The A-Z of Technology Terms

Don't know your bandwidth from your back-end? Here's a handy glossary of tech terms.

Adobe Acrobat Reader

Acrobat Reader is software that allows you to view a PDF document (a document that can be seen but
not changed). It can be downloaded free of charge from Adobe.

ADSL
Asymmetric digital subscriber line (ADSL) is a type of digital subscriber line (DSL) broadband technology
that is used to connect to the Internet. It uses standard telephone lines to deliver high-speed data
communications (up to 24 megabytes per second).

Analogue
Analogue is a conventional method of transmitting data. Standard landline telephones use analogue
technology. It is distinct from digital technology, which provides for greater quality and speed of data
transmission.

Assistive technology
Assistive technology refers to any software or hardware that acts to assist and improve the functional
capabilities of people with disabilities. Examples include wheelchairs, prosthetics, voice-to-text
technology and text-to-speech technology.

Attachment
An attachment is a document sent with an email message. Many types of files can be sent this way (e.g.
Word documents, PDFs, Excel files, JPEGs). Be wary of attaching large files because these can take a lot of
time for the recipient to download. If you have a large file, it is considered good practice to compress the
file using software such as Winzip before attaching it.

Back-end
Back-end refers to the part of an application that performs an essential task not apparent to the user.

Backward compatible
If software is backward compatible, it is compatible with earlier (superseded) versions of the same
software. For example, the Microsoft word-processing program Word 2010 can read files created in the
2003 version of the same program, so it is backward compatible.

Bandwidth
Bandwidth refers to the maximum amount of data that can travel a communications path in a given
time, usually measured in seconds.

Bit
A bit (short for binary digit) is the smallest unit of measurement in computing. 8 bits make up 1 byte.

Bluetooth
Bluetooth is a wireless communications technology intended to replace cables. It allows short-range
connections between two or more Bluetooth-compatible devices such as mobile phones, tablets,
headsets or medical equipment.

Bookmark
A bookmark is a saved link to a particular Web page. Microsoft Internet Explorer denotes bookmarks as
"favourites."

Boolean operators
Most search engines (e.g. Google) allow you to limit your search or make it more specific by using words
such as "and", "or" and "not". These words are known as boolean operators because of their origin as
terms in logic.

Boot (re-boot)
To boot (or re-boot) is to load and initialise the operating system on a computer. Think of it as starting up
your computer. In Windows you can use the key combination CTRL and ALT and DEL as a "soft" boot. This
means restarting the computer rather than turning it completely off and on again, which could cause
damage to your computer's hard disk under some circumstances.

Bounce back
An email message that cannot be delivered and returns an error notification to the sender is said to
"bounce back". If you receive such an error notification, check that you have typed the address correctly.

Broadband
Broadband is a type of communications technology whereby a single wire can carry more than one type
of signal at once; for example, audio and video. Cable TV is one technology that uses broadband data
transmission.

Browser
A software program that allows you to surf the web. Popular web browsers include Google Chrome,
Mozilla Firefox, Microsoft Edge and Internet Explorer.

Cache
When you download (read) a web page, the data is "cached," meaning it is temporarily stored on your
computer. The next time you want that page, instead of requesting the file from the web server, your
web browser just accesses it from the cache, so the page loads quickly. The downside to this is that if the
cached web page is often updated, you may miss the latest version. If you suspect that the web page
you're seeing is not the latest version, use the "refresh" button on your browser.

CAD
Computer-aided design (CAD) is a type of software that allows users to create 2D and 3D design and
modelling. CAD is used by architects, engineers, artists and other professionals to create precise
technical drawings.

Chip
A chip is a microprocessor that performs many functions and calculations that make your computer run.
Your computer's chip is also referred to as the CPU (Central Processing Unit) or the processor.

Cloud computing
Cloud computing refers to the storing and accessing of data and programs over the Internet instead of on
another type of hard drive. Examples of Cloud services include iCloud, Google Cloud and Dropbox.

