Glossary of Technical Terms
When it comes to keeping students safe online,
here are the terms and concepts you should know.
Authentication is the way we prove something to be true or genuine. In computer terms, authentication is the way a program or website validates the identity of the user. For some, this is as simple as a tracking cookie. Others may include passwords, fingerprints, or facial or voice recognition. In some cases, two-factor authentication may also require the user to input a code received by text or email.
Encryption is the way data is temporarily concealed so that it can’t easily be read while it’s being transmitted. Bulk encryption is a method in which combined transmissions from several data streams are all encrypted together. This is a more secure way of encrypting large amounts of data, making it almost impossible for anyone without the proper decryption algorithm to read.
A cache holds information about all of the different websites and pages you’ve visited, so your computer doesn’t have as much to download each time you go back. Have you ever noticed that the first time you load a website it may take a little longer than subsequent visits? This is because some of the website’s data is stored in a cache on your computer. This may include your sign-in information and other personal details. For this reason, it’s important that you clear your cache regularly to protect your privacy.
Children’s Internet Protection Act (CIPA)
The Children’s Internet Protection Act, sometimes referred to as CIPA, was enacted by Congress in 2000 in response to concerns about obscene or harmful internet content. It requires all pornographic websites to use age verification and prohibits public pornography on the web. For schools and libraries who receive discounted internet access through the E-rate program, it has strict rules for internet safety. These rules are designed to protect minors from accessing harmful or inappropriate content. They also address unauthorized access by minors and unauthorized disclosure of their personal information.Learn more about Children’s Internet Protection Act (CIPA)›
A Chromebook is a laptop or tablet that uses Chrome OS as its main operating system. In contrast with a traditional laptop, most activities on a Chromebook are performed in the Chrome browser, with the bulk of data stored in the cloud, rather than on the machine. These are very popular in the education space because they are comparatively inexpensive to purchase and to maintain.
Chromebook Security Extension
Because Chromebooks run primarily on the Chrome browser rather than on installed programs, their security is a bit different from the typical PC. This means that typical Windows or iOS security programs do not apply to them. Instead, the Chromebook Security Extension (CSE) provides security for users within the browser itself. CSE helps to protect users from malware and in the case of schools, content that is prohibited by the Children’s Internet Protection Act (CIPA).
A firewall is a form of network security that blocks incoming and outgoing traffic that could be potentially dangerous. Typical firewalls are installed on and designed to protect a physical computer drive or server. Since so much of today’s computing is cloud-based, a new technology is required. Cloud firewalls, then, are deployed in the cloud, to protect online data and environments.
It’s no surprise to most that there is both good and bad available online. Content filtering is a technology that allows a user to access only the appropriate types of content while filtering out those administrators want to block. Content filtering can be used to protect children from viewing adult sites, to prevent employees from wasting time on social media and other non-approved sites, or to keep private individuals from being taken in by scam or phishing sites.Learn more about Content Filtering ›
The internet is all about content delivery. Whether text, images, video, audio, or interactive elements, each piece of a webpage or site must be successfully delivered to the end-user. Content routing is a means of delivering content to users based on a specified set of rules. This could mean that paying customers get priority over free users. Or it could mean that text and images are delivered in a different way from video and audio.
Computer cookies are small bits of data sent from websites and stored on a user’s computer. Cookies allow sites to remember a user’s preferences, identity, and other information. This is how you stay logged in on your favorite sites, even if you close your browser or power off your computer. Third-party cookies are instead stored on a server elsewhere. This data is then used to track internet use and compile data about individual users. This is how search engines can show you ads related to previous views or searches.
Sometimes called computer security, cyber security is the technology used to keep users, their hardware, and their data safe online. It may protect against digital attacks like viruses and trojans, or against scams and other forms of internet danger. Cyber security may include virus and malware protection, firewalls, virtual private networks (VPNs), content filters, and other types of security. The best defense is a multi-layered approach featuring many, if not all, of these technologies.
Data compression is a vital part of improving speed on the internet. In general, the smaller the file, the faster it can be transmitted. Data compression encodes information by reducing redundancy and using fewer bits than the original file. This allows it to be transmitted more efficiently. There are two types of data compression. Lossy compression means that images, video, and audio files are delivered in a smaller or less detailed format than the original. Lossless compression is more often used today, delivering files indecipherable from the original as it was sent.
