What every small enterprise needs to know about information security. A simple and useful dictionary which finally explains the most important security terms.
Find out more about our services here: https://www.business-solutions.telefonica.com/en/sme/solutions/
2. º
An antivirus is a type of software
that detects, prevents and
mitigates malware infections on
different computing devices, such as
computers or smartphones.
Antivirus_
3. A backdoor is a mechanism that allows
access to a computer and its data
bypassing security mechanisms.
Backdoor_
4. A backup refers to the copying and
archiving of computer data to a
secondary site for protection in case of
technical failure or another disaster.
Backups may have two purposes: recover
data after its loss or recover data from an
earlier time.
Backup_
5. A cookie is a small amount of data
generated by a website and stored
by your browser on your device.
Its purpose is to distinguish which user
has visited the website in order to
show tailored information.
Cookies_
6. A data breach is a leak of
confidential information from
a company or internet service.
Data breach_
7. A distributed denial of service (DDoS) is
a type of cyber attack that aims to
leave an internet service inaccessible
by consuming all its resources because
of simultaneous access from
numerous different locations.
DDoS attack_
8. Disaster Recovery (DR) is an area of
security aimed at restoring the normal
functioning of an organization.
DR involves a set of policies and
procedures to enable the organization to
maintain or rapidly resume critical
functions following a disaster.
Disaster
Recovery_
9. º
Encryption is the conversion of a
message or text whose content is to
be protected into another type of
non-recognizable text by using an
algorithm and one or more passwords.
Encryption_
10. An exploit is a code, a piece of data or a
script that allows attackers to take
advantage of a security failure or
vulnerability in order to cause unexpected
behaviour to occur.
Such behaviour frequently includes gaining
control of a computer system, allowing
privilege escalation or denials of service.
Exploit_
11. A network security system that
monitors incoming and outgoing
traffic and decides whether to
allow or block specific network
traffic based on predetermined
security rules.
Firewall_
12. The secure web browsing protocol.
It is used for authentication of visited
websites, to protect the privacy and
integrity of the exchanged data.
HTTPS_
13. Identity and Access Management (IAM) is
a service that enables enterprises to
manage users and user permissions.
It is the security discipline that enables
the right individuals to access the right
resources at the right times for the right
reasons.
IAM_
14. A program or hardware device that
covertly monitors each keystroke
typed into a device’s keyboard.
Keyloggers are commonly used by
attackers to steal vital information such
as personal details, credit card data, login
credentials, etc.
Keylogger_
15. Short for malicious software, it is any
type of software with malicious
behaviour.
Malware is commonly used to disrupt
computer or mobile operations, gather
sensitive data, gain access to private
computer systems…
Malware_
16. Managed security services are
device management services
that a company outsources to
a third party.
Managed
security_
17. º
A type of attack in which fraudulent
communications are used to deceive
the user and obtain sensitive
information (passwords, personal
data, credit card details).
The attacker pretends to be a
trustworthy entity or person to obtain
that information.
Phishing_
18. A type of malware for data kidnapping.
The attack consists of hijacking the data
of an organization or individual and then
demanding payment in exchange for
recovering that information.
Ransomware_
19. A computer networking protocol
for securing connections
between a server and a client.
The SSL ensures that all data
transmitted between the server
and clients remain private.
SSL (Secure
Socket Layer)_
20. A malicious software that seems
legitimate and harmless but performs
some illicit activity when run.
It may be used to locate passwords
information or simply destroy the user's
stored software and data.
Trojan_
21. A method of confirming a user’s
claimed identity using a combination
of two different methods.
For example, a password and a
fingerprint or a PIN code and a
message sent to your phone. It is an
extra layer of security.
Two-factor
authentication_