Have you ever noticed the way cyber-security terms can pile up in the middle of a sentence, like a multi-car accident?
Each individual term may not be that opaque on its own, but when they are mashed up together, you just want to take a mental detour around the smashup.
Example: a “botnet-fueled denial of service attack.”
It turns out that a glossary is just the right tool for untangling these pileups.
I discovered this after going through the 500+ terms in the Security vocabulary that has recently been added to the Acquia Glossary. The Acquia Glossary, you may remember from an earlier post, is an in-house, updated collection of relevant technology terms that all employees can easily reference via Slack. Last time, I looked at Digital Experience terms. This time: Security.
The Acquia Glossary security content is owned and provided by the Acquia Information Security & Compliance team. This is helpful for everyone -- employees, partners and customers -- because you can use it to find the official definition of virtually any security term you encounter in Acquia policy/procedure documents, security awareness and training materials, customer conversations, pre-sales questionnaires or when working across teams.
So in the example I cited at the beginning of this post, Acquians just have to Slack, “/glossary” followed by the terms “denial of service” and “botnet.”
Then you get:
Botnet = A large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.
and
Denial of service = The prevention of authorized access to a system resource or the delaying of system operations and functions.
Security-related glossary content also works for words you think you know what a phrase means as you speed-reading through a document, but then your confidence starts to wane when you have to dig deeper or need to include a highly-technical security concept in a presentation. Suddenly your brain begins fogging up, and the difference between “audit,” “authentication” and “authorization” start to blend together.
BTW:
- Audit is the process by which a subject area is independently reviewed and reported on by one or more competent auditors on behalf of stakeholders
- Authentication is the process of confirming the correctness of the claimed identity.
- Authorization is the approval, permission or empowerment for someone or something to do something.