Infolock & Data Risk
Management Glossary

What is the Infolock & Data Risk Management Glossary?

This glossary serves as a reference guide for anyone interested in better understanding the different terminology that experts use when discussing data risk management and its ancillary disciplines. The glossary also features Infolock-specific definitions for customer and partner reference.

Data Security Governance  

Data Security Posture Management 

Information Security 

Data Subject Access

Request Management 

Data Minimization 

Data Tokenization

Data Obfuscation 

Data Anonymization 

Data Security Governance  

Setting the rules of the road for how the protection of data is to be managed by defining who has access to what data, how data is to be stored, used, and safeguarded, and how data breaches are to be handled. It is the “decision-making” phase in an overall data protection (data security) program.  

Data Security Posture Management 

Ensures that organizations are following the rules of Data Security Governance by identifying vulnerabilities in data stores, applications, and networks, and implementing security controls to mitigate those vulnerabilities.  

Information Security 

Includes activities and technologies like endpoint security, network security, mobile device security, web and application security, data center security, and software development lifecycle security. Awareness training is an aspect of information security, as is internal and external audit and assessment.  

Data Encryption 

Security method where information is encoded and can only be accessed or decrypted by a user with the correct encryption key 

Data Subject Access

Provides individuals the right to access their personal data, as well as other supplementary information; helps individuals understand how and why their data is being used.  

Request Management

Process of tracking and managing all requests from authorized users in an organization's information technology environment.  

Data Minimization

The collection of data an organization contains should be limited in order to reduce the amount of data that can be accessed by malicious outsiders.  

Data Tokenization 

The process of replacing sensitive data with unique identification symbols ("tokens") that has no essential or exploitable value/meaning in order to store information with less chance of it being corrupted.  

Data Obfuscation 

Processes that transform data into another form in order to protect sensitive information and personal data.  

Data Anonymization

Process that removes or modifies personally identifiable information in order to create data that cannot be associated with any one place or individual in order to keep data from being easily accessed and exploited.  

API

BU

BYOD

CASB

CSSP

DAR

DIM

DIU

DCS

DLP

DRM

EDR

FTP

IdP

IP

IP

LAN

MFA

NAS

NTA

NGFW

PIR

SaaS

SAML

SASE

SDN

SD-WAN

SP

SSE

SSO

SWG

UDP

VPN

WAN

ZTNA

API

Application Programming Interface. A system of tools and resources that provides programmatic access to service functionality and data with an application or a database. Can act as the building block for developing new applications.

BU

Business Unit. A unit of an organization, generally a department, which handles a specific business need. This includes everything from HR to part-time employees. 

BYOD

Bring Your Own Device. A company policy where employees are allowed to use their own personal devices to connect to the network and access the data/system(s) they need to do their jobs. 

CASB

Cloud Access Security Broker. On-premises and cloud-based security point(s) that combine and interject policies as cloud-based resources are accessed.

CSSP

Cybersecurity Services Provider. A third-party organization that provides security services for a company to secure its assets against potential cybersecurity crimes/threats.

DAR

Data at Rest. Data stored in network-accessible data repositories, such as file systems, data bases, SharePoint, Network Discover, Network Protest, and CASB Securlets. 

DIM

Data in Motion. Data that is moving across the network and leaving the corporate premises.

DIU

Data in Use. Data that is stored and processed locally on an end-user device, such as a desktop or laptop computer.

DCS

Distributed Control Security. Computer networks used to manage and control processes. 

DLP

Data Loss Prevention. Organizational policies/solutions that detect and prevent data breaches. The goal of DLP is to ensure that sensitive data is not lost, accessed by unauthorized users, or misused. 

DRM

Data Risk Management. The organizational practice of using governance, processes, procedures, and compliance for acquiring, storing, processing, transforming, and using data to manage and eliminate data risks.  

EDR

Endpoint Detection and Response. Solutions that continuously detect and mitigate cyber threats on endpoint devices.