Data Loss Prevention (DLP)
Data loss prevention (DLP) software is a toolset that allows us to secure sensitive data. DLP is designed to detect potential weak spots where data is vulnerable. It identifies areas where data security policies are being violated, then uses alerts and encryption methods to secure the data in question. It also provides the necessary reports for companies and organizations to comply with data security laws and regulations.
Data protection is the way businesses and organizations keep their data safe. This includes two main areas: data management and disaster recovery. Data management seeks to keep data secure by using encryption and other protective measures. Disaster recovery (sometimes called business continuity) is the way a company or organization recovers after a problem occurs. This includes keeping and safeguarding backups in order to restore data that has been compromised, whether maliciously or accidentally.
Deep Web & Dark Web
The deep web consists of any page, site, or other part of the internet that is not indexed by search engines. The deep web goes by many names. You might hear it called the hidden web or the invisible web. Portions of the deep web, called the dark web, are used for illegal transactions, but this is not the majority. Many more pages and sites are concealed for privacy reasons. This includes your personal email, banking data, and other private accounts. So are pages that are secured behind paywalls such as sites that require a subscription to access.Learn more about Deep Web & Dark Web›
Digital citizenship is the way we all, as citizens of the digital world, behave while online. It includes concepts of digital responsibility such as avoiding digital distraction, protecting our online privacy and that of others, understanding and minimizing the negative environmental and societal disruptions caused by technology, and minimizing the negative effects of technology on our health.Learn more about Digital Citizenship›
Domain Name System (DNS)
The domain name system, or DNS, is an index of the entire internet. When you type a website into your web browser, DNS servers convert this into an internet protocol (IP) address. This allows your computer to quickly find and access the appropriate site. Many DNS servers are provided by internet service providers (ISPs). DNS attacks occur when viruses or malware are used to change the DNS server of a website to a different IP address. This may then show a broken link, or a page of the malicious party’s choosing.
Electronic discovery, sometimes called ediscovery or e-discovery, is a legal term referring to the electronic portion of the discovery process in litigation. The data accessed through e-discovery is called electronically stored information or ESI. This may include emails, text messages, chat transcripts, electronic documents, and any other type of electronic communication or file that is relevant to a legal case.
Email compression is a technological process that reduces the size of an email and any attachments it may contain. This allows the message to be transmitted more quickly over electronic channels. It also reduces the size of the file for storage and archival purposes, allowing an email server to store many more messages than it would otherwise. Without compression services, large files sent via email would threaten to bottleneck email servers at businesses, organizations, and schools.
Email encryption is a process used to encode (or encrypt) email messages so that they cannot be easily intercepted and read while transmitting. Once the email has been received by the designated recipient, it is then decrypted so that it can be easily read. Email encryption processes may or may not include authentication processes. This is a primary method of protecting sensitive information transmitted via email, which is considered a vulnerable communications method.
Email security is a blanket term used to discuss the many measures used to protect the contents of and access to an email account or server. This typically includes email authentication and email encryption. It may also include virus and malware protection as well as protections against spam and phishing attacks. Typically, email security is carried out through a secure email gateway, which may be either on a company or organization’s servers locally, or handled in the cloud in the case of web-based email clients.
Email spoofing is the creation of forged email messages. When an email is spoofed, the sender alters the email’s header to disguise the message’s origins. A spoofed email will typically say it comes from an email address other than its actual source. This may be used in phishing or other types of email scams. At other times, it may be used to mislead or prank a recipient for personal reasons.Learn more about Email Spoofing›
Exchange Online Protection (EOP)
Exchange online protection, or EOP, is Microsoft’s cloud-based email service that filters messages to detect spam, malware, and other malicious messages. Because the service is cloud-based, it does not require an installed software package on the user’s computer. EOP is a subscription based service that is part of the Exchange Online product group. It is activated by changing a customer’s mail exchanger record. It was formerly known as Forefront Online Protection for Exchange (or FOPE).
General Data Protection Regulation (GDPR)
The EU’s General Data Protection Regulation (GDPR) was passed in 2016 to protect data and online privacy. The regulation is in effect if any party to a data transaction is based in the EU. It stipulates that unless a user has provided informed consent, personal data may not be processed without a legal basis. It also provides data subjects with certain rights including information about their data and access to it.
