Technology Terms and Definitions
Purpose
This document is intended to define common definitions and terms used in IT policies.
Terms and Definitions
Term |
Definition |
Access Control |
The use of computer-controlled entry and locking devices to limit and log access to areas of a physical facility, usually by means of a digitally-enclosed identification card or biometric device. |
Administrative Safeguards |
Administrative actions, and policies and procedures to manage the selection, development, implementation, and maintenance of security measures to protect the SANY's information assets and to manage the conduct of the SANY community in relation to the protection of those information assets. |
Antivirus |
Software that runs on either a server or workstation and monitors network connections looking for malicious software. Antivirus software is generally reactive, meaning a signature file must be developed for each new virus discovered and these virus definition files must be sent to the software in order for the software to find the malicious code. |
AP |
A wireless access point, or more generally just access point, is a networking hardware device that allows other Wi-Fi devices to connect to a wired network. |
Application |
A computer program that processes, transmits, or stores SANY information and which supports decision-making and other organizational functions. It typically presents as a series of records or transactions. These records and transactions are generally accessible by more than one user. |
Application Administrator |
SANY staff member who is responsible for granting access and providing support on the application to the SANY community. |
Application Manager |
The technology manager who is directly responsible for the development, maintenance, configuration, or functional specifications of the application. He or she is also required to implement, operate, and maintain security measures defined by the information owners. |
Authorized User |
A person authorized to access information resources specific to their role and responsibilities, and who has conveyed upon them the expectation of “Least Privilege.” |
Automated Tools |
Software that executes pre-scripted tests on software applications or hardware devices. |
Availability |
The expectation that information is accessible by SANY when needed. |
Breach |
Any incident that results in unauthorized access of data, applications, services, networks and/or devices by bypassing their underlying security mechanisms. |
Business (Application) Owner |
Business unit that purchased the application using SANY funds allocated to its budget or purchased using a grant. The business owner may be a technology organization for utility services-type applications, such as Banner and MS Exchange. |
Business Interruption |
An event, whether anticipated or unanticipated, which disrupts the normal course of business operations within the SANY . |
Business Unit |
Applies to multiple levels of the SANY, such as a functional unit (e.g., Accountability , Human Resources, Information and Instructional Technologies (I&IT), Legal, and Finance). It may also be comprised of several departments. |
Cable Modem |
Cable companies such as Comcast provide Internet access over Cable TV coaxial cable. A cable modem accepts this coaxial cable and can receive data from the Internet at over 1.5 Mbps. |
Cellular Device |
Any device that is capable of out-of-the-box support for cellular voice and data services. This includes, but is not limited to, Apple smartphones and Android smartphones. |
Cellular Tablet |
Any device that is capable of out-of-the-box support for data services. This includes, but is not limited to, Apple tablets and Android tablets. |
Census |
Survey administered to an entire population. |
Change |
The addition, modification or removal of approved, supported or base lined hardware, network, software, application, environment, system, desktop build or associated documentation of the production IT environment. |
Cloud Services |
Consumer and business products, services and solutions delivered and consumed on-demand, using the cloud service providers' pooled resources, and delivered over a broad network, such as the Internet. |
Computer Devices |
Any type of device connected to a network that could become infected with a computer virus. Examples of computer devices would be, but not limited to, workstations, servers, laptops, tablets, etc. |
Confidential Data |
Highly sensitive data intended for limited, specific use by a workgroup, department, or group of individuals with a legitimate need-to-know. |
Confidential Information |
The most sensitive information, which requires the strongest safeguards to reduce the risk of unauthorized access or loss. Unauthorized disclosure or access may 1) subject SANY to legal risk, 2) adversely affect its reputation, 3) jeopardize its mission, and 4) present liabilities to individuals (for example, FERPA penalties). |
Confidentiality |
The expectation that only authorized individuals, processes, and systems will have access to SANY ’s information. |
Cryptographic Algorithms |
A mathematical algorithm, used in conjunction with a secret key, that transforms original input into a form that is unintelligible without special knowledge of the secret information and the algorithm. |
