Acronyms used in the Workspace ONE Security Series

Overview

This document provides a list of acronyms and respective definitions that you may encounter in the Workspace ONE security series, including VMware Compliance with the 14 NCSC Cloud Security Principles and Workspace ONE Cloud Services Security.

A - B

Acronyms from A through B:

  • ACL - Access control list (ACL)
  • ACSC - Australian Cyber Security Centre (ACSC)
  • AD - Active Directory (AD)
  • ADFS - Active Directory Federation Services (ADFS)
  • AES - Advanced Encryption Standard (AES)
  • AES-256 - 256-bit Advanced Encryption Standard (AES)
  • AMI - Amazon Machine Images (AMI)
  • AOC PCI - PCI Attestation of Compliance (AoC)
  • APAC - Asia-Pacific region (APAC)
  • API - Application programming interface (API)
  • ASF - Defensive-centric perspective (ASF)
  • AV - Anti-virus (AV)
  • AWF - Alternative workforce (AWF)
  • AWS - Amazon Web Services (AWS)
  • AZ - Availability Zone (AZ)
  • BC - Business Continuity (BC)
  • BCR - Binding Corporate Rules (BCRs)
  • BSIMM - Building Security in Maturity Model (BSIMM)
  • BYO - Bring your own (device (BYOG) or key (BYOK))

C - D

Acronyms from C through D:

  • CA - Certificate Authority (CA)
  • CAIQ - Cloud Security Alliance Consensus Assessments Initiative Questionnaire (CAIQ)
  • CCDA - Cisco Certified Design Associate (CCDA)
  • CCSP - Certified Cloud Security Professional (CCSP)
  • CCTV - Closed Circuit Television Camera (CCTV)
  • CD - Continuous Delivery (CD)
  • CDN - Content Delivery Network (CDN)
  • CI/CD - Continuous integration, continuous deployment pipeline (CICD)
  • CIPM - Certificate in Investment Performance Measurement (CIPM
  • CIPP/E - Certified Information Privacy Professional/Europe (CIPP/E)
  • CIS - Center of Internet Security (CIS) Benchmarks
  • CISM - Certified Information Security Manager (CISM)
  • CISSP - Certified Information Systems Security Professional (CISSP)
  • CSA - Cloud Security Alliance (CSA)
  • CSRF - Cross-site request forgery (XSRF or CSRF)
  • CVSS - Common Vulnerability Scoring System (CVSS)
  • DBMS - Database management systems (DBMS)
  • DDoS - Distributed denial of service attacks (DDOS)
  • DEK - Data encryption key (DEK)
  • DLP - Data loss prevention (DLP)
  • DoD - U.S. Department of Defense (DoD)
  • DPA - Data Protection Act (DPA)
  • DR - Disaster Recovery (DR)
  • DS - Device Services (DS)

E - L

Acronyms from E through L:

  • EEA - European Economic Area (EEA)
  • ENS - Email Notification Service (ENS)
  • ETL - Intelligence Connector (ETL)
  • EUD - End user device (EUD)
  • FADP - Federal Act on Data Protection (FADP)
  • FCAPS - Fault, Configuration, Accounting, Performance, and Security (FCAPS)
  • FedRAMP - Federal Risk and Authorization Management Program (FedRAMP)
  • GDPR - General Data Protection Regulation (GDPR)
  • GPO - Group Policy Object (GPO)
  • HSTS - HTTP Strict Transport Security (HSTS)
  • IaaS - Infrastructure-as-a-Service (IaaS)
  • ICT - Information and communications technology (ICT)
  • IdP - Identity Provider (IdP)
  • IDS - Intrusion Detection System (IDS)
  • IRAP - Infosec Registered Assessors Program (IRAP)
  • ISGC - Information Security Governance Committee (ISGC)
  • ISM - Information Security Manual (ISM)
  • ISMS - Information Security Management System (ISMS)
  • ISO - International Standards Organization (ISO)
  • IVR - Interactive voice response system (IVR)
  • JIT - Just-in-time (JIT)
  • KMS - Key Management Service (KMS)
  • L7 - Layer 7 or application layer
  • LMS - Learning Management System (LMS)