Compression
Compression is the reduction of the size of a file. Compressed files take up less memory and can be
downloaded or sent over the Internet more quickly.

Content
Content refers to a website's text and information, as opposed to its design and structure.

Cookie
A piece of code or data created by a web server and stored on a user's computer. It is used to keep track
of the user's usage patterns and preferences.

CPU
The central processing unit (CPU) is the brains behind your computer. The CPU is responsible for
performing calculations and tasks that make programs work. The higher the speed of a CPU, the faster
the CPU undertakes the calculations and tasks.

Cybercrime
Cybercrime is any type of illegal activity that is undertaken (or relies heavily) on a computer. There are
thousands of types of cybercrime, including network intrusions, identity theft and the spreading of
computer viruses.

Cybersecurity
Cybersecurity refers to measures designed to protect your computer, device or network from
cybercrime. This involves preventing unintended and unauthorised access, change and damage.

Device driver
A device driver is a small program that allows a peripheral device such as a printer or scanner to connect
to your PC.

Domain
A domain is a set of computers on a network that are managed as a unit.

Download
Downloading is the method by which users access and save or "pull down" software or other files to
their own computers from a remote computer via the Internet.

DV
DV stands for digital video.

Email
Email or electronic mail is a way of sending messages over the internet. Popular email programs include
Outlook, Mozilla Thunderbird, Gmail and Yahoo Mail.

Encryption
Encryption is the process of converting electronic data to an unrecognisable or encrypted form, one that
cannot be easily understood by unauthorised parties.

Ethernet
Ethernet is the most common way of connecting computers on a network with a wired connection. It is a
type of local area network (LAN) technology, providing a simple interface for connecting multiple
devices.

Firewall
A firewall is a barrier that acts as a security system to protect trusted computer systems and networks
from outside connections and untrusted networks, such as the Internet.

FTP
File transfer protocol (FTP) is a common method of transferring files via the internet from one host to
another host.

Gateway
A point within a network that interconnects with other networks.

GIF
Graphics interchange format (GIF) is a graphics file format. Because GIF files are compressed, they can be
quickly and easily transmitted over a network. GIF is one of the main graphics formats on the Internet.

Hard disk
The physical place where a computer stores information - applications and files - is known as its hard disk
drive (HDD). The bigger the HDD, the more data it can store.

Home page
The page that an Internet browser first opens up to. It is usually the starting point of an organisation's or
individual's website.

HTML
Hyper-text markup language (HTML) is a set of symbols inserted into files intended for display on the
world wide web. The symbols tell web browsers how to display words and images - e.g. which colour,
font and type size to use - and they direct it to link to other pages on the world wide web via hyperlinks.

Internet
A set of interconnected networks that allow computers in different locations to exchange information.
The Internet includes services such as the world wide web, electronic mail, file transfer protocol (FTP),
chat and remote access to networks and computers.

ISP
An internet service provider (ISP) is a company that provides access to the Internet. In Australia, widely
used ISPs include Bigpond, iinet and Dodo.

Intranet
An intranet is basically a private, internal internet specific to an organisation or group.

Java
Java is a programming language that is commonly used in the development of client-server web
applications.

JPEG
JPEG stands for Joint Photographic Experts Group, which was the committee that created the file format
known as JPEG. The format is commonlyl used for photos displayed on the world wide web.

LAN
A local area network (LAN) is a system that connects computers and other devices that share a common
communications line and wireless link, generally within a limited geographical area such as a home or
office building.

Malware
"Malware" is short for malicious software. It refers to a software program that has been developed to do
harm to other computers. Types of malware include viruses, worms and spyware.

Megabyte
A measure of computer processor storage and real and virtual memory. A megabyte (Mb) is 2 to the 20th
power bytes, or 1,048,576 bytes in decimal notation.

Megahertz
Megahertz is the unit used to measure the speed of a computer's processor (e.g. 2.8Ghz)

Modem
A modem is a device that allows computers to transmit information to each other via ordinary telephone
lines.

