Ability to use, modify, view, or otherwise manipulate information on a system
Access Control
Access control is the means by which the ability to use, create, modify, view, etc., is explicitly enabled or restricted in some way (usually through physical and system-based controls).
Account
The combination of user name and password that provides an individual, group, or service with access to a computer system or computer network.
Active Directory
Microsoft's Active Directory is part of the Windows network architecture and is used for managing permissions and user access to network resources. At CU, we use an IdentiKey. An IdentiKey consists of a CU login name and an IdentiKey password. An IdentiKey gives you access to:
Buff Portal and MyCUInfo, the student, faculty and staff portals
CUConnect, the legacy portal that still contains some tools and features
Email services like Gmail and Microsoft Exchange
Computers in OIT computing labs
UCB Wireless network
Canvas
SkillSoft computer based training
Managed with IdentiKey Manager
Administrative/ Special Access Account
Privileged account that impacts access to an information system or that allows circumvention of controls in order to administer the information system.
Anti-malware software
Any software package that detects and/or removes malicious code. This can include anti-virus software and spyware protection.
Arbitration
The hearing and determining of a dispute or the settling of differences between parties by a person or persons chosen or agreed to by them.
Augmented Reality (AR)
Augmented reality (AR) is the real-time use of information in the form of text, graphics, audio and other virtual enhancements
integrated with real-world objects and presented using a head-mounted-type display or projected graphics overlays. It is this "real
world" element that differentiates AR from virtual reality. AR aims to enhance users' interaction with the environment, rather than
separating them from it.
Authentication
The process of confirming a claimed identity. All forms of authentication are based on something you know, something you have, or something you are.
Authorization
The act of granting permission for someone or something to conduct an act. Even when identity and authentication have indicated who someone is, authorization may be needed to establish what actions are permitted.
Availability
The requirement that an asset or resource be accessible to authorized persons, entities, or devices.
BAA
A BAA is a Business Associate Agreement. The HIPAA regulations call it a Business Associate Contract.
BAAs satisfy HIPAA regulations, and create a bond of liability that binds two parties.
Backup
Copy of files and applications made to avoid loss of data and facilitate recovery in the event of a system failure.
Bandwidth
Bandwidth is the amount of data that can be transferred over a network in a specified amount of time. Limited bandwidth may disrupt the smooth transmission of data, causing files to transfer more slowly and potentially disrupting the smooth playing of videos or the loading of web pages.
Biometrics
Methods for differentiating humans based upon one or more intrinsic physical or behavioral traits such as fingerprints or facial geometry.
Biometric authentication
Using biometrics to verify or authenticate the identity of a person.
Bots
Microservices or apps that can operate on other bots, apps or services in response to event triggers or user requests. They may
invoke other services or applications, often emulating a user or app, or using an API to achieve the same effect. These requests can
be initiated via conversational UIs or in response to a change in the state of a back-end application or database. Bots automate tasks
based on predefined rules or via more sophisticated algorithms, which may involve machine learning.
Business continuity plan (BCP)
The documentation of a predetermined set of instructions or procedures that describe how an organization’s critical business functions will be sustained during and after a significant disruption.
Centralized Storage
Storage on a central server made available over a network to users.
Change
Any implementation of new functionality, interruption of service, repair of existing functionality, and/or removal of existing functionality to an information system.
Change Management
The process of controlling modifications to hardware, software, firmware, and documentation to ensure that information systems are protected against improper modification before, during, and after system implementation.
Choice of Law
The MSA identifies the place where a legal resolution will occur. This could include arbitration or a specific state or federal court.
CIO
A Chief Information Officer (CIO) is the company executive responsible for the management and implementation of information and computer technologies.
CISO
Chief Information Security Officer: The person in charge of all staff members who are responsible for promulgating, enforcing and administering information security policies for all systems within an enterprise or division.
Click-Through Agreement
An on-line agreement that requires an individual to accept the supplier’s terms and conditions by clicking ok prior to proceeding into the site. Also known as a Clickwrap.
Cloud
"The cloud" refers to servers that are accessed over the internet, and the software and databases that run on those servers. Cloud servers are located in data centers all over the world.
Cloud Application Discovery
Cloud application discovery (CAD) refers to tools for security, compliance and I&O professionals, providing visibility into enterprise
activity associated with the use of public cloud applications. It provides information on application name and type, and usage by
individual and department, ideally including a mechanism for risk prioritization.