Cryptographic Keys |
A string of bits used by a cryptographic algorithm to transform plain text into cipher text or vice versa. |
Data Breach |
Disclosure of personally identifiable information (PII) pertaining to students or staff is accessed by any unauthorized person. |
Department Funds |
Funds originate from the Departmental budget |
Dial-Up Modem |
A peripheral device that connects computers to each other for sending communications via the telephone lines. |
Digital Subscriber Line (DSL) |
A form of high-speed Internet access used over standard phone lines. |
Directory Information |
Information identified by SANY that may be released without prior consent of the student. (See Family Educational Rights and Privacy Act policy (00-01-25-05 00) for a comprehensive list of information categorized as Directory Information.) |
Due Care |
Steps that demonstrate the SANY has taken responsibility for the activities that take place within the institution, and has implemented the requisite measures to help protect its assets, including its students, faculty, staff, and the community which we serve. |
Electronic Mail |
A method of exchanging digital messages from an author to one or more recipients |
Electronic Media |
Physical object on which data can be stored, such as hard drives, zip drives, floppy disks, compact discs, CD-ROMs, DVDs, USB drives, memory sticks, MP3 players (iPod), Personal Digital Assistants (PDA's), digital cameras, smart phones and tapes. |
Employee |
An Employee is considered any member in an active pay status according to Human Resources at SANY. This includes but is not limited to faculty, staff, affiliates, etc. |
Encryption |
A process by which data is transformed into a format that renders it unreadable without access to the encryption key and knowledge of the process used. It is also defined as a method of converting information or data into a cipher or code to prevent unauthorized access and requires a passcode or other form of confirming identity to decrypt and access the information or data. |
Encryption Key |
A password, file or piece of hardware that is required to encrypt or decrypt information, essentially locking and unlocking the data. |
Enterprise Information System |
An information system and/or server providing services commonly needed by the SANY community and typically provided by the IERP and or the IRT units. Departmental information systems provide services specific to the mission and focus of individual departments, administrative units, or affiliated organizations. |
FERPA |
Family Educational Rights and Privacy Act. FERPA is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. FERPA applies to the records of individuals from the point of first registration until death of the individual. |
Fiber Optic Service (FiOS) |
A data communications service provided by Verizon that uses fiber optic cables to transfer data. |
Firewall |
A software or hardware-based network security system that controls the incoming and outgoing network traffic based on applied rule set. |
Generic Account |
An account that is shared among a group of individuals, and typically used for devices like kiosks and clinical workstations. There is no corresponding employee account (i.e., RUID). |
Guest Account |
Accounts provisioned to individuals not employed by SANY , but who have a justifiable business reason to access SANY resources. |
High-Performance Computing Resources |
All specialty computing systems, whether a single host or clustered hosts, that are used to address compute-bound, memory-bound, I/O-bound, or storage-bound applications or programs. |
Information Asset |
Application, database, network, or body of information that is of value and importance to the SANY . |
Information Assets |
Defined as (1) all categories of information and data, including (but not limited to) records, files, and databases, regardless of form and (2) information technology facilities, equipment and software owned, outsourced, or leased by the SANY . This includes all SANY IT systems and data, including personal computer systems. |
Information Owner |
Information owners are the business unit managers, senior management, or their designees who have planning and management or legal responsibility for the information generated within their functional areas. They must ensure that the level of protection assigned to their information is relative to its classification and sensitivity. For information regulated by FERPA, the information owner is expected to exercise due care when defining its level of protection. |
Information Resources and Technology (IRT) |
the SANY department responsible for the governance of all information and technology. |
Information Risk |
The potential that a given threat will exploit vulnerabilities of an information asset, thereby causing loss or harm to the information asset. It is measured in terms of a combination of the probability of an event and its impact to the SANY if the confidentiality, integrity, or availability of an asset is compromised. A risk can be financial, operational, regulatory, and/or reputational in nature. |
Information Security Incident |