FTP

File Transfer Protocol. Network protocol designed to efficiently transfer files from one device on a network to another. May exist as a server that files can be uploaded to or downloaded from. 

IDP

Identity Provider. Stores and verifies user identity via a cloud-hosted service. Often works with an SSO solution to authenticate users.  

IP

Internet Protocol. Set of rules governing the format of data that allows information to be sent between devices on a network.  

IP

Intellectual Property. Confidential and proprietary information/product/code that is critical to business, operations, and competitive advantage. IP is often protected by patent or copyright law.  

LAN

Local Area Network. A series of computers linked together via TCP/IP ethernet or Wi-Fi to form a network in a specific location. 

MFA

Multifactor Authentication. Authentication method that requires the user to provide two (2) or more verification factors to gain access. Can be used with applications such as VPNs, online accounts, etc.  

NAS

Network Attached Storage. File storage that is connected to a network and provides access to multiple users. Refers to both technology and systems involved in the storage network.  

NTA

Network Traffic Analysis. Method of monitoring network activity and availability to identify anything abnormal, including security and operational issues. Extracts information about potential security threats and other IT issues across a network. 

NGFW

Next-Generation Firewall. A security device located at the frontline of a network to prevent or limit legal access to private networks by using policies that define the only traffic allowed on the network. Blocks any other traffic seeking to connect. Protects against more sophisticated threats than standard firewalls.  

PIR

Private Information Retrieval Protocol. Allows users to retrieve information from a server in possession of a database without revealing what was retrieved.  

SaaS

Software as a Service. Software licensing and distributing model where service provider(s) host applications and make them available to customers over the internet.  

SAML

Security Assertion Markup Language. Open federation standard that allows an IdP to authenticate users. Then passes on authentication token to another SP.  

SASE

Secure Access Service Edge. Security framework that delivers converged network and SaaS capabilities, such as SWG, CASB, NGFW, and ZTNA. 

SDN

Software-Defined Networking. Approach to networking that uses software-based controllers or APIs to communicate with underlying hardware and direct traffic on a network. A typical SDN architecture is comprised of three layers: (i) the application layer, (ii) the control layer, and (iii) the infrastructure layer.  

SD-WAN

Software-Defined Wide Area Network. Type of networking technology that uses SDN principles to manage, and optimize, the performance of WANs.  

SP

Service Provider. An organization that provides services. 

SSE

Security Service Edge. A convergence of network security services delivered from a purpose-built cloud platform. Can be a subset of a SASE framework. Has three pillars: (i) Access Control, (ii) Threat Protection, and (iii) Data Security.  

SSO

Single Sign-On. Identification that provides a session for user authentication that permits a user to use one set of login credentials for multiple websites and applications. 

SWG

Secure Web Gateway. On-premise or cloud-delivered network security service that sits between users and the Internet. Provides advanced network protection by inspecting web requests against organizational policies to block any unidentifiable or malicious applications/websites/users. 

UDP

User Datagram Protocol. Operates at the Transport Layer of a TCP/IP and OSI network. Ensures that traffic routed through the IP reaches to correct application running on that computer.  

VPN

Virtual Private Network. Provides encrypted server access to remote users and hides IP addresses. Protects the identity of the user and any sensitive data.  

WAN

Wide Area Networks. Large network of information not tied to a single location. Facilitates communication between offices, data centers, cloud applications, and cloud storage solutions.  

ZTNA

Zero Trust Network Access. Provides secure remote access to applications, data, and services based on clearly defined access control policies. Creates an identity and context-based boundary for data across the network.  

Cyber Resilience 

Collective Defense 

MXDR

Passwordless
Authentication 

SBOM

Cyber Resilience 

An organization's ability to continuously anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, and/or system compromises.  

Collective Defense 

An organization's ability to share threat intelligence securely and in real time to provide all members - both internally and externally to the larger sector/supply chain community - with an early warning system about potential incoming attacks.  

