IAM on Sinetris's viewpoints

Risk Owner

2025-12-07T23:58:31+00:00

2025-12-07T23:58:31+00:002025-12-07T23:58:31Zhttps://sinetris.info/glossary/risk-owner/#atom

Person directly responsible for identifying, assessing, monitoring, reporting, responding to, and defining intervention strategies in relation to risks associated with an IT asset.

Information Technology Asset

2025-12-07T23:19:32+00:00

2025-12-07T23:19:32+00:002025-12-07T23:19:32Zhttps://sinetris.info/glossary/information-technology-asset/#atom

Hardware and software (e.g., applications, systems, virtual resources, data) that an organization uses to support its business objectives.

Responsive Controls

2025-12-07T21:35:56+00:00

2025-12-07T21:35:56+00:002025-12-07T21:35:56Zhttps://sinetris.info/glossary/responsive-controls/#atom

Measures designed to respond to and rectify security violations or incidents after they have been identified.

Detective Controls

2025-12-07T21:23:57+00:00

2025-12-07T21:23:57+00:002025-12-07T21:23:57Zhttps://sinetris.info/glossary/detective-controls/#atom

Measures designed to identify, record, and report a security incident after it has occurred.

General Data Protection Regulation

2025-12-07T21:22:17+00:00

2025-12-07T21:22:17+00:002025-12-07T21:22:17Zhttps://sinetris.info/glossary/general-data-protection-regulation/#atom

Regulation that governs how the personal data of individuals in the EU may be processed and transferred.

Entitlements

2025-12-01T11:17:25+00:00

2025-12-01T11:17:25+00:002025-12-01T11:17:25Zhttps://sinetris.info/glossary/entitlements/#atom

The access rights an account has on an asset.

Access Recertification Campaigns

2025-12-01T10:25:02+00:00

2025-12-01T10:25:02+00:002025-12-01T10:25:02Zhttps://sinetris.info/glossary/access-recertification-campaigns/#atom

Periodic review of user entitlements to enforce the Principle of Least Privilege, ensure orphaned accounts are removed, and reduce internal threats and compliance violations.

Access Request

2025-12-01T10:22:15+00:00

2025-12-01T10:22:15+00:002025-12-01T10:22:15Zhttps://sinetris.info/glossary/access-request/#atom

A user-initiated process to gain permission to access an IT asset within an organization’s infrastructure.

Birthright Access

2025-11-29T15:32:02+00:00

2025-11-29T15:32:02+00:002025-11-29T15:32:02Zhttps://sinetris.info/glossary/birthright-access/#atom

Entitlements automatically granted to a user when they join an organization or change roles within it.

Orphaned Account

2025-11-29T15:24:33+00:00

2025-11-29T15:24:33+00:002025-11-29T15:24:33Zhttps://sinetris.info/glossary/orphaned-account/#atom

Account that retains access to an asset without an active owner.

Data Anonymization

2025-11-24T14:47:49+00:00

2025-11-24T14:47:49+00:002025-11-24T14:47:49Zhttps://sinetris.info/glossary/data-anonymization/#atom

The process of removing Personally Identifiable Information from a dataset in an irreversible and permanent manner. This can serve as a mechanism of privacy protection. In the context of data governance, anonymized data is no longer considered Personally Identifiable Information according to the current regulatory interpretation.

Proactive Controls

2025-11-24T12:56:03+00:00

2025-11-24T12:56:03+00:002025-11-24T12:56:03Zhttps://sinetris.info/glossary/proactive-controls/#atom

Proactive Controls are a strategy designed to prevent attacks and identify vulnerabilities before they are exploited, focusing on prediction and prevention rather than simply reacting, anticipating potential problems or targets and taking action to prepare in advance, rather than waiting for them to occur.

Preventative Controls

2025-11-24T11:42:20+00:00

2025-11-24T11:42:20+00:002025-11-24T11:42:20Zhttps://sinetris.info/glossary/preventative-controls/#atom

Designed to prevent an event or an unauthorized action from occurring.

