Free Demo Contact

Glossary

0-9

  • 2FA

    Two-factor authentication (2FA) is a form of multifactor authentication (MFA) that strengthens access security by requiring two methods, also called authentication factors, to verify your identity.

A

  • Access Control

    Access control refers to methods and technologies used to secure and manage digital access to applications, data, and other IT resources.

  • Active Directory

    Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services.

  • AD

    Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services.

  • Application Programming Interface

    An API (Application Programming Interface) is a software interface that enables two applications to communicate with each other. APIs are used to exchange information between applications in a standardized way.

  • API

    An API (Application Programming Interface) is a software interface that enables two applications to communicate with each other. APIs are used to exchange information between applications in a standardized way.

  • Attribute-Based Access Control

  • ABAC

  • Audit

    An audit is a systematic examination within an organization of processes, systems, and the data processed within them. The purpose of an audit is to verify whether they comply with predefined rules, laws, and standards.

  • Authentication

    Authentication is the act or process of verifying whether a user, application, or device is actually who or what it claims to be.

  • AuthN

    Authentication is the act or process of verifying whether a user, application, or device is actually who or what it claims to be.

  • Authorization

    The authorization process determines what a person or system is allowed to do within a file, application, or system.

  • AuthZ

    The authorization process determines what a person or system is allowed to do within a file, application, or system.

  • Authorization Matrix

    An authorization matrix is a document, tool, or system that provides a detailed overview of which users or groups have access to specific applications, data, or other facilities within your organization. It is an important aid for account and access management, and it supports your information security and compliance.

B

  • Baseline Information Security for Government

    The Baseline Information Security for Government (BIO) is a standards framework for information security within government, from ministries to municipalities and water authorities.

  • BIO

    The Baseline Information Security for Government (BIO) is a standards framework for information security within government, from ministries to municipalities and water authorities.

C

  • Cloud IAM

    A cloud-based IAM platform is an Identity and Access Management (IAM) service delivered in the cloud.

  • Compliance

    The term compliance literally means adherence. Within organizations, compliance refers to the extent to which you meet the laws and guidelines that apply to that organization.

  • Credential

    A credential is a piece of information used to verify the identity of a user, device, or system. Credentials are used for authentication; a password is the most well-known type.

  • Customer Identity & Access Management

    CIAM stands for Customer Identity and Access Management, the capability to manage customer user accounts and access rights. With CIAM, your organization can ensure that customers have secure access to a customer portal, for example, as well as other applications and data intended for them.

  • CIAM

    CIAM stands for Customer Identity and Access Management, the capability to manage customer user accounts and access rights. With CIAM, your organization can ensure that customers have secure access to a customer portal, for example, as well as other applications and data intended for them.

  • Cybersecurity

    Cybersecurity is the umbrella term for technologies, processes, and methodologies that organizations apply to protect the confidentiality, integrity, and availability of their computers, networks, software, and data.

D

  • Data Mapping

    Data mapping is an IT process in which data from one system is linked or transferred to corresponding fields in another system. This is required for a correct and consistent transfer of information between different applications or databases.

  • Deprovisioning

    Within identity and access management, deprovisioning is the process of revoking previously granted accounts and permissions.

  • Difference Between RBAC, ABAC, and PBAC

    RBAC, ABAC, and PBAC are three different access control methods that can be viewed as successive generations within IAM. They automate decisions about which employees should receive which access rights, and each method uses a different approach.

  • Digital Identity

    A digital identity is the type of identity that enables a person to identify themselves within an IT system or application. It is like an online passport that grants you access to the digital world.

  • Directory Service

    A directory service is a centralized platform for managing identities, applications, and other network resources in an IT environment.

E

  • End-User Self-Service

    End-user self-service is a concept in which users can order and manage services or products online without assistance from staff.

  • Entitlement

    An entitlement, often also called a right, permission, authorization, or approval, grants a user permission or privileges to use a specific application, service, device, or digital content.

G

  • General Data Protection Regulation

    The General Data Protection Regulation (GDPR) imposes additional responsibilities and obligations on organizations when processing personal data.

  • GDPR

    The General Data Protection Regulation (GDPR) imposes additional responsibilities and obligations on organizations when processing personal data.

H

  • Helpdesk Delegation

    Helpdesk delegation is a concept in which we shift administrative tasks from second-line administrators to first-line helpdesk staff or designated key users. This allows us to simplify, accelerate, and reduce IT management costs without compromising security.

I

  • IBP FO Standards Framework

    The Information Security and Privacy Standards Framework for Primary and Secondary Education (IBP FO) is a tool for school boards to improve their information security and the protection of personal data.

  • Identification

    Identification is the act and step of presenting a digital identity to a system, service provider, or organization so they know who they are dealing with.