MXDR

Managed Extended Detection and Response. Advanced, real-time threat detection and response using advanced algorithms and machine learning. Detects potential security threats to allow organizations the ability to respond quickly, effectively preventing security breaches and minimizing the impact of attacks that occur.  

Passwordless Authentication 

A verification method where users gain access to networks/applications/systems without a knowledge-based factor, such as password, security question, or PIN. The user instead provides something physical, like biometric evidence (such as face or fingerprint scans) or hardware. 

SBOM 

Software Bill of Materials. A nested inventory that makes up software components. A key building block in software security and supply chain risk management.  

Data Risk Management 

Information Governance 

Data Security 

Data Privacy 

Data Compliance 

Data Management 

Data Risk Management Program Build (or DRM Program Build) 

Data Risk Management 

A strategic business discipline for analyzing and mitigating threats to an organization's data assets. Identifies, assesses, and controls both downside and upside risks to data.  

Information Governance 

Encompasses the policies, standards, processes, procedures, metrics, and roles guiding an organization's efficient and effective use of data.  

Data Security 

Involves protecting data and information assets from unauthorized access, use, disclosure, disruption, modification, or destruction from threats impacting confidentiality, integrity, and availability. 

Data Privacy 

Involves protecting an individual's personal information. It is typically driven by statutory requirements (laws), industry regulations (rules), and customer agreements (contracts).  

Data Compliance 

The process of ensuring that an organization complies with applicable laws and regulations related to data. Data compliance includes data privacy compliance (with GDPR, for example) and data security compliance (with HIPAA Security Rules, for example). 

Data Management 

The technical administration of data, including its collection, acquisition, definition, architecture, storage, master/reference structure, metadata catalog, integration, availability, and quality controls. 

Data Risk Management Program Build (or DRM Program Build) 

A multi-phased service offering that builds out an effective Data Risk Management (DRM) Program by assessing a customer's data risk and the capacity to manage it. Once gaps are identified, Infolock develops and guides customers through a sustainable, cost-effective plan for program implementation of a sustainable, cost-effective plan for program implementation and management. When properly implemented, a DRM Program Build can effectively support ongoing strategic business objectives and provide meaningful risk reduction to the organization. 

Data Risk Management Maturity Model 

Data Risk Management Maturity Score 

Specious

Aspirational 

Defined

Implemented 

Operationalized

Optimized

Data Risk Management Maturity Model 

Assesses the current effectiveness of an organization's Program and how it supports ongoing organizational DRM initiatives. 

Data Risk Management Maturity Score 

The level - or score - of the effectiveness of an organization's Program based on the DRM Maturity Model.  

Specious 

The organization believes DRM is taking place, without - or contrary to - evidence. 

Aspirational 

The organization understands the need for DRM but does not have defined goals or requirements. 

Defined

The organization's Risk Tolerances, Roles, and DRM Goals have been defined. 

Implemented

The organization's data risk guidance has been translated into technical visibility and monitoring.  

Operationalized

The organization has operationalized guidance and technical findings into repeatable and measurable risk reduction processes. 

Optimized

The organization has reached the most mature state. An ongoing process where all the requirements of Governance, Visibility, and Protection have been operationalized. Users can proactively address risk before it becomes likelihood.  

Analytics and Reporting Templates 

BUDRA

BUDRA Findings and Recommendations Document 

Classification Schema 

Controls Assessment Report 

Data Classification  

Data Inventory 

Data Inventory Findings and Recommendations  

Data Risk Management Program Build 

Data Risk Index 

Enterprise Incident Response Runbook 

Findings and Recommendations Document  

Labeling Program Implementation Plan 

Data Risk Management Program Maturation Roadmap 

Tier-2 IR Runbook  

Analytics and Reporting Templates 

Best practice reporting and analysis recommendations for the Programmatic, Strategic, and Operational aspects of a DRM Program that will align with customer needs and will support business objectives. 

BUDRA

Business Unit Data Risk Assessments. Assessments conducted by Infolock with  a customer's business units to provide insight into what sensitive data the organization has and how it is used. These consist of in-depth interviews with BU stakeholders to discover processes used by BU employees to acquire, process, transmit, store, and share sensitive data. 

BUDRA Findings and Recommendations Document 

Deliverable that outlines the findings of the Business Unit Data Risk Assessments, as well as recommendations for improved data risk management.  

Classification Schema 

Data classification schema with associated descriptions and usage recommendations.  

Controls Assessment Report 

A review of the initial DRI findings to identify the client’s strengths and gaps in respect to its data control vectors, as well as provide prioritized recommendations for addressing risk. 

Data Classification  

A comprehensive data governance strategy — including policies, standards, tagging schemas, and operational plans — that align with organizational and regulatory requirements, and balance technical capabilities. See further information under Data Classification section. 

Data Inventory 

Provides a comprehensive report on an organization’s stored sensitive data assets, including location, ownership, and sensitivity. See further information under Data Discovery section. 

Data Inventory Findings and Recommendations 

Ann "at a glance" review of stored sensitive at risk findings and subsequent recommendations for adjudication and remediation.  

Data Risk Management Program Build 

A multi-phased service offering that starts with a systematic analysis of an organization’s data risk, along with their capacity to manage it. See further information under Expertise section. 

Data Risk Index 

Provides visibility into sensitive data and the owners and business practices that leverage it.  

Enterprise Incident Response Runbook 

Runbook that provides incident response and remediation steps for data incidents.  

Findings and Recommendations Document  

Summarized and documented findings and facilitated recommendations identified during the DRM Program Assessment. 

Labeling Program Implementation Plan 

Document that outlines the implementation of an organization wide Labeling Program based on findings labeling pilots and user acceptance testing.  

Data Risk Management Program Maturation Roadmap 

Prioritized implementation timeline of DRM Program objectives that consist of the recommendations from the DRM Program Findings and Recommendation report that follows a DRM Program Assessment. 

Tier-2 IR Runbook  

Document that outlines the incident response procedures for data-events that have been escalated from tier-1 response teams.  

Data Discovery
(industry definition)

Data Inventory
Solution 

Data Discovery (industry definition) 

The process of identifying and locating data assets within an organization, including structured and unstructured data stored in databases, data warehouses, file systems, and other repositories. 

Data Inventory Solution 

Infolock's data inventory solution provides a comprehensive report on an organization's data assets, including location, ownership, and sensitivity. Infolock works to understand an organization's unique data discovery needs, including compliance requirements, technologies in scope, repositories to be scanned, and the types of data to be analyzed. 

Data Classification
(industry definition) 

Data Classification
Solution 

Data Classification (industry definition) 

The process of categorizing data for sensitivity, business criticality, and confidentiality. The purpose of data classification is to identify the value of data assets and determine what protection controls are required.  

Data Classification Solution 

Infolock's data classification solution provides a comprehensive data governance strategy - including policies, standards, tagging schema, and operational plans - that align with organizational and regulatory requirements, as well as balance technical capabilities. Data Classification allows Infolock to configure data tagging technology, provide operational guidance, and support user acceptance testing, use case testing, exception handling, and product deployment.  

Data Loss
Prevention 

Data Loss Prevention
Solutions 

INSIGHT Appliance
& Support 

Professional
Services 

Solution Critical
Care (SCC

Managed Data Loss
Prevention (MDLP) 

Data Loss Prevention 

A set of security technologies, processes, and policies that help organizations prevent sensitive data from being lost, stolen, or exposed. DLP solutions are designed to identify, monitor, and protect sensitive data as it moves across networks, endpoints, storage repositories, and cloud environments. 

Data Loss Prevention Solutions 

Infolock maintains a wide variety of DLP-related solutions, including:

• INSIGHT Appliance & Support
• Professional Services
• Solution Critical Care (SCC)
• Managed Data Loss Prevention (MDLP)

INSIGHT Appliance & Support 

Infolock's proprietary INSIGHT DLP Appliance is a customizable and scalable hardware appliance specifically designed for Symantec's Data Loss Prevention suite. Appliance customers also receive on year of INSIGHT Support, which provides 24/7 hardware troubleshooting and break-fix assistance. INSIGHT Support is renewable on an annual basis.  

Professional Services 

Infolock offers technical expertise in the design, architecture, implementation, support, and maintenance of DLP. Common Professional Services engagements include:

• DLP Implementations
• DLP Upgrades
• Health Checks
• Policy Development
• Policy Review

Solution Critical Care (SCC) 

Infolock's advanced support solution that goes beyond troubleshooting and break-fit support by providing architecture and environment issues, and even policy development. SCC also includes Value-Added Services like an annual DLP health check and application upgrade. 

Managed Data Loss Prevention (MDLP) 

Infolock's MDLP solution provides outsourced management of organization's DLP and CASB solutions. Infolock's MDLP customers also gain access to the Infolock Data Analytics Platform (IDAP), an analytics dashboard that displays near real-time DLP program metrics and, in tandem with our Managed Services team, serves as visualization for operational and strategic DLP-related friends. 

Data Recovery

Data Resilience

Data Recovery &
Resilience Solution 

Data Recovery 

The process of restoring data that has been lost or damaged. This can be done through a variety of methods, such as restoring from a backup, using a data recovery tool, or manually restoring files. 

Data Resilience 

The ability of a system to withstand and recover from a data loss event. This includes having a backup plan in place, using data protection technologies, and having a disaster recovery plan. 

Data Recovery & Resilience Solution 

Infolock's recovery and resilience solution delivers a "planning plus the platform" model to organizations that engages a strategic program development component and a technical platform component to ensure an organization can proactively limit operational impacts from data loss incident(s). Our solution is to work closely with customers to deeply understand their business needs, identify their critical data assets, map their existing infrastructure and tools, and increase operational resilience overtime.  

Advisory Services 

Managed Services 

Professional Services 

Solution Critical Care 

Value-Added Services ​

INSIGHT DLP Appliance 

INSIGHT Support 

Advisory Services 

A consultative service offering to guide customers through the paradigm shift of learning how to see data as a strategic asset that requires intentional and meaningful risk assessment.  

Managed Services 

Consists of systematic program development and management that monitors, controls, secures, protectors, and improves a customer's data use.  

Professional Services 

Infolock's hands-on provision of design, architecture, consulting, design, maintenance, implementation, and support for multiple data security tools. This includes guidance on the integration, maturation, and growth of these tools into an organization's data risk management program. See further information under DLP Expertise section. 

Solution Critical Care 

Infolock's advanced support solution that goes beyond troubleshooting and break-fix support by providing expert assistance with configuration questions, architecture issues, and policy deployment. See further information under DLP Expertise section. 

Value-Added Services 

Services that take place in addition to the Support Services provided by Infolock's Solution Critical Care team. These activities are performed on a pre-scheduled basis and provide additional value to SCC customers. Infolock's Value-added Services take the time - and thought - to maintain customer in-scope products off the customer and puts Infolock at the front line for product health and effectiveness.  

INSIGHT DLP Appliance 

Also known as the INSIGHT DLP Appliance Configuration Tool (IDACT). Infolock's proprietary DLP appliance is a customizable and scalable hardware appliance specifically designed for Symantec's DLP suite. The Appliance(s) come with pre-installed DLP software and provides a stable environment for the rapid deployment of DLP, as well as prevents customers from having to procure additional DLP hardware themselves. Appliance customers also have access to Infolock's DLP subject matter expert and unparalleled support for their DLP environment(s). See further information under DLP Expertise section.