Online
If a computer (or computer user) is online, it is currently connected to a network or to the Internet.
Online also refers to resources and services available on the Internet - e.g. online banking, online
dictionary.

Operating system
An operating system (OS) is the software that manages all of a computer's processes and allows
programs and applications to run. The most prominent operating system is Microsoft Windows. Others
include Mac OS X and Linux.

PDF
Portable document format (PDF) is a file type created by Adobe Systems Inc. PDFs can be read using free
software called Adobe Acrobat Reader or another PDF reader.

Phishing
Phishing is a type of email fraud in which the perpetrator sends out emails that appear to come from a
legitimate service or reputable company, such as a bank or an email service provider. These emails aim
to lure recipients to reveal confidential information that the perpetrator can use for their financial
advantage - for example, online banking log-in details and passwords.

Plug-in
A software plug-in is a component that adds to a software program's functionality.

POP
A Post office protocol (POP) is an Internet protocol used by your Internet service provider (ISP) to handle
email. A POP account is an email account.

PPM
Pages per minute (PPM) generally refers to the speed of a printer.

Processor
The processor is the brains of your computer. It is responsible for performing calculations and tasks that
make programs work. The faster the processor, the faster the computer works.

Protocol
A protocol is a standard or set of rules that computers and other devices use when communicating with
one another.

RAM
Random access memory (RAM) is usually referred to as a computer's "memory" - it stores information
used by programs. Generally, the larger your computer's RAM, the more programs it can run at once
without slowing down.

Read-only
A read-only file cannot be edited, modified or deleted.

Resolution
Resolution refers to the number of distinct pixels that make up the display on a computer monitor. It is
denoted in DPI (dots per inch). The higher the resolution, the finer and smoother the images appear
when displayed at a given size.

ROM
ROM stands for read-only memory. It is the part of a computer's memory that cannot be changed by a
user. The contents of ROM remain even when the computer is turned off.

SAAS
SAAS stands for software as a service. It is a software distribution model whereby software applications
are centrally hosted and licensed on a subscription basis.

Search engine
A search engine enables a computer user to search information on the Internet. It is a type of software
that creates indexes of databases or Internet sites based on the titles of files, keywords, or the full text of
files. The most popular search engines are Google.com.au, Yahoo.com.au and Bing.com.au.

SSL
SSL, or secure sockets layer, is a protocol that allows Internet users to send encrypted messages across
the Internet. It is generally used when transmitting confidential information (e.g. personal data or credit
card details). A web address that begins with "https" indicates that an SSL connection is in use.

SEO
SEO, or search engine optimisation, is the practice of making adjustments to certain aspects of a website
in an effort to improve its ranking on search engines.

Server
A server is a computer that handles requests for data, email, file transfers, and other network services
from other computers.

Spam
Spam refers to unsolicited email messages sent for marketing purposes.

Unzip
To unzip a zip file is to extract and decompress compressed files from it. If you are sent a zip file via
email, you will need to unzip it before you can access the files inside it.

URL
A URL (unique resource locator) or web address is the string of characters you type into a browser to
access a particular website or other resource on the Internet. (eg. http://www.ourcommunity.com.au)

Viral
If an online video, photo or article "goes viral", it experiences a sudden spike in popularity in a short
period of time.

Virus
A virus is a piece of programming code inserted into other programming to cause damage. Viruses can
be sent in many forms but are often transmitted via email messages that, when opened, may erase data
or cause damage to your hard disk. Some viruses are able to enter your email system and send
themselves to other people in your list of contacts.

WEP
Wired equivalent privacy (WEP) is a security protocol used in wi-fi networks. It is designed to provide a
wireless local area network (LAN) with a level of security similar to that of a regular wired LAN. WEP-
secured networks are usually protected by passwords. (See also WAP.)

Wi-Fi
Wi-Fi is a technology that allows computers and other devices to communicate via a wireless signal.
Essentially, it means you can browse the internet without tripping over phone cords.

WPA
Wi-Fi protected access (WPA) is a security protocol used in wi-fi networks. It is an improvement on WEP
because it offers greater protection through more sophisticated data encryption.

Zip
To zip files is to archive and compress them into one file of smaller size using a program such as WinZip.
It's a handy way to make files smaller before sending them via email.

Access

Ability to use, create, modify, view, or otherwise manipulate information on a system.

Access control

Access control is the means by which the ability to use, create, modify, view, etc., is explicitly enabled or
restricted in some way (usually through physical and system-based controls).

Account

The combination of user name and password that provides an individual, group, or service with access to
a computer system or computer network.
Administrative/special access account

Privileged account that impacts access to an information system or that allows circumvention of controls
in order to administer the information system.

Anti-malware software

Any software package that detects and/or removes malicious code. This can include anti-virus software
and spyware protection.

Areas containing critical infrastructure

Facilities that contain information systems. The ASU Data Center is an example.

ASU in security policy

The population of a group whose membership is determined by each individual’s responsibility to fulfill
university policy and state regulatory requirements. If the requirement must be fulfilled by all
employees, then that is the membership of “ASU” for that requirement.

Authentication

The process of confirming a claimed identity. All forms of authentication are based on something you
know, something you have, or something you are.

 ‘Something you know’ is some form of information that you can recognize and keep to yourself,
such as a personal identification number (PIN) or password.

 ‘Something you have’ is a physical item you possess, such as a photo ID or a security token.

 ‘Something you are’ is a human characteristic considered to be unique, such as a fingerprint,

voice tone, or retinal pattern.

Authorization

The act of granting permission for someone or something to conduct an act. Even when identity and
authentication have indicated who someone is, authorization may be needed to establish what actions
are permitted.

Availability

The requirement that an asset or resource be accessible to authorized persons, entities, or devices.

Backup

Copy of files and applications made to avoid loss of data and facilitate recovery in the event of a system
failure.

Biometrics

Methods for differentiating humans based upon one or more intrinsic physical or behavioral traits such
as fingerprints or facial geometry.

Biometric authentication
Using biometrics to verify or authenticate the identity of a person.

Business continuity plan (BCP)

The documentation of a predetermined set of instructions or procedures that describe how an

organization’s critical business functions will be sustained during and after a significant disruption.

Category-1 data

Information whose confidentiality is protected by law or contract. For a full definition see the Data
Classification Standard.

Category-1a data

Information whose confidentiality is protected by law or contract, but for which there are no specifically
proscribed penalties. For a full definition see the Data Classification Standard.

Category-2 data

University information usually restricted to university employees, but which are releasable in accordance
with the Texas Public Information Act. For a full definition see the Data Classification Standard.

Category-3 data

University information that is generally publicly available. For a full definition see the Data Classification
Standard.

Centralized storage

Storage on a central server made available over a network to users.

Change

Any implementation of new functionality, interruption of service, repair of existing functionality, and/or
removal of existing functionality to an information system.

Change management

The process of controlling modifications to hardware, software, firmware, and documentation to ensure
that information systems are protected against improper modification before, during, and after system
implementation.

Common secure configurations

Documentation that provides recognized, standardized, and established benchmarks that stipulate
secure configuration settings for information systems as well as instructions for configuring those
systems to meet operational requirements. Also known as hardening guides, security reference guides,
security configuration checklists, or lockdown guides.

Computer security incident

See Security incident.

Confidential
The classification of data of which unauthorized disclosure/use could cause serious damage to an
organization or individual.

Confidentiality

Characteristic of information indicating it is intended to be known by a limited set of people.

Confidential information

Information maintained by the university that is exempt from disclosure under the provisions of the
Public Records Act or other applicable state and federal laws. The controlling factor for confidential
information is dissemination.

Control

Method used to reduce the probability of occurrence or the negative impact of the realization of a risk.

Custodian

Custodians ensure the effective and secure operation of the information owner’s systems. See the OP 44
series of operating policies for more information.

Data

See the Data Classification Standard.

Data loss prevention

Prevention of unnecessary exposure of protected information.