  • Identity & Access Management

    Identity & Access Management (IAM) encompasses all processes within organizations related to managing users, authorizations, and access.

  • IAM

    Identity & Access Management (IAM) encompasses all processes within organizations related to managing users, authorizations, and access.

  • Identity Governance and Administration

    Identity Governance and Administration (IGA) focuses on the policies and management of digital identities and their access rights across the organization.

  • IGA

    Identity Governance and Administration (IGA) focuses on the policies and management of digital identities and their access rights across the organization.

  • Identity Lifecycle

    The identity lifecycle encompasses all steps involved in managing a user's digital identity, including creation, activation, transition, deactivation, and deletion.

  • Identity Provider

    An IdP (Identity Provider) is a centralized platform that can verify users' digital identities.

  • IdP

    An IdP (Identity Provider) is a centralized platform that can verify users' digital identities.

  • Identity Vault

    An identity vault is an identity safe. In a digital network, an identity vault is a highly secure data store for storing identity information.

  • Identity-as-a-Service

    Identity-as-a-Service (IDaaS) is a cloud-based Identity and Access Management solution that enables customer organizations to manage their identity and access management.

  • IDaaS

    Identity-as-a-Service (IDaaS) is a cloud-based Identity and Access Management solution that enables customer organizations to manage their identity and access management.

  • Information Security

    Information Security (IS) encompasses all measures and processes to protect data within your organization. This is necessary to prevent unauthorized individuals from stealing, altering, or destroying your organizational data.

  • Integration

    Integration is necessary in the modern IT environment to make different systems, applications, and data sources work together.

  • ISO 27001

    The ISO 27001 standard is globally recognized as the leading standard for information security.

J

  • Just-in-Time

    The meaning of Just-in-Time is that products and components are delivered only when needed. This reduces inventory costs, among other benefits.

  • JIT

    The meaning of Just-in-Time is that products and components are delivered only when needed. This reduces inventory costs, among other benefits.

M

  • Manager Self-Service

    Manager Self-Service (MSS) is an application that enables managers to manage data and settings for their team's employees.

  • Multi-Tenant

  • Multifactor Authentication

    Multifactor authentication (MFA) is a method to verify a user's identity (authentication) using three or more factors.

  • MFA

    Multifactor authentication (MFA) is a method to verify a user's identity (authentication) using three or more factors.

N

  • NEN 7510

    NEN 7510 is a Dutch standard for information security in healthcare.

  • NIS2 Directive

    The NIS2 directive is also known as the NIS2 Directive. NIS stands for Network and Information Security, and NIS2 is the successor to the cybersecurity directive previously established within the EU (NIS1).

O

  • OAuth

  • Offboarding

  • Onboarding

    Onboarding includes everything new employees need to feel at home in a new organization and to do their work.

  • One-Time Password

    A One-Time Password (OTP) is a unique sequence of digits or letters that can be used only once for authentication.

  • OTP

    A One-Time Password (OTP) is a unique sequence of digits or letters that can be used only once for authentication.

  • OpenID Connect

    OpenID Connect, also known as OIDC, means you can use a single key to sign in to many different online services without having to remember multiple passwords.

  • Orphaned Accounts

P

  • PAM

    In practice, the acronym PAM refers to both Privileged Access Management and Privileged Account Management. PAM manages and secures so-called privileged accounts; these are accounts used to perform critical IT administration processes, such as system administration, network administration, configuration management, and the management of sensitive data.

  • Passkey

    A passkey is a relatively new and secure way to sign in to websites and apps. A password is no longer required; instead, you use a digital key stored on, for example, your phone, laptop, or tablet.

  • Password Manager

  • Password Synchronization

  • Phased Implementation

  • Phishing

    Phishing is a type of online fraud in which someone impersonates a trusted party to steal personal information, such as passwords or credit card numbers.

  • Principle of Least Privilege

    The Principle of Least Privilege (PoLP) means that users receive access rights only to the applications and data they need to perform their tasks.

  • PoLP

    The Principle of Least Privilege (PoLP) means that users receive access rights only to the applications and data they need to perform their tasks.

  • Privacy

    Privacy is the right to protect your personal information and lifestyle from unauthorized access. It is about maintaining control over what others know about you and how your personal information is used.

  • Privacy by Design

    Privacy by Design is a design principle that requires you to fully account for privacy aspects during the development of information systems and processes.

  • Provisioning

    Provisioning is an essential process in IT management that focuses on efficiently managing user accounts and systems within organizations.

