2
Auto Log Out
Idea shared by jeremy aurich - 1/16/2015 at 3:07 PM
Proposed
For security and privacy purposes, any user should be logged completely out of the application after a time out. I am told that there is no such function, only agents become inactive after the set time.

7 Replies

Reply to Thread
0
If you are running SmarterMail under Microsoft IIS then the SessionState Time-out defined either in your IIS Site Properties or in your Smartermail\MRS\web.config file determines when a user's session expires and they are automatically logged out of SmarterMail.
1
There should be an option for the agent setting on the group level that you can "tick" to auto log off the user after certain idle time.
Authorized SmarterTools Reseller. Ask Us For Your 10% SmarterTools License Purchase for entire Jan 2015. http:///www.tweakservers.com
0
@Tweekservers: Have to back you on the auto-logout request Auto-logout is a non-negotiable requirement of the HITECH part (computer and network security ) of the HIPAA laws in the United States. The regulations are, pretty much interpreted as: either the user who is logged into a workstation locks the screen, blanking the ability of someone who can see the data, at the time of their approach to the user's workstation, or ligs out completely. Additionally, if the user us not actively working in the software, the software should either lock, and bkank, the user's screen, or lig them out after a short period of time. Ligout us preferred to screen locking and blanking, especially in high traffic and shares access point situations. The security and integrity of the data is always the first consideration. The most recent iteration of the HIITECH rules went Into effect on 26 March, 2013. An overview, with appropriate links to the final rules, can be found at:http://www.hhs.gov/ocr/privacy/hipaa/understanding/special/healthit/index.html
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
0
I will try this, thanks.
0
the auto log off option only sets the user to inactive and transfers any active tickets. The user doesn't have to login again whether or not the remember me option, they just click on the screen and the session continues,
0
If used for healthcare, as well as in some banking and legal environments, the logout would have to save data and log the user completely out. If the use of a "lockout and blank" screen is used, especially in a healthcare environment, it must LOCK the screen and require a password be entered to unlock it.
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
0
By default this was 20 mins already, but this functionality simply is not working, I know this is a configuration issue, just not sure how to correct.

Reply to Thread