![]() Windows XP and Windows 2000 - screen saver runs in the context of LocalSystem with accounts restricted.If no user is logged on, the security context of the screen saver is dependent on the version of Windows being used. If a user is interactively logged on when the screen saver is invoked, the screen saver runs in the security context of the interactive user. The security context of the screen saver is dependent on whether a user is interactively logged on. The active application receives the WM_SYSCOMMAND message with the wParam parameter set to the SC_SCREENSAVE value, but it does not pass the message to the DefWindowProc function.A computer-based training (CBT) window is present.The active application is not a Windows-based application.However, Windows does not start the screen saver if any of the following conditions exist: Once a screen saver is chosen, Windows monitors keystrokes and mouse movements and then starts the screen saver after a period of inactivity. Screen savers are loaded automatically when Windows starts or when a user activates the screen saver through the Control Panel. ![]() The Desktop application in the Windows Control Panel lets users select from a list of screen savers, specify how much time should elapse before the screen saver starts, configure screen savers, and preview screen savers. Adding Help to the Screen Saver Configuration Dialog Box.This topic is divided into the following sections. To conceal sensitive information left on a screen.To protect a screen from phosphor burn caused by static images.Screen savers start when the mouse and keyboard have been idle for a specified period of time. ![]() The screensaver acts as a session lock and prevents unauthorized users from accessing the current user’s account.The Microsoft Win32 API supports special applications called screen savers. Users must be prompted to enter their passwords when unlocking the screensaver. The operating system must retain the session lock until the user reestablishes access using established identification and authentication procedures. 3.1.11 Terminate (automatically) a user session after a defined condition. Publicly viewable images can include static or dynamic images such as patterns used with screen savers, photographic images, solid colors, a clock, a battery life indicator, or a blank screen. The screensaver must not display any sensitive information or reveal the contents of the locked session screen. The operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image.Ī default screensaver must be configured for all users, as the screensaver will act as a session time-out lock for the system and must be one that conceals the contents of the screen from unauthorized users. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user’s session has idled and take action to initiate the session lock. A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but does not log out because of the temporary nature of the absence. This mitigates the risk that a user might forget to manually lock the screen before stepping away from the computer. The timeout should be set to fifteen minutes of inactivity. The operating system must initiate a session lock after a 15-minute period of inactivity.Ī screensaver must be enabled and set to require a password to unlock. ![]() 3.1.10 Use session lock with pattern-hiding displays to prevent access and viewing of data after a period of inactivity. The following Department of Defense (DoD) Security Technical Implementation Guides (STIGs) provide specific mitigation language. NIST SP 800-171 has two specific requirements relevant to automated profile locking. This particular publication is a streamlined version of the overarching NIST SP 800-53, and focuses on protecting the confidentiality of Controlled Unclassified Information (CUI) in nonfederal systems. Department of Education requires compliance with the Gramm-Leach-Bliley Act (GLBA), which, in turn, requires colleges to protect student records and information by following recommendations set out in NIST SP 800-171. Screen Saver TimeoutĪll District workstations, laptops, tablets, and servers shall be configured with a 15-minute screen-saver lockout, which will require a password in order to re-establish access. Information Security Standards (ISS) are developed to support and enforce both District Administrative Regulations and the California Community College Information Security Standard. The Events, Services and Filming Office is responsible for reservations for all designated spaces on both LBCC ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |