STIGViewer Trial workspace — loading your subscription…

NIST 800-171 v2

110 security requirements available

3.1.10Derived Requirement

Access Control

Security Requirement

Use session lock with pattern-hiding displays to prevent access and viewing of data after a period of inactivity

Discussion

Session locks are temporary actions taken when users stop work and move away from the immediate vicinity of the system but do not want to log out because of the temporary nature of their absences. Session locks are implemented where session activities can be determined, typically at the operating system level (but can also be at the application level). Session locks are not an acceptable substitute for logging out of the system, for example, if organizations require users to log out at the end of the workday. Pattern-hiding displays can include static or dynamic images, for example, patterns used with screen savers, photographic images, solid colors, clock, battery life indicator, or a blank screen, with the additional caveat that none of the images convey controlled unclassified information.

Framework
NIST SP 800-171 Rev 2
Family
Access Control
Requirement Type
derived

Related Frameworks

7 paths across 2 frameworks
NIST 800-532 mappings
AC-11
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI5 mappings
CCI-000056
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000057
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000058
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000059
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000060
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

111 STIGs reach this control through 5 CCIs via 800-53 control AC-11. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

5 STIGs

Operating System — Server

25 STIGs
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-138 of 375 findings match
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-178 of 448 findings match
Show 17 more STIGs in this category →
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-065 of 283 findings match
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-194 of 216 findings match
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-192 of 103 findings match

Operating System — Mainframe

13 STIGs

Operating System — Mobile

30 STIGs
Show 22 more STIGs in this category →

Network Device

11 STIGs
Application Layer Gateway Security Requirements Guide
V2R32025-09-154 of 160 findings match
Network Device Management Security Requirements Guide
V5R42025-09-104 of 105 findings match
Network Device Management Security Requirements Guide
V5R32025-02-114 of 104 findings match
Show 3 more STIGs in this category →

Virtualization / Container

5 STIGs

Cloud / Identity Service

2 STIGs

Endpoint Security Management

15 STIGs
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-142 of 98 findings match
BlackBerry UEM Security Technical Implementation Guide
V2R12020-12-041 of 16 findings match
Show 7 more STIGs in this category →
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-201 of 34 findings match

Productivity Application

4 STIGs

Uncategorized

1 STIG