Cloud ERP
Off-premises-based, subscription-licensed ERP solution. It does not include remote hosting, where ownership remains with the
customer. Cloud ERP for manufacturing includes operational ERP and optionally administrative ERP, which normally includes human
capital management, financials and procurement.
Cloud Management Platforms
Tools that enable organizations to manage private, public cloud and multi-cloud services and resources. Their specific functionality
addresses three key management layers: access management, service management and service optimization. Management services
include accessing/requesting cloud services, and provisioning and managing them to defined SLAs. Optimization supports the
orchestration and automation of cloud services, as well as the underlying infrastructure resources, in accordance with defined
policies.
Cloud-Based AI as a Service (AIaaS)
Artificial intelligence (AI) developer toolkits are applications and software development kits (SDKs) that abstract data science
platforms, frameworks and analytic libraries to enable software engineers to deliver AI-enabled applications. They cover four maturing
categories: cloud-based AI as a service (AIaaS); toolkits for virtual assistants (e.g., Apple Siri, Amazon Alexa and Google Assistant),
device development kits; and AI serving SDKs.
Cloud-Based Grid Computing
Cloud-based grid computing involves using computers in a public cloud service or a hybrid of public cloud and internally owned
computers, to collectively accomplish large tasks, such as derivative risk analysis, candidate drug screening and complex simulations.
We do not include grids that use private cloud or traditional in-house servers only, which we instead cover as “grid computing not
using public cloud computers.”
Cloud Migration Tools
Tools that support the packaging and movement of production or disaster recovery workloads between on-premises infrastructure and
public cloud facilities, as well as between public cloud services.
Confidentiality
The parties both agree they won't share any secrets of the University with outside parties.
Confidential Information
Information maintained by the University that is exempt from disclosure under the provisions of the Public Records Act or other applicable state and federal laws. The controlling factor for confidential information is dissemination.
Configuration Auditing Tools
Tools that provide change detection and configuration assessment across servers, applications, databases and networking devices,
across internal and public cloud infrastructure. Company-specific policies or industry-recognized security configuration assessment
templates (for example, NIST) maintain the fidelity of the system for auditing, hardening or improved availability.
Container Management Software
Container management software supports the management and orchestration of containers. This category of software includes
container runtimes, container orchestration, job scheduling, resource management and other container management capabilities.
Container management software is typically DevOps-oriented and depends on the use of a particular OS container technology or
specific container runtime.
Container Networking
Container networking software provides internal and external connectivity (e.g., routing and switching) for containers located in one or
more containerized hosts. The software may provide policy, multitenancy and service registration. There are two primary ways to
handle containers on a network: treat the container as a connected host or create an abstraction (which is typically accomplished via
an overlay network). This typically works via controlling embedded bridges, switches or routers, or by allowing direct network access.
Content Collaboration Platforms
Solutions that provide file sync and share as the core capability. They are enhanced with collaboration and content management
functions. Integration with cloud productivity and collaboration suites (e.g., Microsoft Office 365, G Suite) is common. Some solutions
also have native capabilities for collaborative content editing, such as Box Notes and Dropbox Paper.
Content Management
Content Management is the ability to manage unstructured information in an organization, wherever the information is found. CM technologies are applied to traditional content, such as office documents and printed graphics, as well as web pages, email, and rich media.
Control
Method used to reduce the probability of occurrence or the negative impact of the realization of a risk.
CRM
Customer Relationship Management: An integrated information system that is used to plan, schedule and control the presales and post sales activities in an organization.
Crowd Sourcing Service
Crowd sourcing marketplace that allows individuals to complete micro-tasks on-line for small amounts of money.
CTO
Chief Technology Officer: The executive responsible for the technical direction of an organization.
CU Marketplace
Our eProcurement system, CU Marketplace, is a purchasing and payment processing system that enables online shopping, including CU-specific catalogs.
Data Governance
Data governance is an umbrella term for a formal and systematic approach to maintaining high quality data within an organization. It includes data validation and cleansing as well as authorization, privacy and security issues.
Data Loss Prevention
Prevention of unnecessary exposure of protected information.
Data Mining
Exploring and analyzing detailed business transactions; uncovering patterns and relationships contained within the business activity and history.
Data Security
Protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach.
