Glossary
This page contains the commonly used terms in Vendor Privileged Access Management.
A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W
A
| Concept | Description |
|---|---|
| Access | The ability to use a system, application, or data resource. Access is typically controlled through security settings that determine who can view, modify, or manage information. |
| Access Request | A formal request by an internal or external user to gain permission to use a system, application, or resource. Access requests often go through an approval process managed by System Administrators. |
| Access Schedule | A set of rules that define the dates and times when a user or a user group is allowed to access a system or application. Access schedules are often used to limit access for security reasons. |
| Active Directory (AD) | A Microsoft directory service used to manage users, computers, and other resources in a network. AD provides authentication and authorization, ensuring that only approved users can access systems. |
| Activity Log | A record of events and actions taken within a system, such as logins, file changes, or administrative updates. Activity logs are used for monitoring, troubleshooting, and security auditing. |
| Admin Console | The Graphic User Interface (GUI) for the |
| Administrator | A user with elevated privileges who manages systems, applications, or networks. Administrators control access, configure settings, and ensure security policies are enforced. |
| API | Application Programming Interface. A set of rules that allow different software programs to communicate with each other. APIs let developers integrate systems or extend functionality. |
| API Key | A unique code used to identify and authenticate an application or user when interacting with an API. API keys help protect systems from unauthorized access. |
| Application | A software program designed to perform specific functions for a user or system. Applications can run on computers, mobile devices, or cloud environments. |
| Application (PAS) | A Gateway or Gatekeeper system that holds a collection of services on various hosts and ports. |
| Archiving | The process of securely storing data or records for long-term retention. Archiving ensures information is preserved but not necessarily kept in active use. |
| Asset | Any valuable item within a system, such as data, software, infrastructure, platforms, and applications. Assets are tracked and protected to maintain security and compliance. |
| Audit | A formal review of system activities, records, or settings to verify accuracy, compliance, and security. Audits help identify issues and confirm that policies are being followed. |
| Auditability | The ability of a system to provide reliable records of activities and events. Auditability ensures that actions can be traced back to users or processes for accountability. |
| Authentication | The process of verifying a user’s identity before granting access to a system or resource. Common authentication methods include passwords, badges, and biometric scans. |
| Authorization | The process of determining what a user is allowed to do in a system. Authorization defines the specific resources and actions available to each user. |
B
| Concept | Description |
|---|---|
| Backup | A copy of data stored separately from the original, used for recovery in case of loss or failure. Backups are essential for disaster recovery and business continuity. |
| Bandwidth | The amount of data that can be transmitted over a network in a given time period. Higher bandwidth allows faster communication and more simultaneous usage. |
| Best Practices | Established methods or guidelines that are widely accepted as the most effective way to achieve a desired outcome. |
| Browser | A software program used to access websites and online applications, for example: Chrome, Safari, Edge, and Firefox. |
| Browser-Based Sessions | A type of session that enables the secure connection of a vendor's remote support agent to a target customer's environment through a web browser. |
| Built-In Service | The services that comes included with a Gatekeeper application by default. |
C
| Concept | Description |
|---|---|
| Certificate | A digital file that proves the identity of a user, system, or organization. Certificates are often used to enable secure connections over the internet. |
| Certificate Installer | The component that enables users to install digital certificates during a session. |
| Component | An individual part of a larger system or application. |
| Configuration | The arrangement of settings that define how a system, application, or device operates. |
| Connection Manager | The component that leverages the connections between a user and the target device's assets, while also managing the available services in a Gatekeeper. |
| Connectivity | The ability of systems, devices, or applications to communicate with each other over a network. |
| Containerized Network | A feature that uses a virtual interface to connect a service without using a limited loopback interface. |
| CPAM | Customer Privileged Access Management, an Imprivata application for third-party access. |
| CPAM Server |
The virtual or on-premise appliance that manages the CPAM application and its components |
| CPU | Central Processing Unit, the main chip in a virtual or physical computer that performs calculations and runs instructions. |
| Credential | Information, such as a username and password, used to prove a user’s identity when accessing a system. Credentials may also include digital certificates or biometric data. |
| Credential Pool | A shared collection of user credentials that can be assigned dynamically to individuals or systems. |
| Cryptographic | Relating to methods of securing information through encryption, hashing, or digital signatures. |
| Custom Service | Services where users can define the host and port to access the remote assets. |
| Customer | An individual or organization that uses a product or service. |
D
| Concept | Description |
|---|---|
| Dashboard | The feature in |
| Data | Information stored, processed, or transmitted by a system. Data can be structured, like numbers in a database, or unstructured, like text and images. |
| Debug and Diagnostics | The feature in |
| Degraded Performance | A state where a Gatekeeper is still running but with non-optimal resources. |
