When passing screen-lock tests, the Vanta Device Monitor (VDM) examines a device's user profile settings to ensure that workstations remain secure when users step away.
To meet common security requirements and allow VDM to function correctly, macOS devices must automatically lock after a period of inactivity and require a password to regain access.
Conditions
To pass Vanta’s macOS screen lock check:
A password must be required after the screen saver starts or the display turns off.
Your device must require a password within 60 minutes of inactivity or less (this includes both the inactivity timeout and any “require password after…” delay).
Configuration
macOS settings vary by version and device type. For the most up-to-date configuration steps, refer to Apple’s official documentation:
Troubleshooting
Your Mac must be set to require a password within 60 minutes of inactivity. In practice, that means your Mac should (1) start a screen saver or turn the display off after a period of inactivity, and then (2) prompt for a password when the user returns (either immediately or after a short delay). The combined time from “inactive” → “password required” must be 60 minutes or less.
If discrepancies appear in compliance reports, confirm that your settings match the conditions above and allow time for Vanta to resync the device.
If multiple people use the same Mac, make sure the screen lock/password settings are configured for each user account that signs into the device. Non-compliance in one profile can affect the overall device status.
If you’re using display sleep to meet the requirement, confirm the display sleep timeout is set appropriately for all applicable power modes (for laptops: Battery and Power Adapter).
Changes may take up to 24 hours to reflect in Vanta.