Demystifying Security Term Confusion

Security terms can often cause head scratching confusion. From acronyms to convoluted marketing and technical jargon, security terminology is among the most difficult to decipher.

Daniel Humphries, researcher for Software Advice, a company that reviews and researches IT security solutions, says, “The IT security world can be a pretty intimidating place for the uninitiated. There are lots of different products, there’s lots of overlap, and different vendors might use different terms to describe things that are broadly similar.”

He has recently developed a detailed series, Buzzword Babylon, to help explain some of the more baffling IT security terms. To help, he recently turned to Netwrix’s Michael Fimin to define the terms Identity Access Management (IAM) and Threat Intelligence. Here were the descriptions:

Identity Access Management (IAM): IAM can be explained as, “The right access at the right time.” In other words, it’s essential to control who has access to what in an organization based on their roles, and to be able to provide (or revoke) that access as soon as they need it. For example, granting access when an employee joins a company or gets transferred to another department, and terminating it as soon as that person leaves the company.”

Threat Intelligence: Threat intelligence is a combination of products and services that allow users to analyze different sources of data and determine events that could lead to a security breach (or analyze an event that has already happened). In order to achieve the goals of Threat Intelligence, you may have to buy software products and pay for services (e.g. hire a consultant or managed service provider) to do the job.

“I decided to seek out some experts who could demystify some of these terms,” said Humphries. “After all, if even large enterprises with dedicated security departments can crash and burn (and we all know they can), then any extra help businesses can get when it comes to navigating the labyrinth of IT security is invaluable.”

“As we’ve seen with this year’s high profile breaches, and now the Heartbleed virus, pretty much anybody who does anything on the Internet needs to know something about security… and businesses all the more so because a slip-up can be catastrophic for the bottom line, for people’s jobs and for a firm’s future.”

Watch Daniel Humphries’ column on Software Advice to see additional security terms explained as he helps us all cut through the jargon to reveal the true meaning of common security terms.