ScreenGuard monitors screensaver and lock settings on every Windows machine, flags non-compliant configurations, and can auto-enforce policies via registry. No GPOs, no Active Directory required.
Monitor screensaver settings, enforce timeout policies, and auto-remediate non-compliant machines across your entire fleet.
Continuously monitor whether each machine has an active screensaver, password-on-resume enabled, and appropriate inactivity timeout. See compliance status at a glance across your entire fleet.
Set a maximum allowed inactivity timeout (e.g., 15 minutes). Machines with longer timeouts or no timeout at all are flagged as non-compliant and can be auto-remediated.
Require that every machine prompts for a password when waking from the screensaver. This prevents unauthorized access to unattended workstations, a top physical security risk.
When enabled, ScreenGuard automatically corrects non-compliant machines by writing the correct screensaver and lock settings to the Windows registry. No manual intervention needed.
See how many machines are compliant vs. non-compliant at a glance. Drill into any machine to see exact screensaver settings, timeout values, and specific compliance failures.
ScreenGuard works without Active Directory or Group Policy. Enforce screen lock policies on domain-joined, workgroup, or standalone machines. Perfect for mixed environments and MSPs.
One lightweight Windows service. Takes 30 seconds to deploy. Works alongside PortGuard USB control and other GuardSuite tools.
The agent reads screensaver settings, lock-on-resume status, and inactivity timeout from the Windows registry. It reports the current configuration to your dashboard every check-in cycle.
Define your screen lock requirements: screensaver must be active, lock on resume required, maximum timeout in minutes. Enable auto-enforce to let the agent fix non-compliant machines automatically.
Set per-client screen lock policies and monitor compliance across all managed machines from one console. ScreenGuard ensures every client meets their security requirements without manual audits.
HIPAA requires automatic logoff and session timeouts for workstations accessing PHI. ScreenGuard enforces screen lock policies and provides audit evidence of compliance across your organization.
PCI DSS 8.1.8 requires session timeouts after 15 minutes of inactivity. ScreenGuard monitors and enforces this requirement, providing compliance dashboards for auditors.
NIST 800-171 control 3.1.10 requires session lock after a defined period of inactivity. ScreenGuard automates enforcement and provides continuous compliance evidence for CMMC assessments.
Kiosks, nursing stations, reception desks, and factory floor terminals need strict screen lock policies to prevent unauthorized access. ScreenGuard ensures every shared machine locks after inactivity.
Employees working from home may disable screen lock for convenience. ScreenGuard detects these changes and auto-enforces your organization's screen lock policy, even when machines are off your corporate network.
No contracts, no minimums. Cancel anytime.
Or get all GuardSuite tools for $15/device/month
Yes, when auto-enforce is enabled. ScreenGuard writes the correct screensaver and lock settings to the Windows registry on non-compliant machines. The settings take effect on the next screensaver cycle without requiring a reboot.
ScreenGuard checks: whether the screensaver is active, whether lock-on-resume (password after screensaver) is enabled, the inactivity timeout duration, and the system power lock timeout. All settings are reported per machine.
Users can change screensaver settings locally, but on the next agent check-in cycle (every few minutes), ScreenGuard will detect the change and re-enforce your policy automatically if auto-enforce is enabled.
No. ScreenGuard works independently of Active Directory and Group Policy. The agent enforces settings via registry writes, so it works on domain-joined machines, workgroup machines, and standalone endpoints.
ScreenGuard works on Windows 10, Windows 11, and Windows Server 2016 and later. The agent runs as a lightweight Windows service and requires no additional dependencies.
Yes. Each company in your PortGuard console can have its own ScreenGuard policy with different timeout values, lock requirements, and auto-enforce settings. Perfect for MSPs managing multiple clients.
Start monitoring and enforcing screen lock policies in under 5 minutes. Free for up to 5 devices.
Get Started Free