T2.3.8 - UNATTENDED USER EQUIPMENT Implementation Guidance
The entity shall ensure that unattended equipment has appropriate protection.
Back to T2.3.8 - P2 - UNATTENDED USER EQUIPMENT
All users should be made aware of the security requirements and procedures for protecting unattended equipment, as well as their responsibilities for implementing such protection. Users should be advised to:
- A. Terminate active sessions when finished, unless they can be secured by an appropriate locking mechanism, e.g. a password protected screen saver
- B. Log-off from applications or network services when no longer needed
- C. Secure computers or mobile devices from unauthorized use by a key lock or an equivalent control, e.g. password access, when not in use
