Glossary


  • What is ISO 27001?

    Learn all about ISO 27001 and how its certification can improve your organization's reputation and instill confidence in its security practices through demonstrating strong security posture to external stakeholders, such as customers, partners, and regulators.

    Learn more
  • What is GLBA?

    The Gramm-Leach-Bliley Act (GLBA) is a US federal law that, when enforced, ensures customers' information privacy and security. Complying with GLBA's requirements, financial institutions can minimize security risk, while also enhancing customer trust and confidence.

    Learn more
  • What are Time-Based Access Controls?

    Time-based access controls restrict access to critical infrastructure which increases security posture through reducing attack surface area. Learn more about time-based access controls and their importance here.

    Learn more
  • What is NIST?

    The National Institute of Standards and Technology (NIST) plays a crucial role in cyber and information security, but what exactly is it and what role does it play? Learn all about NIST and how following NIST guidelines is a security best practice here.

    Learn more
  • What is Temporary Elevated Access?

    Temporary elevated access refers to granting users temporary privileges outside the standard access scope. It is a security best practice, enabling organizations to enhance security, maintain compliance, and minimize risks.

    Learn more
  • What is FedRAMP?

    FedRAMP framework is a government program that provides a standardized approach for assessing, authorizing, and monitoring the security of cloud service providers (CSPs) used by federal agencies. But how can I get the certification and why should I care? Learn all about FedRAMP and its importance here.

    Learn more
  • Why Migrate from Birthright to Just-in-Time (JIT) Access?

    Birthright access is a common place, but unsafe, security practice and because of this more and more companies are shifting left and migrating to Just-in-Time access. But what are the differences and how can I start to change? Learn why JIT access is a security best practice here.

    Learn more
  • What is HITRUST?

    HITRUST is a certification framework for managing and protecting sensitive healthcare information and is a security and compliance best practice for the healthcare industry. Learn more about the benefits of HITRUST here.

    Learn more
  • What is IAM?

    Identity and Access Management (IAM) is a security best practice that increases security posture through defining and enforcing access controls. Learn more about the benefits of IAM here.

    Learn more
  • What is PAM?

    PAM (privilege access management) is a security best practice that helps organizations protect their sensitive data and critical systems by controlling access to privileged accounts. Learn more about PAM and why they can help improve your security posture.

    Learn more
  • What is Birthright Access?

    Birthright access is a common place practice that has the ability to open the door to security breaches and other malicious activity. Learn more about how to decrease birthright access while increasing your security posture.

    Learn more
  • What is the Difference Between Identity Governance and SaaS Security Posture Management?

    Identity Governance and SSPM are two related but distinct concepts within the field of information security. Learn more about how they are similar and different here.

    Learn more
  • What is SAML vs SCIM?

    SAML and SCIM are both best practice security protocols that help to ensure the safety of users and systems that contain the most sensitive information. Learn more about the differences between SAML and SCIM here.

    Learn more
  • What is the Difference Between SOX and SOC Compliance?

    SOX and SOC 2 compliance initiatives are similar, yet very distinctly different aspects of access control regulations. Learn more about each specifically and the differences between the two here.

    Learn more
  • What is Provisioning and Deprovisioning?

    Provisioning and deprovisioning are essential to increasing your security posture and the safety of your more sensitive information. Learn more about the differences between the two in our newest glossary article.

    Learn more
  • What are Orphaned Accounts?

    Orphaned accounts pose a significant security risk for both individuals and organizations as they are easily targeted by attackers. Learn more about how orphaned accounts occur and how to manage them to increase your security posture here.

    Learn more
  • What is Authentication vs. Authorization?

    Authentication and authorization are commonly used and. more commonly confused terms for cloud forward companies. Learn about the similarities and differences of authorization and authentication here!

    Learn more
  • What is Zero Standing Privilege?

    The practice of zero standing privilege can reduce the risk of security breaches and help keep sensitive resources and data safe. Learn more about how reducing and managing standing privilege can improve your security posture.

    Learn more
  • What are Access Requests?

    Access requests play a key role in achieving security objectives and in the safety of sensitive data. Learn more about how access requests can keep you more secure through the prevention of unwanted users gaining access.

    Learn more
  • What are Access Controls?

    Access controls are an essential part of security through the management of the information spread throughout an organization's numerous apps and systems. Learn more about the types of access controls and the importance of its implementation.

    Learn more
  • What is Zero Trust?

    Learn more about the importance of zero trust as a security framework to ensure the security of your most sensitive information and resources.

    Learn more
  • What is Identity Security?

    Identity security refers to the visibility, controls, and management for the purpose of security. The implementation of identity security strategies is crucial for information and access safety because of the increasing amounts of security breaches.

    Learn more
  • What are User Access Reviews?

    User access reviews (UARs) are a security and compliance tool used to enhance security through assessing privilege. Learn how they can prevent security breaches and ensure that users retain the appropriate levels of access.

    Learn more
  • What is Just in Time Access (JIT)?

    Just-in-time (JIT) access is a security practice for granting access to applications or systems. Learn about what JIT access is, examples of the different types, and the benefits.

    Learn more
  • Understanding Entitlements

    An entitlement is what a user can do within an app, whether it is a permission, a role, a setting or an admin, all depending on the app’s definition. But most simply put, it is the ability for a user to do something. The user can be entitled to view, edit or delete data.

    Learn more
  • Least Privilege Access vs. Zero Trust

    Least privilege principles and zero trust are two cybersecurity frameworks that focus on how to get the strongest security without hindering workforce productivity.

    Learn more
  • Identity Management vs. Identity Security

    Organizations are struggling to manage all the identities attached to their infrastructure. See how deploying IAM and investing in identity security tools can help.

    Learn more
  • How companies are staying compliant with periodic access reviews

    A user access review is a periodic audit of access rights to verify that users and accounts have proper authorization to access networks and applications.

    Learn more
  • What is Identity Governance?

    Identity governance is the policy-based orchestration between identity management and access control. It ensures that identities are properly and securely connected to IT resources.

    Learn more
  • What is least privilege?

    Least privilege is an approach to security where users have access only to what they require. It’s about giving people the right tools to do their jobs without compromising other people or systems.

    Learn more

Stay in touch

The best way to keep up with identity security tips, guides, and industry best practices.