Does anyone know if it's possible to change Netsuite login idle session timeout based on user or role? We want to retain a shorter setting for PCI compliance, but extend the timeout for a low permission role with very limited functionality.

I'm pretty sure it's a global setting only, I've tried to change it by role in the past but was only able to get 2FA settings updated by role. Since you mentioned PCI, maybe this snippet from Netsuite will help: • By default, the idle session timeout value is 180 minutes (3 hours). An administrator can configure the Idle Session Timeout in Minutes value for an account on the General Preferences page. Go to Setup > Company > Preferences > General Preferences. Valid values range from 15 minutes to 720 minutes (12 hours). • For users logged in with a role that has permission to view unencrypted credit card data, idle session timeout occurs after 15 minutes of inactivity. This restriction is in compliance with section 8.1.8 of the Payment Card Industry Data Security Standard (PCI DSS) Requirements and Security Assessment Procedures, version 3.2. Click here to view a PDF of this document from the PCI library. I think this means that regardless of your global setting, people with access to the CC numbers will get timed out within 15 minutes anyways.