| Department | A division within an organization responsible for specific functions. A feature in the server to mimic organizations for easier access and security. |
| Desktop Sharing | A feature that allows one user to share their computer screen with others. |
| Disk Space | The amount of digital storage available on a device or server. |
| Distribution List | An email group that forwards messages to multiple recipients. |
| Domain | A unique name that identifies a network, organization, or website. For example: @imprivata.com |
E
| Concept | Description |
|---|---|
| A method of sending and receiving electronic messages over the internet. | |
| Encryption | The process of converting information into a coded format to prevent unauthorized access. |
F
| Concept | Description |
|---|---|
| Fail Over Instance | A backup Gateway Instance that automatically takes over if the main one fails. |
| Feature | A specific function or capability within a product or service. |
| File Transfer Protocol (FTP) | The built-in service for transferring files between two systems during a session. |
| Firewall | A security system that monitors and controls network traffic based on rules. |
| Flagging | Marking an item, event, or activity for attention or review. |
G
| Concept | Description |
|---|---|
| Gatekeeper | The component with built-in services that enables the connection between a user and a target computer's assets. |
| Gateway | The component that enables the traffic control and access between a user and a customer's applications and Gatekeepers. |
| Global Configuration | The settings that apply to the entire |
H
| Concept | Description |
|---|---|
| Hardware | The physical components of a computer or device, such as processors, memory, and hard drives. |
| Host | A computer, server, or device connected to a network that provides services or resources. Each host is identified by a unique network address. |
| Host Alias | An alternate name assigned to a host for easier identification. Host aliases simplify system management and access. |
| Host Name Mapping | The process of linking hostnames to IP addresses. Host name mapping ensures that devices and applications can locate and communicate with each other. |
| Hostname | The unique name assigned to a device on a network. Hostnames make it easier to identify devices instead of using numerical IP addresses. |
| HTML5 Client | A web-based client application that runs in a browser using HTML5 technology. See Browser-Based Sessions. |
| HTTP(S) | Hypertext Transfer Protocol (HTTP) and its secure version HTTPS are methods for transferring data between a browser and a web server. HTTPS adds encryption for security. |
I
| Concept | Description |
|---|---|
| Identity Provider (IdP) | A service that manages and verifies user identities for authentication. |
| InfoSec | Information Security, this refers to practices and policies that protect data from unauthorized access, use, or destruction. |
| Infrastructure | The underlying systems and resources, such as servers, networks, and storage, that support applications and services. Infrastructure can be on-premises or in the cloud. |
| Installation Wizard | A step-by-step tool that guides users through installing software. |
| Instance | A single running copy of a software program, server, or virtual machine. |
| Interactions | The ways users or systems communicate and exchange information. |
| Internal Access Policy | A policy rule that forces an Internal User to raise an access request before granting them access to an application. |
| IP Address | A unique numerical label assigned to a device on a network. |
| IT | Information Technology, which refers to the use and management of computers, networks, and systems. |
J
| Concept | Description |
|---|---|
| Java | A widely used programming language and platform. Java is known for its ability to run on many different devices and operating systems. |
K
| Concept | Description |
|---|---|
| Key | A piece of information, often cryptographic, used to lock or unlock access to data or systems. |
L
| Concept | Description |
|---|---|
| LAN | Local Area Network (LAN), a network that connects computers and devices within a small geographic area. |
| Latency | The delay between sending and receiving data over a network. |
| Lightweight Directory Access Protocol (LDAP) | A standard method for accessing and managing directory information, such as user accounts. |
| Linux | An open-source operating system widely used on servers, devices, and embedded systems. |
| Log In | The action of entering credentials, such as a username and password, to access a system. |
| Log Out | The action of ending a session and disconnecting from a system. |
| Logging | The process of recording system events, activities, or errors. |
M
| Concept | Description |
|---|---|
| MacOS | Apple’s operating system for desktop and laptop computers. |
| Maintenance | Routine activities performed to keep systems running smoothly, such as updates, patches, or hardware checks. |
| Module | A self-contained component within a system or application that provides a specific function. |
| Monitoring | The continuous observation of systems, networks, or applications to detect issues or changes. |
| Multi-Factor Authentication (MFA) | A security method requiring two or more ways to verify a user’s identity, such as a password plus a fingerprint. |
N
| Concept |
Description |
|---|---|
| Network | A collection of connected devices, such as computers and servers, that share information. |
| Notification | An alert or message that informs users of events, changes, or required actions. Notifications can appear on-screen, via email, or through applications. |
O
| Concept | Description |
|---|---|
| OpenSSH | An open-source tool for secure communication between computers over a network. |
| Operating System (OS) | Software that manages a computer’s hardware and applications, for example: Windows, macOS, and Linux. |
P
| Concept | Description |
|---|---|
| Password | A secret string of characters used to verify identity when logging in. |
| Password Rotation | The practice of regularly changing passwords to reduce the risk of compromise. |
| Permission | A setting that determines what a role is allowed to do within a system. |
| Platform | The underlying environment that supports applications and services. |