Data Standards
Standards that provide consistent meaning to data shared among different information systems, programs, and agencies throughout a product's life cycle.
DBA
Database Administrator: A person responsible for the physical design and management of the database and for the evaluation, selection, and implementation of the DBMS.
Delivery Requirements
The businesses decide who will deliver what and when.
DFS
Desktop and Field Services.
Digital Certificate
An electronic document which uses a digital signature to bind specially derived numerical information with an identity - such as the name of a person or an organization. Most often encountered on web sites using encryption (SSL/https).
Digital Signage
Digital signage is using electronic signs to advertise products or information. Digital signage includes various types of flat-panel display technologies to target audiences in different areas across the campus, such as the Student Union and the Library.
Digital Signature
Method of adding specially derived numerical information to a file or message (most often used as part of a digital certificate infrastructure).
Disaster Recovery
A plan for duplicating computer operations after a catastrophe occurs, such as a fire or earthquake. It includes routine off-site backup as well as a procedure for activating vital information systems in a new location.
Disaster Recovery-as-a-Service (DRaaS)
A cloud-based recovery service in which the service provider is responsible for managing virtual machine (VM) replication, VM
activation and recovery exercise orchestration. Increasingly, in addition to service offerings that just recover virtual machines, a
growing number of service providers are now offering managed hosting services for hybrid recovery configurations that are composed
of both physical and virtual servers.
Disclosure
The act, intentional or otherwise, of revealing information that is otherwise held as confidential or protected.
Dispute Resolution
Should issues come up, the MSA outlines how the parties will resolve their conflict.
DNS
The Domain Name System (DNS) is a naming system for computers, services, or other resources connected to a network that associates a name with an IP address.
Document Management
Document management involves the capture (imaging) and management of documents within an organization. The term originally implied only the management of documents after they were scanned into the computer. Subsequently, it became an umbrella term that embraces document imaging, workflow, text retrieval, and access to multimedia artifacts.
Document Management System (DMS)
Document Management System software manages documents for electronic publishing. It generally supports a large variety of document formats and provides extensive access control and searching capabilities across local and wide-area networks. A document management system may support multiple versions of a document and may be able to combine text fragments written by different authors. It often includes a workflow component that routes documents to the appropriate individuals.
DQ (Documented Quote)
An informal process for obtaining pricing and delivery information on goods costing more than $10,000, or on services costing more than $50,000. Detailed specifications are given. Price, items offered, and delivery dates are supplied by the supplier. Evaluations are made against specifications. Determination of award is based on the quote offering the best value to the University with price as a consideration.
Electronic Information, Communication, and Technology (EICT)
Includes information technology and any equipment or interconnected system or subsystem of equipment used to create, convert, duplicate, or deliver data or information.
E-learning
Electronic-Learning: An umbrella term for providing computer instruction (courseware) online over the public Internet, private distance learning networks, or in-house via an intranet.
Electronic Workflow
Electronic workflow is the automatic routing of documents to the individuals responsible for working on them. Workflow systems provide the information required to support each step of a business cycle. The documents may be physically moved over the network or maintained in a single database with the appropriate individuals given access to the data at the required times. Triggers can be implemented in the system to alert managers when operations are overdue.
Encrypted Data
Data rendered unreadable to anyone without the appropriate cryptographic key and algorithm.
Encryption
Process of numerically changing data to enhance confidentiality. Data is obscured using a specific algorithm and key both of which are required to interpret the encrypted data.
Endpoint Detection and Response (EDR)
Solutions that have the following four primary capabilities: 1) Detect security incidents. This is done typically via monitoring of
endpoint activities and objects, via monitoring of policy violations, or by validating externally fed indicators of compromise (IOCs). 2)
Investigate security incidents. The investigate function should include a historical timeline of all primary endpoint events to determine
both the technical changes that occurred (such as file, registry, network, driver and execution activities) and the business effect (that
is, traversal, privilege escalation, spread, exfiltration, geolocation of command and control [C&C], and adversary attribution, if
possible). 3) Contain the incident at the endpoint, such that network traffic or process execution can be remotely controlled. 4)
Remediate endpoints to a pre-infection state. Ideally, solutions will remove malicious files, roll back and repair other changes.
End User
A person given authorization to access information on a system.
Enterprise
The term enterprise is used when referring to the entirety of the University organization.