Includes any incident that is known or has the potential to negatively impact the confidentiality, integrity, or availability of SANY information. This can range from the loss of a laptop or PDA to the virus infection of an end-user workstation to a major intrusion by a hacker. |
Information and Instructional Technology Office (I&ITO) |
Department responsible to the executive management for administering the information security functions within the SANY. The I&ITO is the SANY internal and external point of contact for all information security matters. |
Information System |
Consists of one or more components (e.g., application, database, network, or web) that is hosted in SANY school facility, and which may provide network services, storage services, decision support services, or transaction services to one or more business units. |
Information Technology Infrastructure Library (ITIL) |
Provides a cohesive set of best practice to Information Technology Service Management. |
Infrastructure |
The hardware and software resources of an entire network that enable network connectivity, communication, operations and management of an enterprise network. |
Insecure Practices |
Insufficiently cautious collecting, storing, sending, encrypting, finding,and removing data. Example: Individual student achievement data is transmitted via unsecured email or public wireless networks. |
Integrity |
The expectation that SANY 's information will be protected from improper, unauthorized, destructive, or accidental changes. |
Internal Information |
Data that is owned by the SANY , is not classified Confidential or Private, and is not readily available to the public. For example, this includes employee and student identification numbers and licensed software. |
Labs | A Lab is considered any room that has two or more computers that will be shared or utilized by two or more individuals. |
LAN | A local area network is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus or office building. |
Least Privilege |
Giving every user, task, and process the minimal set of privileges and access required to fulfill their role or function. This includes access to information systems and facilities. Principles of least privilege limit access to the minimal level required for someone to perform their job responsibilities. |
Live Data |
Data accessible to users through systems that are in production environment (i.e., live ) |
Loss |
Inadvertent exposure due to the loss of media. Examples: District backup tapes or paper files are misplaced on their way to a storage facility; laptops are left behind at airports or in taxis. |
Malicious Software |
Computer code that infects a machine and performs a malicious action. This is sometimes perpetrated by computer viruses, worms, trojans, etc. |
Mission-Critical Resource |
Includes any resource that is critical to the mission of the SANY School District and any device that is running a mission-critical service for the SANY School Districtor a device that is considered mission critical based on the dependency of users or other processes. Mission-critical services must be available. Typical mission-critical services have a maximum downtime of three consecutive hours or less. Mission-critical resources for Information Security purposes include information assets, software, hardware, and facilities. The payroll system, for example, is a Mission-Critical Resource. |
Mobile Device |
Including, but not limited to, laptops, tablets (iPad, Android, Windows, etc.) smartphones (Android, iPhone, etc.), and mobile broadband cards (also known as MiFi Hotspots and connect cards). |
Mobile Working |
Performing tasks on the network, from connectivity outside of the network as an employee of SANY School District. |
National Institute of Standard Technology (NIST) |
NIST is the federal technology agency that works with industry to develop and apply technology, measurements, and standards. |
Neglect |
Insufficiently protected data. Examples: Outdated district computers or hard drives are sold or recycled without properly erasing district data,making the information retrievable by anyone with just a few cheap tools; data sits on media that is not adequately protected with a strong password or with encryption, leaving it vulnerable to a hacker or thief. |
PAN |
Credit Card Primary Account Number. |
Password Circulation |
An attempt to bypass the basic password requirement that prohibits reusing the same password within a specified period of time by changing the password repeatedly within a brief period of time in order to be able to reuse the password earlier than intended by the policy. |
Password Policy Enforcement |
Password rules must be enforced according to the standards defined in the SANY School District's Password Policy. |
Personal Identifying Information (PII) |
Personal Identifying Information includes employer tax ID numbers, drivers' license numbers, passport numbers, SSNs, state identification card numbers, credit/debit card numbers, banking account numbers, PIN codes, digital signatures, biometric data, fingerprints, passwords, and any other numbers or info that can be used to uniquely identify an individual |
Phishing |
