The Security Technical Implementation Guide (STIGs) requires the following change to our idle timeout period policies:
The application must automatically terminate the non-privileged user session and log off non-privileged users after a 15 minute idle time period has elapsed.” In order to comply with this requirement we must decrease the idle timeout period from 20 minutes to 15 minutes
When will this be implemented?
This change is scheduled to be implemented by the end of November, 2018.
Blog posted 11/05/2018 9:21 AM EST