a period no longer than 60 minutes]

Ask AI

Configure your API key to use AI features.