Enterprise Architecture

An environment or context that is defined by security policy, a security model, or security architecture to include a set of system resources and the set of system entities that have the right to access the resources.

The security requirements and methods applied by agencies to manage IT security risk including but not limited those defined in the OCIO IT security standards.

Secure segmentation is defined as implementing methods that allow for secure communication between various levels of segmented environments. These environments typically involve 4 basic segment groups:

Outside (Trust no one)
Services (Trust limited to defined segmentation lines)
Internal (Trust limited to defined group)
External users (Trust limited to defined group)

The methods for securing these segments may include but are not limited to firewall and switch/router configurations and router/switch ACLs.

A secure version of File Transfer Protocol (FTP), which facilitates data access and data transfer over a Secure Shell (SSH) data stream. It is part of the SSH Protocol. This term is also known as SSH File Transfer Protocol.

The capability of remaining or returning to a normal situation after an event by having multiple ways of performing a function.  This may include people, processes or technology.  Generally speaking, this means there would be no single point of failure that could stop a process.

A distributed system framework that uses Web protocols and technology. The REST architecture involves client and server interactions build around the transfer of resources. Systems that conform to REST principles are referred to as RESTful.

Defines the set of capabilities to manage and control a particular effort of an organization. This includes intra-agency work.

Defines the set of capabilities to manage business processes, including business process mapping, remapping, reengineering, and business process improvement efforts

Defines the set of capabilities to support the administration of a group of investments held by an organization

Physical security describes measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media in an IT facility.