- Access Server A server that controls access to a network and its resources, often by providing authentication, authorization, and accounting services. It can serve as a point of entry into a network, handling connection requests from users and deciding whether to grant or deny access based on predefined policies. By centralizing access control, an access server enhances security, simplifies management, and provides a foundation for auditing and monitoring user activities.
- Access Type The kind of operations that a user or role can perform on a resource within a system. Common access types include read (viewing data), write (modifying data), execute (running a program or script), and delete (removing data). Defining access types is a critical part of access control, as it helps maintain data integrity, prevent unauthorized actions, and ensure that users have the necessary permissions to perform their tasks.
- Accountability The principle that individuals are held responsible for their actions within a system. In the context of a system, this involves tracking and recording user activities, often through auditing and logging mechanisms, so that actions can be traced back to the individual users who performed them. Accountability helps deter malicious activities, aids in incident response and forensic analysis, and ensures that users follow policies and procedures.
- Accountability of Governance This principle emphasizes that those in governing roles bear responsibility for the decisions and actions within their purview. In the context of a system or network, it means that management is responsible for the establishment, implementation, and effectiveness of security policies and procedures. This accountability ensures that governance roles prioritize system integrity, data protection, and adherence to regulatory standards.
- Accountable Party The individual or entity that is ultimately responsible for ensuring that activities involving sensitive information, security processes, or risk management practices are carried out properly and in line with organizational policies and standards. The accountable party is answerable for the outcomes of the decisions made, including the implementation of controls and mitigation of risks, and is typically a senior executive or manager who has the authority to commit resources and enforce actions. This role involves oversight and governance and is distinct from the roles of individuals who may be responsible for performing the day-to-day tasks associated with these activities.
- Account access review The process of regularly reviewing and assessing the access granted to user accounts on a system or network. It is used to ensure that access is appropriate and in line with the user's current roles and responsibilities and to identify and remove any unnecessary or unused access. Examples of account access reviews include reviewing access to shared resources, such as files and databases, and assessing the need for access to specific applications or systems.
- Account Lockout A security measure that automatically locks an account after a certain number of failed login attempts. It is used to prevent unauthorized access to an account and is commonly found in password policies. Examples - A user tries to log in to their email account and enters the wrong password 5 times, causing the account to be locked. An employee attempts to access a secure database but forgets their password, resulting in their account being locked after 3 failed attempts.
- Account management The process of creating, maintaining, and managing user accounts on a system or network. It is used to ensure that only authorized users have access to the system and that access is granted and revoked in a controlled and secure manner. Examples of account management include setting up new user accounts, modifying existing accounts, and disabling accounts when necessary.
- Account Policy Enforcement The implementation and enforcement of rules and procedures that govern how user accounts are managed within a system. This includes policies on password complexity, account lockouts, session timeouts, and user access rights. Enforcing account policies helps maintain system security, protect user data, prevent unauthorized access, and ensure regulatory compliance.
- Accreditation The official recognition that a system, product, or individual meets specified requirements or standards. For a system or product, this might involve a thorough assessment of its security features, performance, and reliability. For an individual, it could mean they have demonstrated a certain level of expertise or competence. Accreditation enhances trustworthiness, promotes quality and Consistency, and provides a benchmark for comparison.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.