
Glossary of Terms
This document contains definitions for terms that are used throughout the Clemson University (hereinafter, the “University”) Information Security policies and procedures.
Acceptable Use | An individual’s permitted activities while utilizing IT Resources of the University in accordance with the policies and procedures, and applicable state and federal laws. |
---|---|
Affiliate | An individual in a non-paid relationship with any department, school or college who requires access to university systems such as email. (Examples: Campus ministers, emeritus faculty, visiting scholars and volunteers.) |
Chief Information Officer (“CIO”) | Senior-level employee with overall responsibility for the University’s IT Resources. |
Chief Information Security Officer (“CISO”) | Senior-level employee with delegated responsibility for securing the University’s IT Resources. |
Clemson Computing and Information Technology (“CCIT”) | Department of the University that manages and administers the IT Resources of the Univesity. |
Computer Network | The means through which Data and Information is transferred between IT Resources and Information Systems. This includes Employee wired/wireless access, guest wired/wireless access, virtual private network (“VPN”), and local network connections. |
Computing Device | General term that includes computer desktops, laptops, tablets, smartphones, and other specialized IT equipment. |
Cyber Security | The ability to protect electronic IT Resources that are accessible via internal University networks or the internet. |
Cyberspace | Virtual computer world (e.g., the Internet) used to facilitate online global communications. |
Compensating Control | Mechanism put in place to satisfy a security measure that may be impractical to implement for a system or process. |
Department | Operating unit of the University, which include colleges, schools, research, business, or service centers. |
Data | Individual facts, statistics, or source information stored for reference or analysis . |
Data Trustee | Executive leaders responsible for Data policies that promote the quality, access, inventory, definition, security, and Acceptable Use of Data across the University. |
Employee | Any person in a non-student position at Clemson University who receives compensation from the University and where the University has the right to control and direct how the work is performed. |
Endpoint | Any device that connects to the Clemson network, and includes any desktop or laptop purchased by Clemson and issued to a user. |
Information | Data that is processed, organized, and structured. It provides context for the Data and enables decision making. |
Information Security | The protection of IT Resources from unauthorized access, use, disclosure, disruption, modification, or destruction, with the goal of providing confidentiality, integrity, and availability. |
Information Security Incident | An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an Information System or the Information the Information System processes, stores, or transmits or that constitutes a violation or imminent threat of violation of Information Security policies, Information Security procedures, or Acceptable Use policies. |
Information System | An integrated set of components, such as hardware and software, for collecting, storing, and processing Data and thereby providing Information. |
Information System Owner | Any person that is responsible for Information Security and overall operations of a specific University Information System. |
Information Technology (“IT”) | The use of Computing Devices and Computer Networks to create, process, store, retrieve and exchange electronic Data and Information. |
IT Consultant | Person(s) responsible for the support of Information Systems and services. Responsibilities include, but are not limited to, the implementation, configuration, maintenance, and decommissioning of Information Systems and services. |
IT Credentials | The combination of a User Account and password that controls access to Data, Information, Computing Devices, Computer Networks, or Information Systems. Two-factor controls are also a part of IT Credentials. |
IT Resources | Includes Computer Networks, Computing Devices, and Information Systems used to store, process, or transmit Information and/ or Data, and additionally includes all such Information and Data. |
Office of Information Security (“OIS”) | The University’s Information Security office that is responsible for coordinating the development and dissemination of Information Security policies, standards, and guidelines. |
Principle of Least Privilege | Concept that User Accounts are granted as few privileges as possible to IT Resources, and that access is based on roles and responsibilities. |
User | Individuals with electronic access to the University’s IT Resources. This includes employees, students, visitors, contractors, and others granted access to the IT Resources. |
User Account | An identity created for a User in a Computing Device for accessing IT Resources. Accounts contain a unique username or login ID and require a password or other IT Credentials to successfully authenticate. |