Security Posture Best Practices

Configure Screen Lock on MacOS Devices

  • Updated

When passing screen-lock tests, the Vanta agent looks at a device's user profile settings to ensure that workstations are secure when users step away from them.

If a device has multiple user profiles, the Screensaver settings must be applied to all of them.

 

Procedure

  • Click the Apple icon on the top left of the screen
  • Select System Settings
  • Select Lock Screen
  • Modify Start Screen Saver when inactive to be 45 minutes or less
  • Modify Turn display off on battery when inactive to be 45 minutes or less
  • Modify Turn display off on the power adapter when inactive to 45 minutes or less
  • Enable Require password after sleep or screen saver begins - Modify the time value to be Immediately

Screenshot 2024-07-30 at 9.42.04 AM.png

 

 

For macOS version 12 and older:

  • Click the Apple icon on the top left of the screen
  • Select System Preferences

lock_1.png

  • Select Security and Privacy

lock_2.png

  • Enable Require password after sleep or screen saver begins


lock_3.png

  • Ensure the time value is less than or equal to 15 minutes
  • Configure display sleep time for your workstation for both battery power (if you have a laptop) and AC power
  • Go back to System Preferences
  • Select Battery

lock_4.png

  • In the left-hand column, select Battery
  • Modify Turn display off after such that this value is no more than 45 minutes

lock_5.png

  • Next, select Power Adapter.
  • Modify Turn display off after such that this value is no more than 45 minutes

lock_6.png

  • Alternatively, enable screensaver by selecting System Preferences
  • Select Desktop & Screen Saver

  • Modify Start after such that this value is no more than 45 minutes

image__1_.png