Idle Session Handling
If a user leaves his session active when he his away from his terminal it is possible that someone else could use his session to do something improper. Data may be altered or destroyed, improper emails may be sent, files may be copied, etc. Users should not be burdened by unnecessary interruptions when they pause momentarily in their computer use. Proper idle session handling reduces the organization’s exposure to these risks without undue inconvenience. PointSecure has the capability to provide OpenVMS terminal locking thru its System Detective product.
System Detective provides an idle session handling capability that is highly configurable. The number of minutes that a session is idle before an action is taken is specified in an idle rule. The full range of actions are available and may be included in the rule. Actions range from simple notification of the user to deletion of the user session and notification of security operators. An audit trail of actions like deletions, logging, etc. is maintained; however, simple user notifications do not clutter the audit trail.
For example, a payroll clerk might use a special payroll account to modify the payroll database. System Detective rules could be configured such that if the payroll session was idle for 30 minutes the user would be notified that the session had been idle for 30 minutes and the session would be locked in another 15 minutes. A rule could be configured that would take effect after 45 minutes of idle time to notify the user that the session had been idle for 45 minutes and that in another 15 minutes the session would be deleted. The rule would then lock the session so that the user would have to enter the password to unlock the session. A third rule that takes effect after 60 minutes of idle time could notify the user that the session had been idle too long and delete the process.