Security Controls

2025-11-24T11:36:55+00:00

2025-11-24T11:36:55+00:002025-11-24T11:36:55Zhttps://sinetris.info/glossary/security-controls/#atom

Safeguards and countermeasures that help protect an organization’s assets, systems, and data from potential risks and threats.

Subject Matter Expert

2025-11-24T07:28:53+00:00

2025-11-24T07:28:53+00:002025-11-24T07:28:53Zhttps://sinetris.info/glossary/subject-matter-expert/#atom

A professional with in-depth, specialized knowledge in a particular field, process, or technology who acts as a trusted advisor, guiding teams, validating information, and solving complex problems to ensure accuracy, efficiency, and successful project outcomes.

Asset Administrator

2025-11-24T01:27:13+00:00

2025-11-24T01:27:13+00:002025-11-24T01:27:13Zhttps://sinetris.info/glossary/asset-administrator/#atom

Manages user roles, account assignments, and performs access reviews and audits for an IT asset.

Brute-Force Attack

2025-11-22T09:03:19+00:00

2025-11-22T09:03:19+00:002025-11-22T09:03:19Zhttps://sinetris.info/glossary/brute-force-attack/#atom

Often used to guess authentication credentials or discover hidden content/pages within a web application using a trial-and-error method.

Zero Trust

2025-11-22T08:11:15+00:00

2025-11-22T08:11:15+00:002025-11-22T08:11:15Zhttps://sinetris.info/glossary/zero-trust/#atom

Security framework that requires all users, devices, and systems, whether inside or outside the organization’s network, to be continuously authenticated, authorized, and validated before gaining access to applications and data.

Authentication Assurance Level

2025-11-22T08:02:00+00:00

2025-11-22T08:02:00+00:002025-11-22T08:02:00Zhttps://sinetris.info/glossary/authentication-assurance-level/#atom

NIST standard to assess the degree of confidence and reliability of an authentication process.

Asset Owner

2025-11-22T08:01:09+00:00

2025-11-22T08:01:09+00:002025-11-22T08:01:09Zhttps://sinetris.info/glossary/asset-owner/#atom

Person or group responsible for an IT asset.

Account Lockout

2025-11-22T08:00:36+00:00

2025-11-22T08:00:36+00:002025-11-22T08:00:36Zhttps://sinetris.info/glossary/account-lockout/#atom

A security feature typically used to prevent a Brute-Force Attack by temporarily disabling a user account after a set number of failed login attempts.

Single Source of Truth

2025-11-20T09:01:34+00:00

2025-11-20T09:01:34+00:002025-11-20T09:01:34Zhttps://sinetris.info/glossary/single-source-of-truth/#atom

Practice of centralizing all of an organization’s data related to a given subject in a single, reliable location, ensuring that every person and every system operates with the same up-to-date information.

Web Authentication

2025-11-10T15:34:37+00:00

2025-11-10T15:34:37+00:002025-11-10T15:34:37Zhttps://sinetris.info/glossary/web-authentication/#atom

Specification that defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users.

Client-to-Authenticator Protocols

2025-11-10T15:29:40+00:00

2025-11-10T15:29:40+00:002025-11-10T15:29:40Zhttps://sinetris.info/glossary/client-to-authenticator-protocols/#atom

Protocol developed by the FIDO Alliance and complementary to the W3C's WebAuthn specification that allows a client (for example, an operating system, browser, or application) to communicate with a device designed to authenticate the user.

FIDO Specifications

2025-11-10T15:10:26+00:00

2025-11-10T15:10:26+00:002025-11-10T15:10:26Zhttps://sinetris.info/glossary/fido-specifications/#atom

A set of open standards published by the FIDO Alliance for stronger, simpler, and phishing-resistant user authentication.