Enterprise License Agreement
Eneterprise licensing agreements (ELA) are contractual agreements that align vendor and customer incentives to provide select software at discounted, fixed pricing over a period of time.
Enterprise Software
Software used in an organization as opposed to software used by individuals or departments.
E-portfolio
Electronic Portfolio: A collection of electronic evidence assembled and managed by a user, usually on the Web.
ERP
Enterprise Resource Planning: An integrated information system that serves all departments within an enterprise. Evolving out of the manufacturing industry, ERP implies the use of packaged software rather than proprietary software written by or for one customer.
Exposure
State during which a system’s controls do not adequately reduce risk that the information could be stolen or exploited by an unauthorized person.
FERPA
Family Educational Rights and Privacy Act. FERPA prohibits a school from disclosing personally identifiable information from students' education records without the consent of a parent or eligible student.
Fiber Optic Network
A method of transmitting information from one place to another by sending pulses of light through a series of optical fiber cables.
Firewall
An access control mechanism that acts as a barrier between two or more segments of a computer network or overall client/server architecture, used to protect internal networks or network segments from unauthorized users or processes. Such devices include hardware that is placed in the network to create separate security zones, provide NAT, and create a point of access control.
FTE
Full Time Equivalent: Number of working hours that represents one full-time employee during a fixed period of time.
Geographic locations
Both groups agree on where the employees will do the job.
Goods
Anything purchased other than services or real property.
Help Desk
A source of technical support for hardware or software. Help desks are staffed by people who can either solve the problem directly or forward the problem to someone else. Help desk software provides the means to log in problems and track them until solved.
HIPAA
Health Insurance Portability and Accountability Act, a US law designed to provide privacy standards to protect patients' medical records and other health information provided to health plans, doctors, hospitals and other health care providers.
Homegrown
Software developed by the institution to meet specific needs usually because no suitable commercial package is available.
HRMS
Human Resources Management System
IFB (Invitation for Bid)
A formal process for obtaining pricing and delivery information on goods or services costing more than $500,000. Detailed specifications are given. Price, items offered, and delivery dates are supplied by the supplier. Evaluations are made against specifications. Determination of award is based on the bid offering the lowest price to the University while meeting the specifications.
Incident
Any set of circumstances in which the anticipated and configured delivery of a service is interrupted, delayed, or otherwise unavailable.
Incident Management
Process of returning service as quickly and effectively as possible.
Identity Management
Identity management is management of an individual’s identity. Within the enterprise, an identity management system is made up of a system of directories and access control based on established policies. It includes the maintenance of the system (i.e., adds, changes, deletes) and generally offers single sign-on so that an individual only has to log in once to gain access to multiple resources.
Indemnification
Indemnification is the buyer's remedy for a breach of any promises made in the purchase agreement or losses incurred relating to specific liabilities outlined in the purchase agreement. Indemnification allocates the risk of various post-closing losses between buyer and seller.
Information Resources Manager (IRM)
Authorized and accountable to the State of Colorado for management of the university’s information systems to implement security policies, procedures, and guidelines to protect the information systems of the university. The Associate Vice President of Information Technology/CIO is designated as the university’s IRM.
Information Security
Protecting information so that it can only be seen, changed, deleted or copied by an authorized person and only in ways and to places authorized to contain it.
Information Technology Procurement
All technology resources and related services owned, used, or operated by the University, regardless of the source of funding, location or intended purpose.
In-house
Solutions developed by the organization in which they are used.
Integration Platform as a Service (iPaaS)
A cloud service that supports application, data and process integration projects, usually involving a combination of cloud services (i.e.,
cloud-based applications or APIs), mobile and on-premises systems. iPaaS delivers a mix of capabilities typically found in ESBs, data
integration tools, B2B gateways and, increasingly, API management platforms. IT departments and lines of business leverage these
capabilities to develop, manage and execute integration processes.
Integrity
The accuracy and completeness of information and assets and the authenticity of transactions.
Intellectual property rights
The parties decide how to handle ownership and regulation of all patents and other IPs. The client will get all the IP in some instances. In others, the vendor provides perpetual rights while keeping his or her IP and patents.
Intrusion Detection System (IDS)
Hardware or a software application that can be installed on network devices or host operating systems to monitor network traffic and host log entries for signs of known and likely methods of intruder activity and attacks. Suspicious activities trigger administrator alarms and other configurable responses.
