Cybersecurity 101

A foundational security process that regulates who is allowed to access certain apps, data, and resources, and under what conditions.

The process of verifying the identity of a user, device, or system, using factors like passwords, biometrics, or security tokens before granting access. Authentication usually requires something a person has (such as a key, badge, or token), something a person knows (such as a password, ID number, or mother's maiden name), or something a person is (face recognition, fingerprint, or retina scan, etc).

Stands for Cloud Access Security Broker. A security solution that emphasizes strict access control and continuous verification by enforcing access policies for cloud resources and applications. An important component of a zero trust architecture.

Tools that can scan stealer logs, criminal forums, and third-party breaches on the dark web for your organization's exposed passwords. By providing visibility into exposed corporate credentials, it enables faster response and risk mitigation.

A process of continually scanning the dark web to identify compromised, stolen, or leaked data. This can include intellectual property, credentials, and personal information.

Any attempt to gain greater permissions illicitly (typically, by impersonating a privileged user or otherwise bypassing normal authentication) within a computer system is considered an elevation of privilege.

A unified architectural framework that integrates disparate identity and access management tools to act as a single unified system, giving organizations a centralized approach for managing digital identities in complex IT environments.

Attacks that focus on stealing or guessing valid user credentials to bypass security perimeters. Once attackers obtain legitimate credentials, they appear as authorized users and can move through systems without triggering many security alerts.

Stands for Identity Provider. Acts as a central authority to verify users and grant secure access to applications, often through single sign-on (SSO) and multi-factor authentication (MFA). By creating, maintaining, and managing digital identities, it protects against unauthorized access by centralizing identity management and enforcing strong authentication.

A cybercriminal who specializes in gaining unauthorized access to computer networks and systems, then selling that access to other criminals. IABs are part of the Ransomware-as-a-Service economy.

Fundamental security policy that only allows users, applications, or systems to have the absolute minimum permissions needed to perform their specific tasks, and nothing more. Prevents lateral movement and minimizes access to sensitive data by enforcing strict access controls and role-based permissions.

An authentication method that requires the user to provide two or more verification factors, such as a password, token, and fingerprint, to gain access to a resource such as an application, online account, or VPN.

Stands for OpenID Connect protocol. An identity authentication protocol used to enable two unrelated applications to share user profile information without compromising user credentials.

A passwordless authentication standard that allows users to sign in to apps and websites using biometrics (fingerprint, face scan) or a device PIN instead of a password. Gives MSPs a way to offer phishing-proof authentication. Passkeys work like unlocking your phone, the same fingerprint or face, but now also for logging into apps. No password to forget. No code to intercept. And fake websites simply can't trick it.

A security model that limits access to a computer network or system based on the user's role within an organization.

SAML (Security Assertion Markup Language) is an open-standard, XML-based protocol used for exchanging authentication and authorization data between parties, primarily to enable single sign-on (SSO).

An authentication method in which one login (typically with username and password) allows access to multiple applications and services, providing convenience for users and better and centralized oversight for IT teams.

A cybersecurity strategy based on the principle of "never trust, always verify," assuming threats exist everywhere. Rather than relying on a single technology, it implements multiple security controls, including multi-factor authentication, EDR, Zero Trust Network Access, and dark web credential monitoring. In addition, users only have access to the specific parts of the network they need and not more.

A security model that requires strict identity verification for every person and device, inside or outside the network perimeter, trying to access resources on a private network.

A security framework that assumes threats are everywhere and therefore verifies every user and device attempting to access resources, and grants least-privileged access to specific applications rather than to the entire network. A foundational security model within SASE.