Information Technology Asset Management

2025-11-10T14:55:30+00:00

2025-11-10T14:55:30+00:002025-11-10T14:55:30Zhttps://sinetris.info/glossary/information-technology-asset-management/#atom

Systems to manage the lifecycle of IT assets, including tracking, maintaining and disposing of hardware and software.

Drift

2025-11-10T13:50:07+00:00

2025-11-10T13:50:07+00:002025-11-10T13:50:07Zhttps://sinetris.info/glossary/drift/#atom

Drift is the difference between the Desired State of a system and its Actual State.

Detecting and resolving this drift is essential to prevent security vulnerabilities, compliance violations, and operational failures.

Actual State

2025-11-10T13:47:54+00:00

2025-11-10T13:47:54+00:002025-11-10T13:47:54Zhttps://sinetris.info/glossary/actual-state/#atom

Current and factual condition of a system or its data as opposed to the Desired State.

Desired State

2025-11-10T13:47:45+00:00

2025-11-10T13:47:45+00:002025-11-10T13:47:45Zhttps://sinetris.info/glossary/desired-state/#atom

The planned state of a system, usually defined as data or code in a SSOT.

Segregation of Duties

2025-09-04T12:33:22+00:00

2025-09-04T12:33:22+00:002025-09-04T12:33:22Zhttps://sinetris.info/glossary/segregation-of-duties/#atom

Description

Segregation of Duties (SoD) is a mechanism designed to prevent the risks of errors and fraudulent behavior by dividing the actions required to complete a task among different employees.

Examples

To prevent financial fraud: the person approving an invoice cannot be the same person who issued it.

Reason: they could potentially approve and pay fraudulent invoices to themselves or a fictitious supplier.
To prevent both fraud and errors: the software engineer that approve code changes to critical assets cannot be the same person who submitted the changes.

Reason: they could miss mistakes made by them (prevent errors) or abuse the system to their own advantage (prevent fraud).

Non-Human Identity

2025-07-26T10:27:48+00:00

2025-07-26T10:27:48+00:002025-07-26T10:27:48Zhttps://sinetris.info/glossary/non-human-identity/#atom

Identity belonging to a machine, service account, containerized workload, or autonomous agent.

Identity and Access Management

2025-07-16T15:07:33+00:00

2025-07-16T15:07:33+00:002025-07-16T15:07:33Zhttps://sinetris.info/glossary/identity-and-access-management/#atom

Identity and access management is a framework of policies, technologies, and business processes aimed at facilitating the management of digital identities and their access.

Identity Threat Detection & Response

2025-07-16T11:30:52+00:00

2025-07-16T11:30:52+00:002025-07-16T11:30:52Zhttps://sinetris.info/glossary/identity-threat-detection-and-response/#atom

Cybersecurity discipline that includes tools and best practices for protecting user identities and identity systems from cyber threats.

Account Takeover

2025-06-25T11:55:55+00:00

2025-06-25T11:55:55+00:002025-06-25T11:55:55Zhttps://sinetris.info/glossary/account-take-overs/#atom

Gaining unauthorized access to a user account.

Information Assurance

2025-03-17T10:43:09+00:00

2025-03-17T10:43:09+00:002025-03-17T10:43:09Zhttps://sinetris.info/glossary/information-assurance/#atom

Information Assurance (IA) is the practice of assuring information quality and managing risks related to the use, processing, storage, and transmission of information.

The 5 pillars of information assurance includes protection of the Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation of information.

In IT systems, when possible, assets should be tagged/labeled with proper Information Assurance level.

Confidentiality

The property that information is not made available or disclosed to unauthorized individuals, entities, or processes.

Principle of Least Privilege

2023-08-06T10:10:15+00:00

2023-08-06T10:10:15+00:002023-08-06T10:10:15Zhttps://sinetris.info/glossary/principle-of-least-privilege/#atom

Security concept whereby a user or service is granted the minimum levels of access and authorization necessary to perform the requested task.