IoT Platform
An Internet of Things (IoT) platform is software that facilitates operations involving IoT endpoints and enterprise resources such as
analytics, cloud services and so forth.
IT
Information Technology: Processing information by computer, which encompasses "information management" and "computer science"
IT Compliance
Assessment of third party supplier applications and cloud services security for server applications facing the internet, or services provided by a supplier that will have access to University confidential data (HIPAA, FERPA, and PCI data), and ADA review (Boulder).
IT Financial Management Tools
IT-owned and managed financial tools that provide IT leaders with multiple views of IT cost data and analytics to support strategic
decision making, financial planning, budget justification, chargeback/show back, performance analytics, benchmarking, and
measurement capabilities.
IT Service Catalog
A list of IT services that an organization provides its employees or customers.
IT Workload Automation
Workload automation tools manage and automate the scheduling and movement of workloads and infrastructure tasks — within and
between applications, and across mainframes, and distributed, virtual and cloud environments. In addition, they manage mixed
workloads based on policies in which resources are assigned, or deassigned, in an automated fashion to meet service-level
objectives.
LAN
Local Area Network: A communications network that is typically confined to a building or premises
Limitations of Liability
The MSA lists who is the responsible party in the event of a lawsuit.
LMS
Learning Management System: An information system that administers instructor-led and e-learning courses and keeps track of student progress.
Local Storage
Storage that is physically local to the workstation or server.
MB
Megabyte: Approximately one million bytes (1,048,576 bytes)
Mb
Megabit: 131,072 bytes
mbps
Megabits per Second: One million bits per second. Mbps is a measurement of peripheral data transfer or network transmission speed.
Mission Critical Information System
Information system defined to be essential to the university’s function and which, if made unavailable, will inflict substantial harm to the university and the university’s ability to meet its instructional, research, patient care, or public service missions. Mission critical information systems include those systems containing sensitive information.
Mobile Application
A software application that runs in a smartphone, tablet, or other portable device.
MSA (Master Service Agreement)
The goal of a master service agreement is to make the contract process faster. It also should make future contract agreements simplier. It spells out: confidentiality, delivery requirements, dispute resolution, geographic locations, intellectual property rights, limitations of liability, payment terms, venue of law, warranties, & work standards.
NDA
A non-disclosure agreement is a legally binding contract that establishes a confidential relationship. The party or parties signing the agreement agree that sensitive information they may obtain will not be made available to any others. An NDA may also be referred to as a confidentiality agreement.
NDE
Network Development and Engineering.
Network
All associated equipment and media creating electronic transmission between any information system(s), such as wired, optical, wireless, IP, synchronous serial, telephony.
Network Connectivity
The measurement of a physical and logical connection of a computer network or an individual device to a network, measured in megabits per second (mbps).
Network Core
The central part of a telecommunication network that provides various services to customers who are connected by the access network.
Network Performance Monitoring and Diagnostic
Tool
Network performance monitoring and diagnostics (NPMD) tools provide trend analysis and real-time alerting via performance
monitoring of the network (including devices and traffic). The tools collect performance data over time and include features such as
automated baselining, threshold evaluation, network traffic analysis, service-level reporting, trend analysis and historical reporting.
These tools leverage packet data, flow data, infrastructure metrics and device configuration data to enhance problem diagnosis and
remediation.
Network Sandboxing
Network sandboxes rely on sensors to monitor network traffic for suspicious objects (for example, executables, Microsoft Office files,
PDF files and JavaScript code) and automatically submit them to a sandbox environment, where they are analyzed and assigned
malware probability scores and severity ratings.
Offsite Storage
Based on data criticality, offsite storage should be in a geographically different location from the campus that does not share the same disaster threat event. Based on an assessment of the data backed up, removing the backup media from the building and storing it in another secured location on the campus may be appropriate.
OIT
Office of Information Technology
Patch
A fix or update for a software program usually related to a security issue.
Payment Terms
These terms show what the estimated cost is as well as the schedule for payment.
PBX
Private Branch Exchange: An in-house telephone switching system that interconnects telephone extensions to each other as well as to the outside telephone network (PSTN). A PBX enables a single-line telephone set to gain access to one of a group of pooled (shared) trunks by dialing an 8 or 9 prefix.