Data owner

See information owner.

Digital certificate

An electronic document which uses a digital signature to bind specially derived numerical information
with an identity - such as the name of a person or an organization. Most often encountered on web sites
using encryption (SSL/https).

Digital signature

Method of adding specially derived numerical information to a file or message (most often used as part
of a digital certificate infrastructure).

Digital data

The subset of Data (as defined above) that is transmitted by, maintained, or made available in electronic
media.

Disclosure

The act, intentional or otherwise, of revealing information that is otherwise held as confidential or
protected.
Disaster Recovery Plan (DRP)

A written plan for processing critical IT applications in the event of a major hardware or software failure
or destruction of facilities. Such plans are designed to restore operability of the target system,
application, or computer facility.

DMZ

A DMZ, or demilitarized zone, is a physical or logical network that contains and exposes external-facing
services to the Internet. Systems that need to be made available to the Internet, such as the ASU
website, are located in a DMZ.

DNS

The Domain Name System (DNS) is a naming system for computers, services, or other resources
connected to a network that associates a name with an IP address.

Electronic Information, Communication, and Technology (EICT)

Includes information technology and any equipment or interconnected system or subsystem of

equipment used to create, convert, duplicate, or deliver data or information.

Other terms such as, but not limited to, Electronic Information Resources (EIR), Information and
Communications Technology (ICT), Electronic Information Technology (EIT), etc. can be considered
interchangeable terms with EICT for purposes of applicability for compliance with this rule.

Electronic Information Resources (EIR)

See Electronic Information, Communication, and Technology (EICT).

Electronic mail (email)

Any message, image, form, attachment, data, or other communication sent, received, or stored within an
electronic mail system.

Electronic mail system

Any computer software application that allows electronic mail to be communicated from one computing
system to another.

Electronic media

Any of the following: a) Electronic storage media including storage devices in computers (hard drives,
memory) and any removable/transportable digital storage medium, such as magnetic tape or disk,
optical disk, or digital memory card; or b) Transmission media used to exchange information already in
electronic storage media. Transmission media include, for example, the internet (wide-open), extranet
(using internet technology to link a business with information accessible only to collaborating parties),
leased lines, dial-up lines, private networks, intranet, and the physical movement of
removable/transportable electronic storage media.

Emergency change
When an unauthorized immediate response to imminent critical system failure is needed to prevent
widespread service disruption.

Encrypted data

Data rendered unreadable to anyone without the appropriate cryptographic key and algorithm.

Encryption

Process of numerically changing data to enhance confidentiality. Data is obscured using a specific
algorithm and key both of which are required to interpret the encrypted data.

End user

A person given authorization to access information on a system.

Escrow

Data decryption keys or passwords held in trust by a third party to be turned over to the user only upon
fulfillment of specific authentication conditions.

Exposure

State during which a system’s controls do not adequately reduce risk that the information could be
stolen or exploited by an unauthorized person.

Firewall

An access control mechanism that acts as a barrier between two or more segments of a computer
network or overall client/server architecture, used to protect internal networks or network segments
from unauthorized users or processes. Such devices include hardware that is placed in the network to
create separate security zones, provide NAT, and create a point of access control.

Hardening

The process of making computer and network systems more resistant to tampering or malicious
software.

Incident

Any set of circumstances in which the anticipated and configured delivery of a service is interrupted,
delayed, or otherwise unavailable.

Incident management

Process of returning service as quickly and effectively as possible.

Information custodian or custodian

See Custodian.

Information owner
Responsible for specified information and establishing the controls for its collection, creation,
processing, access, dissemination, and disposal. The owner of a collection of information is the person
responsible for the business results of that system or the business use of the information. Where
appropriate, ownership may be shared by managers of different departments. See OP 44.00 for a list of
duties and responsibilities.

Information security

Protecting information so that it can only be seen, changed, deleted or copied by an authorized person
and only in ways and to places authorized to contain it.

