Could some of you with more knowledge than I help me out? I need to have some security justifications for forcing my users to log off after their session has been idle for a given amount of time. I also would like to know if there are any industry standards for how much idle time is ‘acceptable’.
TIA for any input.
