Skip to main content

Configure Screen Lock on Windows Devices

S
Written by Shannon DeLange
Updated over a week ago

When passing screen-lock tests, the Vanta Device Monitor examines a device's user profile settings to ensure that workstations remain secure when users step away from them.

This ensures that sensitive information remains secure and inaccessible to unauthorized individuals in the event that a user leaves their workstation unattended.

If, despite proper configuration, the screen lock test does not pass, it could be due to device compatibility issues or incorrect interpretations of settings.

If a device has multiple user profiles, the Screensaver settings must be applied to all of them.

Note that the configuration steps provided are specific to Windows devices. For Linux users, Vanta does not natively detect screen lock settings. Instead, custom evidence must be used as a workaround for compliance.

Configure Screen Lock

  • Open the Start Menu

  • Select Control Panel

  • Search for Screen Saver and click on Change Screen Saver

  • In the dropdown, select a Screen Saver option that is not None (e.g. “Ribbons”).

  • Adjust the value in 'Wait for screen saver' to a minimum of 5 minutes and a maximum of 60 minutes.

  • Check the resume and display the log-on screen. If this checkbox is not selected, the test will not pass.

  • The Screenlock test should begin passing after the next check-in. These instructions are designed for Windows devices and align with Vanta's detection capabilities.

Troubleshooting Steps

  • If the screen lock test fails, ensure that the configuration matches the steps provided.

  • Open cmd.exe as an administrator and run the following commands:

    1. C:\ProgramData\Vanta\vanta-cli reset to reset the detection system.

    2. If the issue persists after 24 hours, run C:\ProgramData\Vanta\vanta-cli doctor to identify potential causes.

  • Share command outputs with Vanta support for further analysis if the problem remains unresolved.