Seattle.gov Home Page
Seattle.gov This Department
Link to DoIT Home Page Link to DoIT Home Page Link to DoIT About Us Page Link to DoIT Contact Us Page
We make technology work for the City Erin Devoto, Director
Information Security Home Page
Chief Information Security Officer
Information Security Bulletins
Information Security Newsletter
Information Systems Security Policy
Spams and Scams
Creating Passwords
Securing Your Laptop
Protecting Your Home
Spyware Solutions
Wireless Network Security Solutions
Digital Consumer
Living Digital
Contact Us
Glossary of IT Terms

Information Security

Glossary B


This glossary contains industry standard and City specific IT terminology. The glossary should be consulted when policy, issue papers, etc. are drafted to ensure consistent use of terms across the City.
A B C D E F G H I J K L M
N O P Q R S T U V W X Y Z

Back Door
Backup
Backup and Restore / Recovery
Backup Files
Backup Power Generators
Batch
Beta Software
Biometric Access Controls
BIOS
Boot
Boot Disk
Borg
Bot
Botrunner
Browser
Bug Business Continuity Planning (BCP)
Business Impact Assessment
Business Resumption Plan
Business Recovery Plan


Back Door
A back door is the name given to a 'secret' access route into the system. Such routes are usually undocumented and almost certainly were not originally specified. In fact, usually only the original developer would be aware of the back door(s) to their system. So why design a back door? Some boffin programmers, suspected that the end users would, at some point, make such a mess of the system, that normal ID and password routines would not allow access, and that another route into the system (known only to the programmers) would be required - the back door.  In this particular context the existence of a Back Door can be a useful feature but, it does represent a significant risk in that a person - not necessarily on the staff of the Organization - could be in a position to penetrate the system with malicious intent without the Organization's knowledge. It is reasonable to assume that a programmer with sufficient skill to build the system in the first place will also have the skills necessary to penetrate the system and withdraw again without leaving any evidence of the incursion.
Name of several unpleasant viruses/Trojans which jeopardize network security and attempt to give malicious users access to the computer.


Backup
The process whereby copies of computer files are taken in order to allow recreation of the original, should the need arise. A backup is a spare copy of a file, file system, or other resource for use in the event of failure or loss of the original. The term is most commonly used to refer to a copy of all the files on a computer's disks which is made periodically and kept on magnetic tape or other removable medium (also called a 'dump').  This essential precaution is neglected by most new computer users until the first time they experience a crash or accidentally delete the only copy of the file they have been working on for the last six months. Ideally the backup copies should be kept at a different site or in a fire safe. Although hardware may be insured against fire, the data on it is almost certainly neither insured nor easily replaced. Consequential loss policies to insure against data loss can be expensive, but are well worth considering.


Backup and Restore / Recovery
Whilst backup is a routine that is well understood, the ability to restore data is usually only performed when data is lost, corrupted, or otherwise changed. It is extremely important to review and test the restore procedures, to ensure that, in an emergency, appropriate action can be taken. A real danger, when restoring files from the backup, is that of restoring additional files which then over-write newer files. Were this to happen to an order processing system, or other system which records transactions, such an error could result in severe loss. To avoid even the possibility of such an error, you should always restore files to a specific location that is separate from the live files. Then, having verified the integrity of the restored file(s), they may be copied to the required area; again, cautiously and with consideration for the risks involved.


Backup Files
Backup files are those files which are retained, often on high capacity tape or separate disk sub-system, which represent the Organization's protection against loss, damage or non-availability of the data held on information systems. Whilst it is important to have available the most recent few backups - to enable restore in case of need - it is also crucial that recent backup tapes / disks are stored safely off-site; sufficiently far away to reduce the risk of environmental damage (e.g. flood) destroying both the primary systems and the off site backups.


Backup Power Generators
Backup Power Generators are usually gasoline driven units which are linked to an Uninterruptible Power Supply (UPS), to prevent your systems crashing as a result of power failure. Power generators should be of adequate capacity to support the systems which require power. Bear in mind that backup power generators are used rarely. As a result, they can remain idle for years, as usually the UPS will bridge the gap until the power is either restored, or the systems have been safely shut down. As a result, when needed, the power generator may not have been tested for a considerable period. It is important that, periodically, the power generator is tested and serviced, in accordance with the manufacturer's recommendations. It is also vital to ensure that fresh gasoline replaces unused gasoline each year; and that there are adequate supplies available.


