Zscaler recommends configuring Authentication Time out to 7 Days.
If there are organization that sets their timeout policy to "never". we can help to justify to enable the timeout policy with the below benefits.
1) Based on the core principle of Zero Trust , Specify the period after which users are prompted to re authenticate to ZPA to maintain their access to private applications.
2) Requiring people to reauthenticate to ZPA enhances security by ensuring that only active users receive authentication prompts based on their usage.
This reduces the potential for lateral movement within the network and potential security risks for users who do not need ZPA access
3) It also improves user experience by reducing unnecessary re-authentication prompts, especially for users who are not actively using ZPA resources.
Please refer to the below help article for your reference
Link :- https://help.zscaler.com/zpa/about-timeout-policy?referer=admin.private.zscaler.com
