Share:

TechTALK: Cybersecurity Vocabulary Lesson

Oct 04, 2023

by Elizabeth Parsons, IT Services

As we continue to look at various ways to stay safe online and bolster our personal security for National Cybersecurity Awareness Month, IT Services also continues to improve on Miami’s tools and systems geared toward supporting that mission of being more secure.

Sometimes, however, we get lost in the jargon -- and in the tech world, there's a lot of it! So, let's take a look at some of the common vocabulary you'll see in this space and others as cybersecurity continues to be a focus for Miami and others.

IAM: Identity and access management

This refers to the set of tools, technologies, and policies that manage identities within our systems. As a student, you get access to some tools. As a faculty member, you get access to other things. IAM is the way our systems interoperate to get the right people access to the right tools.

Cool tip: Miami is currently working through an IAM Program that seeks to transform how we do access management and the systems that interoperate here. We have partnered with Moran Technology Consulting and Identity Automation to deploy a robust solution! For more information, please visit the website at MiamiOH.edu/IAM.

IGA: Identity governance and administration

This is the actual technology that helps our systems talk to each other and get accurate information about the roles and access needs of faculty, staff, and students. Our IGA tool is called RapidIdentity.

MFA: Multi-factor authentication

Having multiple “factors” on your online accounts helps keep you safe. At Miami, we use DUO, but there are lots of ways to add factors to your accounts. Google Authenticator is another good option, since it has an app much like DUO where you can add multiple accounts. Even having MFA via text message (where the organization texts you a code after you input your username and password) is helpful, since a malicious actor would need access to your phone as well as your login info to gain access. The more factors on your accounts, the more hackers have to work.

Phishing

The practice of sending fraudulent emails for the purpose of gaining access to your account or to other important information. A common type of phishing scheme, called business email compromise, seeks to gain access to, among other things, credentials of folks who have access to the finances of a particular organization.

Smishing

A type of scam that takes place via text or SMS. If President Crawford texts you about something he needs immediately, it's probably a scam.

Vishing

A type of scam that takes place via voice message. If you have ever received a phone call from someone trying to scam you into giving them your social security number or credit card information, this is a form of vishing.

SSO: Single sign-on

This is the mechanism that allows you to be logged in to all Miami systems at once, instead of having to log in individually each time you need to access a different system. For instance, if you log in to Banner to register for classes, you won’t then also have to log in to Canvas separately. It should just let you in – because the Miami system has clocked that you are already logged in somewhere.

Note: Not all Miami systems are behind SSO. The red login screen usually denotes that the system you’re accessing is behind SSO. Which brings us to…

CAS: Central authentication system

This is what allows you to log in to Miami resources! You have to use DUO multi-factor authentication to get through CAS to Miami content.

Spoofing

Email spoofing involves a malicious actor sending messages impersonating a known contact at an organization. For instance, at Miami, we have seen spoofed messages that look like they’re coming from faculty members asking for research assistants (such as this recent example). Scammers essentially change the metadata on an email account. Be vigilant!

Take the Quiz!

Help us beat Ohio University in a friendly NCSAM competition! We are currently winning. Let’s keep it that way!

CyberMania: Miami vs. Ohio

These are just a few examples of vocabulary words you need to be familiar with when it comes to cybersecurity. We could go on for ages and ages… And we will, over on our YouTube page! Each day this month, the Miami University Cyber Security Club is giving us a short overview of one security topic. Check it out!