It was found that all Rally users have the ability to set their session time out option up to 2 weeks.
Security Team sees great vulnerability with this based on the information that is Company sensitive info. Customers want to restrict users the ability to set their session timeout past 4 hours.
Release : SAAS
Component : AGILE CENTRAL