Phishing, also known as spoofing, is the term used for deceitful or fraudulent emails designed to trick people into providing personal information that leaves them vulnerable to identity theft, computer viruses and compromised email accounts. The number and sophistication of phishing scams continue to increase. Other types of phishing can include phony websites or phone calls that ask potential victims to supply or verify their personal information. |
Physical Safeguards |
Physical measures, policies, and procedures to protect the SANY ’s information assets from natural and environmental hazards, and unauthorized intrusion. |
Private Information |
Sensitive information that is restricted to authorized personnel and requires safeguards, but which does not require the same level of safeguards as confidential information. Unauthorized disclosure or access may present legal and reputational risks to the SANY . |
Privileged Accounts |
An account which, by virtue of function, and /or security access, has been granted special privileges within the computer system, which are significantly greater than those available to the majority of users, including but limited to, local administrative accounts, privileged user accounts, domain administrative accounts, emergency accounts, service accounts, and application accounts. |
Privileged Information |
Refers to attorney-client communication. |
Production IT Environment |
System components used to provide information technology (IT) service to employees, faculty, patients, students, including but not limited to server hardware and associated operating systems, virtual servers, software applications, virtual applications, networks, data storage, air-conditioning, power supply, server rooms, datacenters, networks, and workstations that are part of the SANY Environment. |
Public Information |
information that is readily available to the public, such as the information published on web sites. |
Public Network |
Any network outside the SANY network. |
Remote Access |
Connection to a data-processing system from a remote location, for example through a virtual private network. |
Removable Media |
Including, but not limited to CDs, DVDs, storage tapes, flash devices (e.g., CompactFlash and SD cards, USB flash drives), and portable hard drives. |
Research Funds |
Funds originate from a Research grant |
Risk Assessment |
A process used to identify and evaluate risks and their potential impact on the SANY . |
RUID |
Reserved User ID. |
Sanitization |
To expunge data from storage media so that data recovery is impossible. The most common types of sanitization are destruction, degaussing, and overwriting. |
Sanitized |
The process of removing sensitive information from a document or other medium, so that it may be distributed to a broader audience. |
SANY Community |
Includes employees (e.g. faculty, staff, administration), students, former students, alumni, non-employees (e.g. contractors, vendors, guest affiliates), parents, agents and any other third parties of SANY. |
SANY Data |
Any data related to SANY functions that are a) stored on SANY information technology systems, b) maintained by SANY faculty, staff, or students, or c) related to institutional processes on or off campus. This applies to any format or media (in other words, it is not limited to electronic data). |
SANY Funds |
All SANY funding sources, including, but not limited to, operational budgets, capital budgets, and grants. |
Secure Backup (Encryption Recommended) |
The process of making a backup copy of information for the purpose of data recovery with security safeguards present to ensure the backup copy of the data remains protected from unauthorized access at all times. This may include physical protections as well as encryption to safeguard the backup information. |
Secure Area |
Areas within a building that house critical information technology services shall be designated as secure areas. |
Secure Shell (SSH) |
A secure network protocol for secure network communication services between two networked computers. |
Security Awareness Training (SAT) |
A method to inform users about the importance of protecting information technology systems and assets. SAT teaches security key concepts and best practices, such as creating a strong password, protecting mobile data, following IT Security policy, and reporting security incidents. |
Security Awareness Training Program |
The vehicle for disseminating security information for the SANY Community. Establishing and maintaining an information security awareness and training program will help to protect SANY's vital information resources. |
Security Control Owner |
The Operations Manager, Dean, or IT who is responsible for the area that is being secured by a camera and/or control access system. |
Security Event |
A possible unauthorized attempt to compromise the confidentiality, integrity, or availability of the SANY's electronic information or information systems. It may be a local threat that can or has evolved to present a larger risk to the SANY. |
Security Incident |
An actual or possible breach of the SANY 's safeguards that protect its electronic information, information technology infrastructure or services, or information systems (or dependent information systems), and presents a significant business risk to the SANY . |
