Innovative Digital Solutions for SMBs
Glossary of terms and definitions for IT (Information Technology), the Internet and cyber security.
This glossary provides more than 480 clear and concise definitions of commonly used terms in the fields of information technology, the internet, and cyber security. It is designed to support users of all levels in understanding key concepts, technical jargon, and acronyms frequently encountered across digital platforms and security-related discussions. Whether you are a business owner, student, professional, or simply interested in the digital landscape, this resource aims to enhance your knowledge and confidence in navigating the ever-evolving world of technology.
The process of verifying the identity of a user, system, or device, typically using credentials such as passwords, biometrics, or security tokens, to grant access to secure systems or information.
Example: Logging into your email by entering a username and a password.
See also: Credentials, 2FA, MFA
A security measure requiring two distinct forms of verification before granting access to a system or account. (Also known as: Two-Step Verification)
Example: When logging into an email account, you enter your password and then input a verification code sent to your email.
See also: MFA, Authentication
An email authentication protocol that uses SPF and DKIM to verify an email's authenticity and provides domain owners with reporting capabilities to monitor and enforce email authentication policies.
Example: A company implements a DMARC policy to instruct recipient servers to reject any emails that fail SPF or DKIM checks.
A security method that requires users to provide two or more verification factors to access an account or system.
Example: Logging into your banking app by entering your username and password and then confirming a code sent to your mobile phone.
See also: 2FA, Authentication
A set of mechanisms and policies designed to restrict unauthorised users from accessing systems, networks, or data. Access control typically involves authentication (verifying identity) and authorisation (granting permissions).
Example: In an office, employees may need to use a swipe card (authentication) to enter certain areas, and only managers may have permission (authorisation) to access sensitive files.
A hidden method within software, hardware, or a system that allows someone to bypass normal authentication or security controls. Backdoors can be intentionally coded by developers for maintenance purposes or maliciously created by attackers to gain unauthorised access.
Example: A software developer includes a backdoor for troubleshooting, while a hacker might install a backdoor in a compromised server to maintain covert access.
A set of measures designed to protect data, applications, and services hosted in cloud environments.
Example: Encrypting data stored in Google Drive and using multi-factor authentication to access your cloud account.
The authentication information used to verify a user's identity, typically consisting of a username and password, and sometimes additional factors.
Example: Accessing the university's student portal requires entering valid credentials, including a student ID and password.
The regular practices and habits that individuals and organisations follow to maintain security and protect against cyber threats.
Example: Regularly updating software, using strong passwords, and enabling multi-factor authentication are good cyber hygiene practices.
The practice of protecting systems, networks, and digital data from unauthorised access, attacks, or damage. Cyber security includes measures such as firewalls, encryption, authentication, and user education to defend against threats like malware and hacking.
Example: The company implemented new cyber security protocols after a phishing incident.
An email authentication method that uses cryptographic signatures to verify that an email was sent from an authorised mail server and that its content has not been tampered with during transit.
Example: An outgoing email is digitally signed with DKIM, and the recipient's mail server verifies the signature to confirm its authenticity.
A network authentication protocol that uses tickets to allow secure communication over an insecure network.
Example: Employees in a company network use Kerberos to securely access shared resources without repeatedly entering passwords.
Measures taken to protect mobile devices from threats like malware, data theft, and unauthorised access.
Example: Using device encryption, biometric authentication, and remote wipe features to secure smartphones.
A unique identifier issued to a user during a session to maintain authentication and track activity.
Example: When you log into a website, a session token keeps you logged in until you sign out.
An email authentication protocol that allows domain owners to specify which mail servers are authorised to send emails on behalf of their domain. It helps prevent email spoofing and phishing.
Example: A company sets up an SPF record in its DNS to specify that only its official mail servers can send emails using its domain.
A type of attack where malicious SQL code is inserted into a database query to manipulate or steal data.
Example: An attacker enters specially crafted input into a website's login field to bypass authentication and access the database.
Tailgating (also known as piggybacking) is a physical security breach where an unauthorised person follows an authorised person into a restricted area without proper authentication.
Example: An attacker carrying a box pretends to be a delivery person and waits near a secure office entrance. When an employee enters using their access card, the attacker walks in behind them without swiping a card, gaining unauthorised access to the building.
TLS (Transport Layer Security) = A cryptographic protocol designed to provide secure and encrypted communication between two systems over a network. TLS ensures data confidentiality, integrity, and authentication during transmission, protecting it from interception, tampering, or forgery. TLS is the successor to SSL (Secure Sockets Layer) and offers improved security, stronger encryption algorithms, and better performance. It is widely used to secure web traffic (HTTPS), email communications, file transfers, instant messaging, and other network-based services.
Example: Websites with HTTPS use TLS to protect data during transactions, such as online banking or shopping.
See also: SSL
Protective measures to secure wireless networks, such as encryption, passwords, and authentication protocols.
Example: Enabling WPA3 encryption on your home Wi-Fi network to prevent unauthorised access.