  • Push-to-Verify

R

  • Ransomware

    Ransomware is malware designed to encrypt data, entire systems, or networks, holding them hostage. In this context, a hostage is data or applications that are blocked for users and administrators. The purpose of ransomware is to demand a ransom. The victim, which can be an individual or an organization, must pay a fee to regain access to data or systems.

  • Recertification

    Recertification is part of the HelloID governance functionality. Recertification helps you maintain control over self-service products.

  • Reconciliation

    In the context of IT systems, reconciliation refers to comparing similar data that is stored, used, and processed across multiple systems.

  • Role Mining

    With role mining, you can iteratively map all relevant user roles and their access rights. The input from a role mining project provides the necessary data for implementing Role-Based Access Control (RBAC) in an organization.

  • Role-Based Access Control

    Role-Based Access Control (RBAC) is a method for structuring authorization management within your organization. Instead of assigning authorizations on an individual basis, assign them by role. Roles are composed of attributes such as department, job function, location, and cost center of an employee within an organization.

  • RBAC

    Role-Based Access Control (RBAC) is a method for structuring authorization management within your organization. Instead of assigning authorizations on an individual basis, assign them by role. Roles are composed of attributes such as department, job function, location, and cost center of an employee within an organization.

S

  • SCIM

    SCIM (System for Cross-Domain Identity Management) is an open standard for the automated management of user accounts in cloud applications and services. Using a SCIM interface, systems can exchange, synchronize, and manage account data such as a person's name, email address, phone numbers, and other user attributes.

  • System for Cross-domain Identity Management

    SCIM (System for Cross-Domain Identity Management) is an open standard for the automated management of user accounts in cloud applications and services. Using a SCIM interface, systems can exchange, synchronize, and manage account data such as a person's name, email address, phone numbers, and other user attributes.

  • Security Assertion Markup Language

    SAML stands for Security Assertion Markup Language and is one of the most commonly used standards for exchanging authentication data. SAML enables secure Single Sign-On (SSO). Users authenticate once and do not need to log in again.

  • SAML

    SAML stands for Security Assertion Markup Language and is one of the most commonly used standards for exchanging authentication data. SAML enables secure Single Sign-On (SSO). Users authenticate once and do not need to log in again.

  • Security Questions

  • Segregation of Duties

    Segregation of Duties (SoD), also known as Separation of Duties, literally means separation of functions. The US standards organization NIST describes it, loosely translated, as the principle that no user should be granted sufficient privileges to misuse systems for personal gain.

  • SoD

    Segregation of Duties (SoD), also known as Separation of Duties, literally means separation of functions. The US standards organization NIST describes it, loosely translated, as the principle that no user should be granted sufficient privileges to misuse systems for personal gain.

  • Self-Service

    Self-service is a service delivery model in which users can submit requests, make changes, and perform other actions as independently and directly as possible.

  • Service Automation

    Service automation is a broad term for methods, techniques, and systems that automate manual, routine service processes.

  • Shadow IT

    Shadow IT refers to the use of software and other technologies that an organization’s IT department has not approved.

  • Shift Left

  • Single Sign-On

    Single Sign-On, or SSO, is an authentication method that allows users to sign in once to access multiple applications or systems.

  • SSO

    Single Sign-On, or SSO, is an authentication method that allows users to sign in once to access multiple applications or systems.

  • Single Source of Truth

    A Single Source of Truth (SSOT), also called a system of record, is a centralized, reliable data source where data and documents are recorded once, ensuring consistency, accuracy, and up-to-date status for reuse in business processes via specific systems.

  • SSOT

    A Single Source of Truth (SSOT), also called a system of record, is a centralized, reliable data source where data and documents are recorded once, ensuring consistency, accuracy, and up-to-date status for reuse in business processes via specific systems.

  • Single-Factor Authentication

    Single-factor authentication is the simplest form of authentication and uses one authentication factor to verify a digital identity.

  • SFA

    Single-factor authentication is the simplest form of authentication and uses one authentication factor to verify a digital identity.

  • SOC 2

    SOC 2 stands for Service Organization Control 2 and is a framework for auditing information security and data management within service organizations

  • Strong Authentication

    Strong authentication is a method that uses multiple factors to verify the identity of a digital user or device.

T

  • Toxic Policies

    HelloID supports your identity governance with Toxic Policies functionality. It prevents granting access rights to someone if that person already has conflicting rights.

  • Two-Factor Authentication

    Two-factor authentication (2FA) is a form of multifactor authentication (MFA) that strengthens access security by requiring two methods, also called authentication factors, to verify your identity.

W

  • Workflows

    A workflow is a structured set of steps to run a specific process and achieve an objective. Organizations use workflows to improve efficiency and organize work more effectively.

Z

  • Zero Trust

    Zero Trust is a security principle where users and systems never trust each other by default.