XXII. Automatic Timeout of Idle Sessions
To establish policy for the automatic termination of idle or abandoned
interactive computer sessions.
These policies apply to all computing systems at Metropolitan State College
of Denver that are operated by the Division of Information Technology including,
but not limited to, MetroConnect, BANNER, UNIX, and remote access services.
Interactive computing sessions established via a Web browser, remote terminal
session, telnet, ftp, ssh, sftp, or VPN create a security threat anytime such an
interactive session is abandoned by the user. In addition to the security
threats created by abandoned interactive computing session, every interactive
computing session has a large number of computing resources allocated for it to
support the session; these resources remain allocated to the session until the
session is terminated. Interactive session which have been abandoned consume
computing resources and compete with other interactive sessions that have not
IV. Policy Statements
- Persons establishing an interactive computing session with a Metro State
computing resource are required to log out of the interactive session when they
have finished their work and anytime they will be away from the computer for an
extended period of time.
- Information Technology will establish appropriate time-out limits for each
interactive computing services as determined by the Vice President of
Information Technology. Interactive computing sessions which do not perform some
form of input/output during the defined time-out period will automatically be
disconnected from the service.
- All workstations will be equipped with an automatic screen saver that will
blank out the screen and lock the workstation after a period of inactivity. The
user will be required to re-enter their password to unlock the workstation and
un-blank the screen.
The Office of the President grants authority to the Vice President of
Information Technology to oversee compliance with this policy.
Questions regarding this policy, or requests for variances from the policy,
should be directed to the Interim Vice President of Information Technology at
(303) 556-5321 .
Approved October 23, 2006
Next Review Date: September 2008