M - P

Acronyms from M through R:

  • MFA - Multi-factor Authentication (MFA)
  • Microsoft EAS - Microsoft Exchange ActiveSync (EAS)
  • N+1 power - there is a power backup in place should any single system component fail
  • NCSC - UK National Cyber Security Centre (NCSC)
  • NDA - Non-disclosure agreement (NDA)
  • NIST - National Institute of Standards and Technology (NIST)
  • OAuth - Open authorization (OAuth)
  • OCSP - Online Certificate Status Protocol (OCSP)
  • OSINT - Open-source intelligence (OSINT)
  • OSS/TP - Open-source and third-party software validation (OSS/TP)
  • OSSTMM - Open Source Security Testing Methodology Manual (OSSTMM)
  • OWASP - Open Web Application Security Project (OWASP)
  • PBKDF2 - Password Based Key Derivation Function 2 (PBKDF2)
  • PCI-DSS - Payment Card Industry Data Security Standard (PCI-DSS)
  • PDU - Power distribution unit (PDU)
  • PGP - Pretty Good Privacy (PGP)
  • PII - Personally Identifiable Information (PII)
  • PIV-D - Workspace ONE PIV-D Manager
  • PKCS12 - A binary format for storing a certificate chain and private key in a single, encryptable file (PKCS12)
  • PKI - Public key infrastructure (PKI)
  • PSR - Product Security Requirements (PSR)

R - S

Acronyms from R through S:

  • R&D - Research and development (R&D)
  • RA - Registration Authority (RA)
  • RBAC - Role-based access controls (RBAC)
  • REST API - Representational State Transfer (REST) and an architectural style for distributed hypermedia systems
  • RPO - Recovery point objective (RPO)
  • RSA - Rivest–Shamir–Adleman (RSA)
  • RTO - Recovery Time Objective (RTO)
  • S/MIME - Secure/Multipurpose internet Mail Extensions (S/MIME)
  • SaaS - Software-as-a-Service (SaaS)
  • SAFECode - Software Assurance Forum for Excellence in Code (SAFECode)
  • SAML - Security Assertion Markup Language (SAML)
  • SANS/CWE - aka Common Weakness Enumeration (CWE/SANS)
  • SCC - Standard contractual clause (SCC)
  • SCRUM - A method used when developing a new product in which a team is allowed to organize itself and make changes quickly as possible (SCRUM)
  • SDK - Software Development Kit (SDK)
  • SDL - Security Development Lifecycle (SDL)
  • SDLC - Software Development Life Cycle (SDLC)
  • SIEM - Security information management (SIM) and security event management (SEM) combined (SIEM)
  • SLA - Service level agreements (SLA)
  • SME - Subject Matter Experts (SMEs)
  • SOC - Service Organization Control (SOC), when referencing SOC 2 Type 2 audits
  • SOC - VMware Security Operations Center (VMware SOC), when referencing incident response, logging, and monitoring
  • SSH - Secure shell (SSH)
  • SSL - Secure Sockets Layer (SSL)
  • SSO - Single Sign-On (SSO)
  • SSP - Self-Service Portal (SSP)
  • STRIDE - Spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE)

T - Z

Acronyms from T through Z:

  • TLS - Transport Layer Security (TLS)
  • TOTP - Time-based one-time password (TOTP)
  • TOU - Terms of Use (TOU)
  • VCP - VMware Certified Professional (VCP)
  • VMC on AWS - VMware Cloud on AWS
  • VMware EEA BCRs - VMware Binding Corporate Rules (VMware's EEA BCRs)
  • VPN - Virtual private network (VPN)
  • vSECR - VMware Security Engineering, Communications & Response (vSECR)
  • VSRC - VMware Security Response Center (VSRC)
  • WAF - Web application firewall (WAF)
  • WEB/APP - Web and app layers
  • XSRF-TOKEN - Cross-site request forgery (XSRF or CSRF)

Feedback

Your feedback is valuable.

To comment on this paper, contact VMware End-User-Computing Technical Marketing at euc_tech_content_feedback@vmware.com.


Filter Tags

Workspace ONE Workspace ONE UEM Document Fundamental Overview