PCI
PCI compliant means that any company or organization that accepts, transmits, or stores the private data of cardholders is compliant with the various security measures outlined by the PCI Security Standard Council to ensure that the data is kept safe and private.
PII
Personally Identifiable Information; Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.
Platform as a Service (PaaS)
A cloud service that delivers application infrastructure (middleware) capabilities. Gartner tracks multiple types of PaaS (xPaaS),
including, among many more, application platform as a service (aPaaS), integration PaaS (iPaaS), API management PaaS
(apiPaaS), function PaaS (fPaaS), business analytics PaaS (baPaaS), IoTPaaS and database PaaS (dbPaaS). PaaS capability can
be delivered as a provider-managed public or virtual private service, or self-managed private service.
Portal
A software tool available through a secured website which has the ability for the service provider to track users' web activity once they log onto the portal.
Project Portfolio Management (PPM)
A discipline that seeks to better manage resources and project work, and to improve collaboration on like projects using specialized software.
Public Cloud Storage
An infrastructure as a service (IaaS) that provides block, file and/or object storage services delivered through various protocols. The
services are stand-alone but often are used in conjunction with compute and other IaaS products. The services are priced based on
capacity, data transfer and/or number of requests. The services provide on-demand storage and are self-provisioned. Stored data
exists in a multitenant environment, and users access that data through the block, network and REST protocols provided by the
services.
Ransomware
Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.
Refresh
The upgrading and replacing of computer systems, peripherals, and other technologies to ensure the access to the most basic services and efficiency of existing resources.
Residual Risk
Any risk remaining once controls have been applied. The amount of residual risk allowed will be determined by the organization’s tolerance for risk.
Resolution
Returning service through the implementation of a permanent solution or a workaround.
RFI (Request for Information)
An informal process for solicitation or presentation of ideas from suppliers. The Purpose of an RFI is to gain familiarity with the current market for a particular supply or services and to gather information in a formal, structured and compartivie purpose. Pricing may or may not be requested, but is used for budgetary purposes only. RFIs primarily used to gather information to help make a decision on what steps to take next. No award is made
RFP (Request for Proposal)
A request for proposal (RFP) is a business document that announces a project or purchase, describes it, and solicits bids from qualified contractors to complete the request.
Risk
Potential that a given set of circumstances and actions will lead to an undesirable outcome - in terms of information this means loss of one or more of (confidentiality, availability, and integrity).
Risk Assessment
The process of identifying, evaluating, and documenting the level of impact that may result from the operation of an information system on an organization’s mission, functions, image, reputation, assets, or individuals. Risk assessment incorporates threat and vulnerability analyses and considers mitigations provided by planned or current security controls.
Risk Management
Decisions to accept risk exposures or to reduce vulnerabilities and to align information system risk exposure with the organization’s risk tolerance.
Robotic Process Automation
Robotic process automation (RPA), sometimes called smart automation or intelligent automation, refers to advanced technologies
that can be programmed to perform a series of tasks that previously required human intervention.
Root Access
Most privileged access to a computer system allowing the use, change, and deletion of any and all configuration information, system software, and data.
SaaS
Software-as-a-Service: Capability to move files to an offsite location.
SAN
Storage Area Network.
SCS
System Computing Services.
SEA
Systems Engineering and Administration
Security Administrator
The person charged with monitoring and implementing security controls and procedures for a system. Whereas each university will have one information security officer, technical management may designate a number of security administrators.
Self-service Application
A software application that allows a user to obtain information or complete a business transaction on a computer that has traditionally required the help of a human representative
Self-service Functionality
Self-service functionality is the ability for an individual to obtain information or complete a business transaction that has traditionally required the help of a representative over the phone or in person. Voice response systems and web sites are widely used for self-service applications.
Server
A server is a computer system in a network that is shared by multiple users. A server may have a keyboard, monitor and mouse directly attached, or one keyboard, monitor and mouse may connect to any number of servers via a switch. Servers are often located in data centers containing hundreds and thousands of servers residing in equipment racks. Servers are primarily accessed over the network.
Serverless Infrastructure
Serverless infrastructure, part of serverless computing, is a style of server deployment and management that hides resiliency,
scalability, operating system, management and hardware considerations from application developers. It's the style of infrastructure
that supports many major digital businesses, and the serverless initiatives announced by major vendors. Software components
include orchestration management, infrastructure as code and software-defined infrastructure.