| Plugin | A small software add-on that extends the functionality of an application. |
| Pooled Instance | A shared instance of a Gateway Application that can be used by multiple users as needed. |
| Port | A virtual endpoint through which data enters or leaves a computer over a network. Ports are numbered and used by applications to communicate securely. |
| Privileged Access | Special access rights given to administrators or other trusted users. |
| Protocol | A set of rules that define how data is transmitted and understood between systems. Common protocols include HTTP, FTP, and SSH. |
| Proxy | A server that acts as an intermediary between a user and another system. |
| Pruning | The process of cleaning up or removing unnecessary data, accounts, or records. |
Q
| Concept | Description |
|---|---|
| Quick Connect | A feature in |
R
| Concept | Description |
|---|---|
| RAM | Random Access Memory (RAM), the temporary computer memory used to store data. |
| RedHat | A commercial Linux distribution widely used in enterprise environments. |
| Registration Code | A unique code used to activate or verify the Gatekeeper installation. |
| Remote Connection | The access to a system or computer through the Gatekeeper software. |
| Remote Desktop Protocol (RDP) | The built-in services that allows internal users to control a remote computer through a graphical interface. |
| Remote Support | The process of assisting users by connecting to their devices from a different location. |
| Report | A structured summary of system data, events, or activities. |
| Requirements | Conditions or capabilities needed for a system or application to function. |
S
| Concept | Description |
|---|---|
| Safety | Measures and practices designed to protect people and systems from harm. |
| SAML | Security Assertion Markup Language,a standard that allows secure exchange of authentication information between systems. |
| Secrets | Sensitive information, such as passwords, keys, or tokens, that must be kept secure. |
| Secure Connection | A network connection protected by encryption, such as HTTPS or VPN. |
| Secure Support | A method of providing technical support through encrypted and authenticated connections. |
| Security Department | The organizational unit responsible for protecting systems, data, and networks. |
| Server | A computer or system that provides services, resources, or data to other devices on a network. |
| Server Settings | Configuration options that determine how the server operates. |
| Server URL | The web address used to reach the |
| Server Version | The release number of a |
| Service | A built-in or custom process or application in the server. |
| Session | A period of connection between a user and a target system and its assets. |
| Single-Use Key | A key that can be used only once to authenticate or unlock access. |
| Software | Programs and applications that run on computers or devices. |
| SSH | Secure Shell (SSH), a protocol for securely accessing and managing remote systems. |
| SSH Key Pair | A pair of cryptographic keys (public and private) used with SSH for secure authentication. |
| SSO | A security method that allows users to log in once with a single set of credentials and gain access to multiple applications or systems. |
| Status | The current condition or state of a system, service, or process. |
| Support Agent | A person who provides technical help to users. |
| SUSE | A commercial Linux distribution widely used in enterprise environments. |
| System | A collection of hardware, software, and processes working together. |
| System Administrator | A person responsible for managing and maintaining a system. |
T
| Concept | Description |
|---|---|
| Target System | The specific computer, server, or device being accessed, managed, or monitored. |
| Task | A specific action or job carried out by a system, application, or user. |
| TELNET | A network protocol that allows remote communication with another computer. |
| Traffic | The flow of data across a network. The flow of users in a server. |
| Troubleshooting | The process of diagnosing and resolving problems in systems or applications. |
| Tunneling | A method of securely sending data through a network by encapsulating it inside another protocol. |
U
| Concept | Description |
|---|---|
| Ubuntu | A commercial Linux distribution widely used in enterprise environments. |
| Unix | A family of operating systems that form the basis of Linux and macOS. |
| Upgrade | The process of installing a newer version of software or hardware. |
| URL | Uniform Resource Locator (URL) is the web address used to access resources on the internet. |
| User | A person who interacts with a system, application, or service. |
| User ID | A unique identifier assigned to a user within a system. |
| User Interface | The part of a system that users interact with, such as menus, buttons, and screens. |
| User Role | A defined set of permissions assigned to a user. |
V
| Concept | Description |
|---|---|
| Vault | A secure storage system for sensitive data, such as passwords, certificates, or secrets. |
| Vendor | A company that provides products or services to customers. |
| Vendor Representative (Vendor Rep) | An individual who works on behalf of a vendor to provide products, services, or support. |
| Virtual Appliance | A preconfigured virtual machine image that provides a specific service or application. |
| VPAM | Vendor Privileged Access Management, an Imprivata application for third-party access. |
| VPAM Server | The virtual or on-premise appliance that manages the VPAM application and its components |
W
| Concept | Description |
|---|---|
| Web Application | A software application that runs in a web browser instead of being installed on a computer. |
| Web Application Firewall (WAF) | A security system that filters and monitors traffic to and from web applications. |
| Web Browser | A software program used to access websites and online applications, for example: Chrome, Safari, Edge, and Firefox. |
| Web-Based Client | An application accessed through a web browser instead of a local installation. |
| Windows | Microsoft’s widely used operating system for desktops, laptops, and servers. |
| Wizard | A step-by-step tool that guides users through a process, such as installing software or configuring settings. |
| Wrapper | A program or code layer that allows one system or application to work with another. |