Sensitive Information |
Sensitive Information includes all data, in its original and duplicate form, which contains Protected Health Information as defined by HIPAA Student education records, as defined by the Family Educational Rights and Privacy Act (FERPA) Customer record information. Sensitive data also includes any other information that is protected by SANY policy or federal or state law from unauthorized access. This information must be restricted to those with a legitimate business need for access. Examples of sensitive information may include, but are not limited to, social security numbers, system access passwords, , public safety information, information security records, and information file encryption keys. |
Service Accounts |
Accounts created by to satisfy specific functions, such as communications between systems or to facilitate other operational requirements. |
Service Help Desk |
The SANY technology service team that receives and handles requests for technical support and requests for new or changes to technology and voice services |
SIRT |
Security Incident Response Team. |
Social Media |
Refers to tools that allow the sharing of information and creation of communities through online networks of people. |
Spam |
Unsolicited usually commercial messages (such as Email, text messages, or Internet postings) sent to a large number of recipients or posted in a large number of places. Some spam is merely annoying, while other spam can cause damage to your computer or the entire campus network. |
Spear Phishing |
An email targeted at a specific individual or department within an organization that appears to be from a trusted source. For example, a spear phishing email could appear to come from someone at SANY and target SANY students and employees. |
Standard Access |
Standard Access describes access to Secure Areas that contain protected IT Resources and is restricted to a defined set of individuals who are responsible for the operation of computing and network resources and have a business need for regular access to the facility. Standard Access includes the following user groups: Public Safety/EMT/Life Safety Services, Facilities personnel to maintain environmental services, IRT Services designated personnel and approved SANY third-party vendors. |
Standard Hardware |
A supported computer configuration as designated by Information Resources and Technology. |
Survey |
A method of gathering information from a sample of people. Modes of administration include electronic surveys, paper surveys and telephone surveys. |
Survey Owner |
Individual responsible for final decisions on all aspects of survey methodology and analysis. This is the person who creates or owns the survey. |
Survey Sample |
Group of individuals from a population who will be surveyed. |
System Default Service Accounts |
Accounts created by a software vendor to facilitate installation or provide out-of-the-box functionality. |
Technical Safeguards |
The technology, policies, and procedures used to control access to and protect the SANY’s electronic information and information systems. |
Technology |
Electronic or digital products and systems that are capable of being used to render information, consume information or manipulate information |
Theft |
Deliberate attacks on systems and individuals who have access to sensitive data. Such attacks can cause more harm than inadvertent exposure. Examples: Hacking of district human resource records to obtain employee information,including Social Security numbers; hacking to install malware using encryption that holds district data hostage until a ransom is paid. |
User |
Refers to any member of the SANY community, as well as to visitors and temporary affiliates, who have been explicitly and specifically authorized to access and use the SANY’s data or information systems. |
Video Surveillance |
The use of image capture, processing, transmission and storage equipment for authorized monitoring of public areas. This includes full-motion and still images, use of network transmission capacity, and digital storage and retrieval software. Audio recording is specifically excluded from this definition. |
Virtual Private Network (VPN) |
Extends a private network across a public network, such as the Internet using secure communication. |
Virus Definitions |
Periodic files provided by vendors to update the anti-virus software to recognize and deal with newly discovered malicious software. Virus definition files are periodic files provided by vendors to update the anti-virus software to recognize and deal with newly discovered malicious software. |
Vulnerability |
A flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system's security policy. |
WiFi |
Wireless networking technology that uses radio waves to provide wireless high-speed Internet and network connections. A WiFi enabled device such as a PC, mobile phone, or PDA can connect to the Internet when within range of a wireless network. |
WLAN |
A wireless LAN is a wireless computer network that links two or more devices using wireless communication to form a local area network within a limited area such as a home, school, computer laboratory, campus, office building etc. |
Workstations |
Desktop computers and laptops |