Service/ Services Contract
1. An agreement calling for a contractor's time and effort. 2. The furnishing of labor, time, or effort by a contractor or supplier, which may involve to a lesser degreee, the delivery or supply of products.
Service Level Agreement (SLA)
A service-level agreement is a contract between a service provider and an individual needing that service. The agreement specifies the level of service expected during its term. SLAs are used by vendors and customers as well as internally by information technology units and the individuals and units who use their services. The agreements can specify bandwidth availability, response times for routine and ad hoc queries, response time for problem resolution (e.g., network down, machine failure, etc.) as well as expectations of the technical staff. SLAs can be very general or extremely detailed, including the steps taken in the event of a failure. For example, if the problem persists after 30 minutes, a supervisor is notified; after one hour, the account representative is contacted, etc.
SES
Software Engineering Services
Shared Administrative Service
An initiative that focuses on helping departments control costs and improve service delivery by improving administrative processes and procedures.
Single Sign-on
Ability for a user to sign in once and have that sign-in allow access to multiple information systems without the need for providing a username and password for each separate system.
SIS
Student Information Systems
SPAM
Disruptive online messages, especially commercial messages posted on a computer network or sent as email.
STAB
Student Technology Advisory Board.
Stakeholder
Any individual who may be affected by a business decision. The term may refer to just about anyone who has some interest in the University or its products.
System of Record
A data management term for an information storage system that is the authoritative data source for a given data element or piece of information
Systems Analyst
A person responsible for the development of an information system. Systems analysts design and modify systems by turning user requirements into a set of functional specifications, which are the blueprint of the system. They design the database unless done by a data administrator.
Team Collaboration Devices
Team collaboration devices combine a computer and, usually, videoconferencing and/or audioconferencing hardware with a digital
whiteboard and custom software to create a turnkey solution for meetings. As self-contained devices, these are relatively expensive;
however, they can provide customized interfaces and simple operation. They typically are shared devices, without a specific assigned
user.
Terabyte
Approximately one trillion bytes (1,099,511,627,776 bytes)
Thin Clients
A type of client/server computing in which applications are run, and data is stored, on the server rather than on the client. Because the
applications are executed on the server, they do not require client-resident installation, although the graphical user interface and
some application logic may be rendered to the client.
Third-party
Typically a company that provides an auxiliary product not supplied by the primary manufacturer to the end user.
Ticketing System
Also known as an issue tracking system, these computer software packages are usually used at an IT help desk to manage and maintain lists of issues.
TLC
Teaching and Learning Center.
UPS
An uninterruptible power supply. An electrical apparatus that provides emergency power to a load when the input power source (usually commercial power) fails.
Virtual Assistants
Virtual assistants (VAs) help users or enterprises with a set of tasks previously only made possible by humans. VAs use AI and
machine learning (such as natural-language processing, prediction models, recommendations and personalization) to assist people or
automate tasks. VAs listen to and observe behaviors, build and maintain data models, and predict and recommend actions. VAs can
be deployed in several use cases, including virtual personal assistants, virtual customer assistants and virtual employee assistants.
Virtual Private Network
Encrypted connections over a larger network, typically over the Internet, which simulates the behavior of direct, local connections.
Virtual Reality
Virtual reality (VR) provides a computer-generated 3D environment that surrounds a user and responds to that individual’s actions in
a natural way, usually through immersive head-mounted displays and head tracking. Gloves providing hand tracking and haptic
(touch sensitive) feedback may be used as well. Room-based systems provide a 3D experience for multiple participants; however,
they are more limited in their interaction capabilities.
VoIP
Voiceover Internet Protocol: A digital telephone service that uses the public Internet and private backbones for call transport. Support for the public switched telephone network (PSTN) is also provided so that VoIP calls can originate and terminate from regular telephones.
Vulnerability
Any exploitable aspect of a system or process.
Warranties
The groups agree on the scope and the coverage of the warranty.
Workstream Collaboration Tools
Tools that create a persistent, shared conversational workspace that helps groups initiate, organize and complete work. It integrates
direct and group messages, alerts, notifications, activity streams, files, tasks, bots, and real-time audio and video into searchable
groups or channels.
Work Standards
This section of the MSA defines what each party regards as acceptable work. Not living up to the work standards often causes disputes.