Google Cloud Platform (GCP) Security
GCP stands for Google Cloud Platform. GCP security is a shared responsibility model, meaning that the responsibility for securing data in Google’s cloud is split between Google and GCP users. Google maintains responsibility for the cloud itself, while users are responsible for any data placed inside the cloud structure, including all documents, files, and applications. GCP Security Services include several tools designed to provide security and transparency for users.
Hybrid cloud is a computing structure that includes at least one private and one public cloud environment or a combination of a virtual environment connected to a cloud, whether public or private. Hybrid clouds connect multiple computers in a network environment to enable the process of moving files and data between them. Typically they are scalable and also feature a single management system.
An incident response is the way an organization deals with a security incident such as a data breach or cyberattack. Any organization with an online presence should formulate an incident response plan so that they are prepared in advance of a situation. Many larger organizations include the designation of a computer incident response team (CIRT) in place to implement their response plan.
Internet filtering is when software is used to prevent computer users from accessing certain sites or portions of the internet. Internet filters may be installed by anyone who runs or maintains a network including companies, schools, organizations, and public access points such as libraries. In some instances such as schools and libraries, the Child Internet Protection Act (CIPA) requires filtering to be in place to prevent children from viewing pornographic content.
Internet of Things (IoT) Security
The internet of things, or IoT, includes all internet connected devices, including items traditionally thought of as computers and smart devices such as security systems, internet-connected appliances and other connected electronics. IoT security describes methods and devices designed to protect those non-traditional smart devices from security threats such as hackers and cyberattacks. Safeguarding these devices and the networks they are connected has become more high profile after a series of incidents involving home security cameras and smart speakers.Learn more about Internet of Things (IoT) Security›
A network firewall is software that acts as a gateway for traffic coming into and out of a network. These firewalls prevent unauthorized users from accessing private data or intercepting messages and data as it is transmitted to users on an intranet or other network. Firewalls generally block data packets from passing through based on a defined set of security rules.
A network perimeter defines and secures the boundary between the private and public portions of a company or organization’s network. Private portions typically include internal files, company email, and intranet functions. Public portions include the organization’s website and any content designed to be accessed by those outside the organization. The network perimeter typically includes firewalls, border routers, and prevention and detection mechanisms.
Next-Generation Firewall (NGFW)
A next-generation firewall (NGFW) is an updated version of firewall technology designed for modern internet use. Typical firewalls are based on port or protocol inspection and blocking. A NGFW, on the other hand, adds in more intelligent blocking options such as application-level inspection, intrusion prevention systems (IPS), and in-line deep packet inspection. This type of protection extends to both mobile and cloud based users, in addition to traditional users.Learn more about Next-Generation Firewall (NGFW)›
Open Web Application Security Project (OWASP)
The Open Web Application Security Project, or OWASP, is a digital community committed to creating free web application security technologies. OWASP brings together developers and technologists to create tools and resources, as well as education and training materials. In addition to their online community, there are also local chapter meetings and regional conferences. They are known for publishing the OWASP Top Ten which identifies critical risks to digital security.
Quality of Service (QoS)
The quality of service, or QoS, of a network is the measurement of the performance of that network as experienced by its users. QoS is also used to describe the technologies on that network that are designed to promote dependability and maintain quality even under limited capacity situations. This technology manages data transfer to reduce latency and packet loss on the network.
Ransomware is an increasingly common type of cyber attack that is essentially a digital form of blackmail. There are two main types of ransomware. The first threatens to expose a victim’s private data, often including financial information or private files. The second restricts access to the files or other data on a victim’s system until the ransom is paid. While this type of attack has been in use since at least 1989, recent attacks on large corporations and even government agencies have brought it to the forefront of security concerns.
Remote access is the ability to access a computer or server from a remote location. This is typically achieved through a standard network connection, but can also be managed through telecommunications or a cloud environment. This access is handled through a remote access service (RAS) or virtual private network (VPN). Remote access is often used by help desks for troubleshooting purposes and workers who telecommute.Learn more about Remote Access›
RSA SecurID is a two-factor public-key authentication technology from RSA Data Security. It uses the same standard encryption algorithm as for secure data transferred over virtual networks. The system has two facets: a password or PIN known by the authorized user and a physical token such as a USB drive, smart card, or fob. Unlike many other two-factor authentication systems, SecurID uses hardware authentication, providing an extra layer of security.