Batch

A term from the days before real-time processing when data was collected together throughout the day in batches waiting for the IT staff to run the End of Day routines which included 'batch processing'. This approach requires less computer power than real-time processing since account balances and other record are not changed until the end of the working day and, effectively the system is on 'enquiry only' status until the next processing run. In some ways batch processing is more secure than real-time since there is more time to check transaction data before it reaches the computer's files, however the advantages of having accurate, up-to-the-minute information (especially in banking and finance) are generally viewed as outweighing any benefits batch processing may offer. Batch files (files with the extension .bat) are small 'programs' instructing the computer to perform some processing, start another program running, recognize some hardware etc., The most common example is the autoexec.bat file (standing for AUTOmatic EXECution) found on virtually every PC which runs each time the PC is started.


Beta Software
Term used to describe software which is almost fully developed but not yet quite ready for release to the market, or internal users. The Beta version of the software is preceded by the alpha version. Beta versions of commercial programs are often made available to consumers at attractive prices on the basis that there are numerous bugs still to be sorted out, and the first batches of users to install the product are, effectively, taking part in an enormous acceptance testing program. The developer will take note of the findings and comments made by Beta users to incorporate modifications, fixes, patches, etc., in the version which is finally released. Beta versions of software, whether purchased or developed in-house, should not be installed on live systems and should never be used for mission critical processes.


Biometric Access Controls
Security Access control systems which authenticate (verify the identity of) users by means of physical characteristics, e.g. face, fingerprints, voice, or retina pattern.


BIOS
BIOS, the Basic Input Output System of a personal computer. The BIOS contains the code which results in the loading (booting) of a computer's operating system e.g. Microsoft Windows®. The BIOS also controls the flow of data to/from the operating system and peripheral devices, such as printer, hard disk, keyboard and mouse.


Boot
Starting up a PC or server. Verbal shorthand for 'Kick it 'til it wakes up'. The origin of this (strange) term is the recognition that booting or, system start up, is a process requiring a piece of 'bootstrap' code in the BIOS of the computer, which starts the loadup of the operating system.


Boot Disk
CD-ROM or Floppy disk used to start a PC or server when it cannot do so from the hard drive. Boot disks are often used when there is a problem with a Hard Drive, but, equally, may be used as a Key Disk security feature when a PC has been deliberately configured by technical staff to refuse to run without the Key Disk present.


Borg
From 'Star Trek: The Next Generation' in which the Borg is a species of cyborg that ruthlessly seeks to incorporate all sentient life into itself; their slogan is 'Resistance is futile. You will be assimilated.' In tech-speak, the Borg is usually Microsoft, which is thought to be trying just as ruthlessly to assimilate all computers and the entire Internet into itself - there is a widely circulated image of Bill Gates as a Borg - i.e. Borging the competition. Being forced to use Windows or NT is often referred to as being 'Borged'. It is reported that this term is in use within Microsoft itself. Other companies, notably Intel and UUNet, have also occasionally been equated to the Borg.


Bot
Short for Robot, - the term describes little programs designed to perform automated tasks on the Internet such as indexing, looking/watching for message contents, or to act as avatars (human surrogates). On IRC, Bots can be malicious by cloning themselves, (clonebots), or flooding the IRC channels with garbage (floodbots). There are hundreds of different types of Bots including, by some definitions, Agents and Crawlers.


Botrunner
A person who operates software robots on the Net.


Browser
Often known as a 'Web Browser', it is software used to make contact with Web sites on both the Internet and internal Intranets. The topic of software houses development and use of Browsers is controversial, and lies at the heart of the US Government anti-trust (monopoly) case against Microsoft. The only real effect of this case upon users is likely to be that, in future, Browser applications will have to be acquired and installed separately, rather than being supplied as part of an operating system.


Bug
A fault in a computer system, usually associated with software. The term apparently stems from the early (pre-transistor) days of computing when machines used myriad valves and miles of wire. An apocryphal tale has it that one machine refused to work and, on examination of its innards, revealed a moth which had expired across some terminals thereby causing a short circuit. Once 'debugged' the machine worked perfectly - or so it is said.


Business Continuity Planning (BCP)
BCP usually includes the following planning activities: Business Resumption Plan, Business Recovery Plan, Disaster Recovery Plan. BCP should also include Recovery Time Objectives (RTO), which is the amount of time an organization can do without an IT-based business process before the organization's mission is harmed.


Business Impact Assessment
It is the first phase of an overall approach to the development of business continuity plans. The assessment involves understanding the proportion of impact individual business units would sustain as a result of a significant interruption of IT services. These impacts may be a financial or operational.


Business Resumption Plan
The Business Resumption Plan includes work around procedures for business processes for use until production processes are fully recovered. Planning involves users, annual reviews, and testing of plans. Its purpose is to ensure the continuance of mission-critical processes at an alternative production site.


Business Recovery Plan
Plans for the complete recovery of the production business processes, including people, workspace, non-IT equipment and facilities.

/font>