STIGViewer Trial workspace — loading your subscription…

NIST 800-53 Rev 5

424 controls available

AC-11moderatehigh

Device Lock

Access Control

Control Statement

Prevent further access to the system by {{ insert: param, ac-11_odp.01 }} ; and Retain the device lock until the user reestablishes access using established identification and authentication procedures.

Discussion

Device locks are temporary actions taken to prevent logical access to organizational systems when users stop work and move away from the immediate vicinity of those systems but do not want to log out because of the temporary nature of their absences. Device locks can be implemented at the operating system level or at the application level. A proximity lock may be used to initiate the device lock (e.g., via a Bluetooth-enabled device or dongle). User-initiated device locking is behavior or policy-based and, as such, requires users to take physical action to initiate the device lock. Device locks are not an acceptable substitute for logging out of systems, such as when organizations require users to log out at the end of workdays.

Framework
NIST SP 800-53 Rev 5
Family
Access Control
Baselines
moderate, high

Related Frameworks

6 paths across 2 frameworks
NIST 800-1711 mapping
3.1.10
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI5 mappings
CCI-000056
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000057
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000058
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000059
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000060
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

111 STIGs reach this control through 5 CCIs. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

5 STIGs

Operating System — Server

25 STIGs
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-138 of 375 findings match
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-178 of 448 findings match
Show 17 more STIGs in this category →
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-065 of 283 findings match
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-194 of 216 findings match
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-192 of 103 findings match

Operating System — Mainframe

13 STIGs

Operating System — Mobile

30 STIGs
Show 22 more STIGs in this category →

Network Device

11 STIGs
Application Layer Gateway Security Requirements Guide
V2R32025-09-154 of 160 findings match
Network Device Management Security Requirements Guide
V5R42025-09-104 of 105 findings match
Network Device Management Security Requirements Guide
V5R32025-02-114 of 104 findings match
Show 3 more STIGs in this category →

Virtualization / Container

5 STIGs

Cloud / Identity Service

2 STIGs

Endpoint Security Management

15 STIGs
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-142 of 98 findings match
BlackBerry UEM Security Technical Implementation Guide
V2R12020-12-041 of 16 findings match
Show 7 more STIGs in this category →
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-201 of 34 findings match

Productivity Application

4 STIGs

Uncategorized

1 STIG