DynaPass Authentication Glossary


Archive for the ‘Data’ Category

Cache

Cache is a storage mechanism that allows systems and data to load faster. Cache can be memory based or used with a high speed storage device such a hard drive. Cache loaded into memory allows the system to perform tasks which are used most often faster. Cache which is stored on your computer hard drive, such as cache from a web page, allows the web page to load quicker since some of the data is stored on the computer and does not need to be downloaded.

Cloud Computing Services

Allowing users to access information from any internet connection cloud computing services offer companies an affordable option for storing and accessing data. The cloud referring to a network of computers offers computing services without the need for knowledge of the system; all IT, software and security measures are handled on the cloud company’s end. An example of a cloud computing service which almost everyone has used is Google’s Gmail which offers email services over the cloud.

Cookie

Cookie is data from a website which is stored on the users computer by the browser to allow the web page to retrieve later and remember settings or preferences of the user.

Electronic Medical Record (EMR)

Patient data that once was stored in file cabinets on paper is now put into an electronic medical record or EMR. Patient healthcare information in an EMR can be stored, transmitted and access by healthcare facilities allowing them to offer patient support remotely as well as work together with other physicians. Electronic medical records security is created through government regulatory compliance of the healthcare facilities.

Electronic Protected Health Information (ePHI)

Electronic protected health information, ePHI, is protected healthcare documentation that is made electronically to be accessed, stored and transmitted through computers and mobile devices. The information must identify an individual including either physical or mental health issues, healthcare provisioning, or payments for healthcare.

See DynaPass Healthcare
See DynaPass HIPAA Compliance

Family Educational Rights and Privacy Act (FERPA)

Federal legislation FERPA (Family Educational Rights and Privacy Act of 1974) requires protection to be in place for personally identifiable information (PII) of students. If a school receives federal funding they are required by government regulatory compliance of FERPA to protect their student’s private info.

Federal Financial Institutions Examinations Council (FFIEC)

Standing for Federal Financial Institutions Examinations Council, the FFIEC was formed in 1979 and maintains financial institution standards for security, accountability and consistency. The council creates uniform principles for supervising financial institutions through regulatory compliance. These principles are created for federal examination by the FRB, FDIC, NCUA, OCC, MAIC and CFPB.

See DynaPass Two-Factor Authentication

Firewall

A barrier, either hardware or software based, in a network designed to prevent unauthorized communication between computers to keep the network more secure. The firewall analyzes the incoming and outgoing data to see whether transmission is allowed as determined by its settings. Software based firewalls are commonly used on personal computers as a shield against attacks or unwanted communication on the internet.

Gateway

A gateway is network point that connects networks which use different protocols. Gateways are commonly used in routers and on the internet.

Gramm-Leach-Bliley Act (GLBA)

The Gramm-Leach-Bliley Act, also knowns as the Financial Services Modernization Act of 1999, became effective as of November 12, 1999 and was enacted by the 106th United States Congress and signed into law by President Bill Clinton. It was an act that allowed financial companies such as commercial banks, investment banks, securities firms, and insurance companies to consolidate. An example of this type of consolidation is Citigroup which was a merger of Citicorp, a commercial bank, and Travelers Group, the insurance company.  The Gramm-Leach-Bliley Act requires financial institutions that offer consumers financial products or services to explain their information sharing practices to consumers and to safeguard sensitive data.  The GLB Act includes the Financial Privacy Rule, the Model Form Rule, the Safeguards Rule and provisions that prohibit pretexting.

Hacking

Hacking is utilizing information or techniques to gain access to confidential systems or networks through bypassing security. Hackers are not always synonymous with sophisticated computer users however. Sometimes the hacking is done by a person privy to confidential information that may be used to defraud security. Traditional hacking is done many times by someone with computer knowledge looking to fraudulently access a system for personal gain or pleasure and often leads to data breach. Common hacking phrases are malware, phishing and pharming.

Hash

A hash is the value or key of a string of characters converted using a hashing algorithm. The hash value is shorter and fixed in length allowing for faster indexing when used in databases. In digital signatures, hashes of a message are compared to validate that the original message was not tampered with.

Machine-to-machine (M2M)

Machine-to-machine, also known as M2M, refers to technologies that enable wireless or wired communication between mechanical or electronic devices. Machine to machine allows networked devices to exchange information and perform tasks without the need of human interaction, but humans may maintain, reconfigure, or access data from M2M technology. In machine to machine communication, devices(sensors or meters) are used to capture an event(data such as electricity usage) and relying it through a network to an application(software) which captures the event into meaningful information(for example, improve energy efficiency). M2M technology is used in many machines we interact with on a daily basis including city infrastructure, remote patient monitoring and security systems.  M2M communication can be used, for example, to efficiently monitor your house’s electricity meter, monitor a patient’s health remotely, or even help you create a shopping list based on what is in your refrigerator.  The potential applications of M2M will increase as wireless sensors, networks and computers improve.

Malware

Malware is a term used to describe malicious software such as worms, viruses, backdoors, trojans and rootkits which are created by an attacker to either collect data or disrupt the flow of information, sometimes disabling a users computer altogether. Malware that steals data is a major issue when it comes to authentication and has been a large part of recent data breaches since many factors of authentication are transmitted to and from our computers.

Man-in-the-Middle Attacks (MITM)

Man-in-the-middle attacks are just what they sound like, an attacker places themselves between a sender and receiver intercepting information, changing the information along the way or using it to access confidential data. Man-in-the-middle attacks can take place without a user ever knowing, malware can be utilized to gain access to the device and eventually stolen information is used to access more sensitive data such as bank records.

See DynaPass Two-Factor Authentication

Phishing Attacks

In internet security phishing refers to a cyber attack where criminals identify themselves fraudulently as a company you do business with through emails, on websites or even through hacked software. An attacker will illegally brand their website or correspondence, possibly with a large corporations branding, and solicit information that can be used during an authentication process. Phishing is a play on the word fishing because hackers are baiting the victim into divulging confidential information which could be used for data breaches. Due to phishing attacks companies will add a warning to any information sent to customers or during login which disclaims anyone from or associated with the business asking for private data.

See DynaPass Two-Factor Authentication

Short Message Service (SMS)

Widely accepted across the world an SMS text message is a form of communication through a PC, phone or mobile device where a short text message can be delivered using standardized communication protocols. Short Message Services are also used during some multi-factor and two-factor authentication processes as an out-of-band authentication method known as “something you have”. Something you have refers to the device used to receive a one-time password transmission after traditional login.

See DynaPass Two-Factor Authentication

Smartphone

Mobile phones with more advanced computing platforms are known as smartphones. Smartphones typically run applications with more functionality than traditional mobile phones as well as offering higher resolutions, touch screens and web browsing capabilities. Some authentication methods utilize smartphone technology for transmission of a one-time password through mobile applications.

See DynaPass Two-Factor Authentication