Schedule a Demo of GateKeeper Enterprise or call 240-547-5446

INFORMATION TECHNOLOGY GLOSSARY

2FA

Two-factor authentication (2FA) is the security authentication method that requires two pieces of predetermined evidence (factors) before being granted authorization.

Access control is the selective process of granting or denying permission to gain access to system (e.g. a computer, data) or a physical location (door, office, building).

Active Directory (AD) is a directory service for Windows domain networks, responsible for authenticating and authorizing users on the network.

AES-256 encryption is a standard U.S. block cipher algorithm for protecting (encrypting) data at rest.

The attack surface is the sum of all possible attack directions ("attack vectors") in an environment. There are two types of attack surfaces: physical and digital.

Synonymous with a "maintenance hook" - a second, hidden way into the software/system that may allow malicious entities to bypass security.

Behavioral authentication is based on a person's movement characteristics.

A form of identification and access control based on a person's physical attribute. The most common physiological characteristic used for identification is the fingerprint.

The Biometric Information Privacy Act (BIPA) requires companies doing business in the state of Illinois to comply with requirements on the collection and storage of biometric information.

A type of malicious hacker whose intent is to thwart security barriers to criminally access computer networks and steal private information. Usually these malicious entities don't possess much information on the systems they target.

A blacklist (or black list) is a list of programs, websites, and/or applications that are not permitted to be accessed within an organization.

A process of utilizing the entire key space to perform an attack. This method involves trying every single possible combinations one after another.

Bring Your Own Device (BYOD) is the practice of allowing employees to bring and use their own connected devices (computers, smartphones, etc.) for work purposes.

One of the oldest and simplest encryption methods by shifting plain text letters (substitution shift) to avoid them being readable to anyone but the intended parties. This cipher technique was used by General Gaius Julius Caesar in his military campaigns to protect his army's situation, whereabouts, movements, and plans in the 1st century BC.

Continuous authentication is a method of identity confirmation on an ongoing basis. Instead of a user simply being logged in once, the authentication mechanism continues to re-verify the identity of the session user even after logging in.

Assets that the government considers crucial to the security, economy, and/or public health of the country.

Presidential Policy Directive 21 (PPD-21) identified 16 critical infrastructure sectors in the US.

A data breach is a security incident in which information is accessed by an unauthorized party.

The Defense Federal Acquisition Regulation Supplement (DFARS) is a supplement to the Federal Acquisition Regulation (FAR) system that provides acquisition compliance requirements for the Department of Defense (DoD) procurement process.

The Defense Federal Acquisition Regulation Supplement (DFARS) is a supplement to the Federal Acquisition Regulation (FAR) system that provides acquisition compliance requirements for the Department of Defense (DoD) procurement process.

The purpose of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 is to protect the privacy of patients, ensure patient data is appropriately secured, and to enforce the reporting of any data breaches in a timely manner.

Logical access control is the identification, authentication, and authorization into computers, systems, information, and data.

The National Institute of Standards and Technology (NIST), a part of the U.S. Department of Commerce (DOC), is responsible for promoting innovation and industrial competitiveness in the U.S. The agency developed NIST 800-171 to protecting unclassified information in nonfederal information
systems and organizations.

During authentication, the password is the object used to verify the identity of a claimed party. Passwords are commonly alphanumeric character combinations like "I'mGl@dIT's_FRIdayy2daye!". Recently, cyber criminals have been seeing rapidly growing success by exploiting people that use weak passwords that can be easily guessed. Secret handshakes, signs, spoken phrases, physical gestures, sounds and more have also been used as passwords.

A prevalent behavior problem wherein people will use the same password for different credentials. The problem with reusing the same password is that if one password is somehow compromised, the other credentials may be too easily compromised as well.

Penetration tests (also known as Pen Tests) are procedures that simulate a malicious actor's attacks on a system to identify potential vulnerabilities. Penetration tests can be performed on computer networks, software code, platforms, and physical devices.

A type of social engineering attack that attempts to acquire secret information such as login credentials, bank information, and other high-value data assets. Usually the perpetrator will ask potential victims to "confirm" their confidential information.

The process of authenticating a person's identity through the validation of presence.

One of the leading benefits of proximity authentication is that is greatly reduces the potential attack vector down to right geographically. If a system relies on a person actually showing up for something, then it makes it extremely difficult for anyone not there to try to hack the system.

A very popular form of malware designed to lock a victim out of their computer, system, or files, then demand a ransom to regain access. In most cases, victims are emailed what appears to be a legitimate email from a trusted source, opens the email, and opens an attachment that contained malicious ransomware.

The RSSI (Received Signal Strength Indicator) is the measurement of how well a device can read a particular wireless radio signal. A higher RSSI number (e.g. -25) means a powerful and accurate signal. A lower RSSI number (e.g. -75) means that the signal is not as clear and accurate (due to being further away, obstructed, or both). 

The Saudi Arabian Monetary Authority (SAMA) introduced the SAMA Cyber Security Framework for all banks, insurance companies, and finance companies operating in Saudi Arabia to adhere to.

A program that appears to be non-threatening, but in fact has underlying malicious intent. This type of program is named after the famous Trojan Horse used by the Greek army to deceptively defeat Troy in Virgil's Aeneid.

Knowledge-based authentication. Authentication based on something you know that is non-tangible like a password, passphrase, PIN, or secret code.

Knowledge authentication is the most cost-effective and common type of authentication, but also the most susceptible to hacking.

Possession-based authentication. Authentication based on something you physically have like a key fob token with one-time passwords, ID badge, or a key.

An advantage to requiring a physical device for authentication is that the attack surface is greatly limited since a hacker would need the physical key.

Inherence-based authentication. Authentication based on a physical characteristic unique to a person (biometrics including fingerprint, facial, and vein scans).

Strong authentication since a fingerprint is cannot be guessed or replicated. However, once a biometric fingerprint is compromised, it is forever compromised since one cannot ever change their fingerprints.

Also referred to as a "User ID" or "Account Name", the username is the designation used by a user to identify themselves on a system/network. The username is usually accompanied by a password.

A computer virus is a malicious software program that infects a host machine (target computer) to propagate.

The Voluntary Product Accessibility Template (VPAT) is a reporting format that assists Federal contracting officials and other buyers in assessing a product's level of availability and conformance with Section 508 technical standards of the U.S. Rehabilitation Act. Federal agencies are required when purchasing information technology/electronics to make the product/service accessible to employees with disabilities.

A small object used as a cover for webcams on monitors, laptops, tablets, and phones to prevent potential unauthorized parties from being able to see.

A phishing attack that targets high-value individuals of an organization or company (i.e. CEO, CFO, CISO, CTO, CIO, etc.) through social engineering.

An exploit for a vulnerability with no currently available or known patch yet. On the first day a resolution (patch) becomes available, it will be "day one".

According to studies, over 30% of all support tickets are related to password resets/forgotten passwords.

GateKeeper Enterprise 45-Day Trial

All your passwords in one place and only accessible by you with your key fob. Experience fully automated access and security before full deployment. Instant MFA and worry-free workflow with proximity-based privileged access management for Windows 10, 8, 7, and macOS.

5 GateKeeper wireless proximity tokens

45 days of automated access control

Premium support & deployment assistance

Discounted first-year subscription

or call 240-547-5446

Pin It on Pinterest