Information system

The equipment and software such as files, computers, tablets, servers, hard drives, removable thumb
drives, cloud storage, etc. used to collect, record, process, display, and transmit information.

Information Resources Manager (IRM)

Authorized and accountable to the State of Texas for management of the university’s information
systems to implement security policies, procedures, and guidelines to protect the information systems of
the university. The Associate Vice President of Information Technology/CIO is designated as the
university’s IRM. The IRM will:

 Maintain information as a strategic asset of the university.

 Provide the resources to enable employees to carry out their responsibilities for securing
information and information systems.

 Review and approve information owners and associated responsibilities.

Information Security Council

Body assembled by the CIO that contains at least the CIO and Information Security Officer. Provides
direction and management of the information security program and information technology risk
management program.

Information Security Officer (ISO)

Responsible for administering the information security functions within the university. The ISO is the
university’s internal and external point of contact and internal resource for all information security
matters. The ISO will:

 Develop, coordinate and administer the ASU Information Security Program and periodically
assess whether the program is implemented in accordance with ASU IT Security policies.

 Provide consultation on balancing effective IT security with business needs.

 Develop and maintain an information security awareness program.

 Provide solutions, guidance, and expertise in IT security.

 Maintain written IT security policies, standards and procedures as appropriate.

  Collecting data relative to the state of IT security at ASU and communicating as needed.

 Provide guidance on the information security requirements of federal, state and local privacy
regulations.

Information security program

The elements, structure, objectives, and resources that establish an information system’s security
function within the university.

Integrity

The accuracy and completeness of information and assets and the authenticity of transactions.

Intellectual property

Ideas for which property rights are recognized under patent, trademark, or copyright law. Usually, a work
originating from thought or an idea that is distinct, separate, clearly definable, and novel.

Internet

A global system interconnecting computers and computer networks. The computers and networks are
owned separately by a host of organizations, government agencies, companies, and colleges.

Intrusion detection system (IDS)

Hardware or a software application that can be installed on network devices or host operating systems
to monitor network traffic and host log entries for signs of known and likely methods of intruder activity
and attacks. Suspicious activities trigger administrator alarms and other configurable responses.

Lawful intercept

The interception of data on the university network by ISO and IT Networking and Telecommunications
staff, in accordance with local law and after following due process and receiving proper authorization
from the appropriate authorities.

Local account

Account that allows access only to a local system and uses those systems local authentication service.

Local area network (LAN)

A data communications network spanning a limited geographical area. It provides communication

between computers and peripherals at relatively high data rates and relatively low error rates.

Local storage

Storage that is physically local to the workstation or server.

Malicious code

Software designed to infiltrate or damage a computer system without the owner’s informed consent.
The expression is a general term used by computer professionals to mean a variety of forms of hostile,
intrusive, or annoying software or program code including spyware, Trojan horses, viruses, and worms.
Mission critical information system

Information system defined to be essential to the university’s function and which, if made unavailable,
will inflict substantial harm to the university and the university’s ability to meet its instructional,
research, patient care, or public service missions. Mission critical information systems include those
systems containing sensitive information.

Network

All associated equipment and media creating electronic transmission between any information
system(s), such as wired, optical, wireless, IP, synchronous serial, telephony, etc.

Offsite storage

Based on data criticality, offsite storage should be in a geographically different location from the campus
that does not share the same disaster threat event. Based on an assessment of the data backed up,
removing the backup media from the building and storing it in another secured location on the campus
may be appropriate.

Owner

See information owner.

Password

A string of characters used to verify or “authenticate” a person’s identity.

Password complexity

The characteristic of a password typically described by the number of characters, the size of the
character set used, and the randomness with which those characters were chosen.

Password strength

Description of a password’s ability to resist being guessed or otherwise mathematically or

cryptographically discovered.

Patch

A fix or update for a software program usually related to a security issue.

Penetration Test

A controlled attempt to circumvent the security of a network or computer system to test its ability to
resist hacking.

Perimeter security control

The first layer of defense against malicious traffic that filters information between university internal
networks and the internet.