Sandboxing is a computer security management system that separates concurrently running programs in order to keep one’s vulnerabilities from affecting the others’. This is a common method used to test unsecured or untested programs or those received from unknown third parties. It allows users to run such programs without the risk of causing harm to the rest of their system or files. Sandboxing can also be used to investigate files or programs that contain known security exploits such as viruses or malware.Learn more about Sandboxing›
Social-Emotional Learning (SEL)
Social emotional learning is the way in which children, and sometimes adults, learn self awareness and control. This includes the ability to understand and manage their own feelings and emotions, as well as the ability to feel empathy for others and understand others’ emotions. SEL is vital to the ability to establish and maintain healthy relationships and to function properly in society.Learn more about Social-Emotional Learning (SEL)›
Social engineering is the process of manipulating people or groups into doing things that they otherwise would not. In the context of computer security, this is typically used to get people to divulge confidential information. It can also be used to persuade someone to click on a malicious link or to convince someone to purchase an item that they normally wouldn’t. Common forms of social engineering include phishing and impersonation.
Software as a Service (SaaS)
Software as a service, or SaaS, is a software model where users do not own their software, but rather subscribe to it. SaaS is sometimes referred to as on-demand software. Subscription based models provide its customers with the benefit of regular updates and new features. SaaS programs are typically web-based, though they may also be installed on the user’s machine and then unlocked through an internet connection.
Software-Defined Wide Area Network (SD-WAN)
A software-defined wide area network (SD-WAN) is a networking technology that can be applied to wide area networks such as those from broadband internet providers, or mobile networks like 4G or LTE. A SD-WAN connects multiple smaller networks over large geographic areas. This may include multiple offices of the same company or several separate data centers. SD-WAN technology streamlines broadband connectivity and allows for greater security over distance.
Spyware is a type of malware used to spy on or gather information about a user without their knowledge, then transmit the gathered data without the user’s consent. While it may not be discussed often, spyware is actually one of the most common security threats faced by internet users. Spyware may be difficult for users to detect, and is often challenging to remove. This is one of the reasons that all internet users should be sure to routinely check their systems for malware using a trusted anti-malware program.
SQL Injection (SQLi)
SQL injection, or SQLi, is a cyberattack method in which malicious code is inserted without the user’s consent. The code used is in the form of SQL statements, programming code designed to perform routine tasks on a database. SQLi is typically used to perform tasks such as dumping all of the data from a database to the attacker, or hand over administrative control of the database itself. It may also destroy data, change or corrupt specific data fields, or void transactions and change balances.
An SSL VPN, or secure sockets layer virtual private network, is a technology used to provide secure, remote VPN access. Put simply, it allows remote users to access private files, applications, and programs without installing specialized software to do so. In an SSL VPN, multiple types of devices can access the private network and the data contained inside. All of the traffic into and out of the network is encrypted with SSL protocols. This technology is far easier to use than prior remote VPN options.
Suicide prevention programs are designed to reach at-risk individuals and intervene with crisis resources and support. Due to the increase in teen suicides, many schools are now developing and implementing their own suicide prevention programs. If your school has not yet explored this topic, there are a great deal of life-saving tools available to help students, teachers, and administrators alike.
With URL Filtering, internet users are prevented from accessing specific websites, or URL categories. Typically URL filtering is accomplished by comparing each URL requested to a database of unapproved sites. If there is no match, the user is allowed to continue to the site requested. This type of filtering is often used by companies and organizations to keep employees or users from accessing harmful or distracting content.
User Security Awareness
User security awareness is the process of educating users of current cyber crimes and techniques, including phishing and other social-engineering attacks, that may unintentionally divulge financial or private information. Even the most sophisticated web security programs and policies can be easily defeated by simple human error. This is why user security awareness should be considered a vital part of any internet security policy. User security awareness should include training and testing related to cyberattacks and internet scams including social engineering tactics. This training should be updated regularly as new types of attacks are constantly emerging.
Web filtering software is sometimes also called content-control software. It allows network administrators to specify what types of web content can and cannot be accessed on their network. This type of program is often implemented by companies to keep employees from spending time on non-work-related pursuits. It is also required by the Children’s Internet Protection Act (CIPA) on networks run by schools and libraries to keep children from accessing pornographic materials.