Skip to Content

FedRAMP Pattern Hiding Displays AC-11 (1)

34  Matthew Burdick September 26, 2022  Access Control (AC)

Overview:
The information system conceals, via the session lock, information previously visible on the display with a publicly viewable image.


Supplemental Guidance:
Publicly viewable images can include static or dynamic images, for example, patterns used with screen savers, photographic images, solid colors, clock, battery life indicator, or a blank screen, with the additional caveat that none of the images convey sensitive information.


References:>/b> OMB Memorandum 06-16


Action Items:
1) Ensure session locks do not display sensitive information

Related Documents:
1) Access Control Policy
2) Physical Security Policy

Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none

Moderate Additional FedRAMP Requirements and Guidance
none
Not Rated
Secure Code