Personally identifiable information

Any information that alone or in conjunction with other information identifies an individual, including
Social Security numbers, driver’s license numbers, military ID numbers, passport ID numbers,
passwords/PINs, personal accounts, credit card numbers, protected health information, financial
information, criminal history records, unpublished home addresses or phone numbers, biometric data,
and any other information that is deemed confidential by law or university policy.

Physical security

Area of knowledge concerned with creating and enhancing the safety and security of a physical space
and the physical assets contained therein.

Physical security control

Devices and means to control physical access to sensitive information and to protect the availability of
the information. Examples are physical access systems (fences, mantraps, guards); physical intrusion
detection systems (motion detector, alarm system); and physical protection systems (sprinklers, backup
generator).

PIN

Personal identification number - typically associated with systems using a physical security card (ATMs)
together with a short number to authenticate an individual.

Plaintext data

Data in a form readable by anyone having access to the system on which it is stored or to the network
over which it is transmitted.

Portable computing device

Any handheld portable device capable of performing basic computer tasks such as chat, email, web
browsing, and storing information - smart phones, tablet computers (iPads), and PDAs all fall into this
definition.

Production system

Any University system, software, or application that is used in the daily operations of the University.

Program

Set of instructions written in a computer programming language that performs a specific set of related
functions (Microsoft Word, et.al.).

Protected information

Any information provided protection by law, regulation, or other legal means which mandates the
methods, controls, processes, and/or procedures to afford such protection. This includes Personally
Identifiable Information (PII).

Removable media
Any storage device built and intended to be easily connected to and removed from a computer system -
examples include memory sticks, pen drives, external hard drives, and CD/DVDs.

Resolution

Returning service through the implementation of a permanent solution or a workaround.

Risk

Potential that a given set of circumstances and actions will lead to an undesirable outcome - in terms of
information this means loss of one or more of (confidentiality, availability, and integrity).

Residual risk

Any risk remaining once controls have been applied. The amount of residual risk allowed will be
determined by the organization’s tolerance for risk.

Risk assessment

The process of identifying, evaluating, and documenting the level of impact that may result from the
operation of an information system on an organization’s mission, functions, image, reputation, assets, or
individuals. Risk assessment incorporates threat and vulnerability analyses and considers mitigations
provided by planned or current security controls.

Risk management

Decisions to accept risk exposures or to reduce vulnerabilities and to align information system risk
exposure with the organization’s risk tolerance.

Root access

Most privileged access to a computer system allowing the use, change, and deletion of any and all
configuration information, system software, and data.

Scheduled change

Formal notification received, reviewed, and approved by the review process in advance of the change
being made.

Scheduled outage

Any previously agreed upon period in which a system is not available for normal use. This typically
requires specific methods of discussion, approval and scheduling (Change Management).

Security administrator

The person charged with monitoring and implementing security controls and procedures for a system.
Whereas each university will have one information security officer, technical management may designate
a number of security administrators.

Security incident

Any incident in which the secure configuration of a system has been compromised.
Security incident management

Area of incident management focused on controlling and correcting vulnerabilities, exposures, and
compromise of the secure configuration of any system.

Sensitive information

Information maintained by the university that requires special precautions to protect it from
unauthorized modification or deletion. Sensitive information may be either public or confidential. It is
information that requires a higher-than-normal assurance of accuracy and completeness. The controlling
factor for sensitive information is that of integrity.

Server

Any computer providing a service over the network. Services include, but are not limited to: website
publishing, SSH, chat, printing, wireless access, and file sharing.

Single sign-on

Ability for a user to sign in once and have that sign-in allow access to multiple information systems
without the need for providing a username and password for each separate system.

Spyware

Software that is installed surreptitiously on a computer to intercept or take partial control over the user’s
interaction with the computer, without the user’s informed consent. While the term suggests software
that secretly monitors the user’s behavior, the functions of spyware include collecting various types of
personal information, interfere with control of the computer, changing computer settings, and
redirecting web browser activity.

Strong password

A strong password is constructed so that it cannot be easily guessed by another user or a “hacker”
program. It is typically a minimum number of positions in length and contains a combination of
alphabetic, numeric, or special characters and should not be linked to any personal information such as a
birth date, Social Security number, and so on.

System administrator

Person responsible for the effective operation and maintenance of information systems, including
implementation of standard procedures and controls, to enforce a university’s security policy.

Synchronization

Process whereby information on two systems is shared so that each system’s copy is identical to the
other.

System

In the context of IT, any device capable of performing complex functions to provide services by use of
hardware, firmware, software, or other programming. Systems may include workstations, desktops,
laptops, servers, routers, and switches.
System hardening

Process of enhancing the configuration of a system so that there is greater assurance the system can be
used only by authorized users for authorized purposes.

Test and development systems

Systems used exclusively for testing or development of software and not used to directly support
university operations.

Trojan

Destructive programs-usually viruses or worms-that are hidden in an attractive or innocent-looking piece

of software, such as a game or graphics program. Victims may receive a Trojan horse program by email or
on portable media, often from another unknowing victim, or may be urged to download a file from a
website.

Unauthorized disclosure

The intentional or unintentional revealing of restricted information to people who do not have a
legitimate need to access that information.

Unscheduled change

Failure to present notification to the formal process in advance of the change being made. Unscheduled
changes will only be acceptable in the event of a system failure or the discovery of a security
vulnerability.

Unscheduled outage

Any period in which a system is not available for normal use and that lack of availability was not
previously discussed, approved, and scheduled.

UPS

An uninterruptible power supply. An electrical apparatus that provides emergency power to a load when
the input power source (usually commercial power) fails.

Use/Using

An umbrella term that includes the terms store, process, change, delete, read, and access (and their
progressive forms).

User

An individual that is authorized by the information owner to access the resource, in accordance with the
information owner’s procedures and rules. The user is any person who has been authorized by the
information owner to read, enter, or update that information. The user is the single most effective
control for providing adequate security. See OP 44.00 and OP 44.01 for a list of duties and
responsibilities.

Username
A pseudonym used by a user to access a computer system - typically based on the user’s legal name or
some derivative thereof.

Virtual private network (VPN)

Encrypted connections over a larger network, typically over the Internet, which simulates the behavior
of direct, local connections.

Virus

A computer virus refers to a program that enters your computer—often through email or Internet
downloads—and makes copies of itself, spreading throughout your computer and files. There is a wide
range of computer viruses out there. They can be anything from merely annoying to horribly damaging—
deleting files or making your computer inoperable. Viruses attach themselves to an application on a
computer and aren’t actually executed until that application is accessed or run.

Vulnerability

Any exploitable aspect of a system or process.

Web page

A document on the World Wide Web. Every web page is identified by a unique URL (uniform resource
locator).

Web server

A computer that delivers (serves up) web pages.

Website

A location on the World Wide Web, accessed by typing its address (URL) into a web browser. A website
always includes a home page and may contain additional documents or pages.

Wireless networking

Transmission of computer-based information over short to medium distances using radio frequencies.

Wireless adhoc networking

Wireless networking in which centralized authorization and infrastructure are not used - this is an
unauthorized method of connecting systems to the university network.

World Wide Web

Also referred to as “the Web.” A system of Internet hosts that supports documents formatted in HTML
(hypertext markup language), which contain links to other documents (hyperlinks) and to audio, video,
and graphic images. Users can access the Web with special applications called browsers, such as Firefox
and Microsoft Internet Explorer.

Worm
A program that makes copies of itself elsewhere in a computing system. These copies may be created on
the same computer or may be sent over networks to other computers. The first use of the term
described a program that copied itself benignly around a network, using otherwise-unused resources on
networked machines to perform distributed computation. Some worms are security threats, using
networks to spread themselves against the wishes of the system owners and disrupting networks by
overloading them. A worm is similar to a virus in that it makes copies of itself, but different in that it
need not attach to particular files or sectors at all.