INSIGHT Support 

Support services for INSIGHT Appliance customers. Provides first line defense for trouble-shooting INSIGHT DLP Appliance hardware related issues, access to Infolock's extensive DLP product knowledge, hardware parts replacement within 48 hours, and one (1) free DLP version upgrade every twelve (12) months, and more. See further information under DLP Expertise section. 

Annual Program Plan (APP) 

Daily Status Report 

DLP Administration Runbook 

Incident Response Runbook 

Infolock Data Analytics
Platform (IDAP)

Managed Data Loss
Prevention (MDLP) Services 

Managed Data Risk
Management (MDRM) Services

Operational Report 

Quarterly Reviews 

Annual Program Plan (APP) 

An annual report that outlines the customer’s maturity assessment results and score, annual program objectives, and associated timelines. 

Daily Status Report 

A daily view of system status. 

DLP Administration Runbook 

A playbook that outlines the tasks and procedures performed by Infolock Managed Services to maintain DLP system operability and efficiency. 

Incident Response Runbook 

A playbook that outlines the tactical implementation of a customer’s Incident Response strategy, to include customized procedures, workflows, and important contacts. 

Infolock Data Analytics Platform (IDAP) 

IDAP is an analytics dashboard hosted by Infolock, driven by Azure and Power BI, and customized for each customer. It displays near real-time DLP program metrics, and in tandem with our Managed Services team, serves as visualization for operational and strategic DLP-related trends – an element often missing natively from DLP solutions, and a challenge for DLP program stakeholders.  

Managed Data Loss Prevention (MDLP) Services 

Provides outsourced management of an organization's DLP and CASB solutions. See further information under the DLP Expertise section.  

Managed Data Risk Management (MDRM) Services 

Combines operational capabilities of Managed DLP with the core elements of the DRM Program Build offering to enable customers to evolve and enhance their data risk management strategy. See further information under the DLP Expertise section. 

Operational Report 

A weekly report that covers discussion points, tasks, and progress for the week.  

Quarterly Reviews 

Quarterly meetings to review program plan objectives, as well as progress to date and other insights. 

DLP Maturity Model 

DLP Maturity Score 

DLP Program Health Check 

Program Maturity
Development Plan 

Ad Hoc 

Repeatable 

Defined 

Measured 

Optimized

Policy Score 

Technical Score 

Engagement Score 

DLP Maturity Model

Proprietary assessment and method for visualizing the maturity of DLP programs developed by Data Risk Management experts to equip organizations to continuously mature and maintain effective DRM Programs.  

DLP Maturity Score 

The score assigned to organization's DLP programs based on an assessment using the DLP Maturity Model. 

DLP Program Health Check 

An assessment of an organization's DLP program that reviews the DLP program's program engagement, policies, and technical features. The Health Check is used by Infolock to develop a Program Maturity Development Plan. 

Program Maturity Development Plan 

Identifies the current and desired state of the program, as well as a scheduled plan of action to achieve the goals of the Health Check. 

Ad Hoc 

A program that is occasional, not consistent, or planned, and disorganized.  

Repeatable

A program that is intuitive and not documented, and only occurs when necessary. 

Defined

A program that is documented, predictable, occasionally evaluated, and understood.  

Measured

A program that is well-managed, formal, often automated, and evaluated frequently. 

Optimized 

A program that is continuous and effective, integrated, proactive, and usually automated. 

Policy Score

Evaluates detection mechanisms utilized by a customer's DLP environment, including their efficiency and efficacy. 

Technical Score 

Assesses the different vectors (DIM, DIU, DAR) as well as general technical aspects of the DLP environment. 

Policy Score

Evaluates detection mechanisms utilized by a customer's DLP environment, including their efficiency and efficacy. 

Architecture Questionnaire 

Functional Validation Report 

Health Check 

Health Check Information
Gathering Checklist 

Health Check Report 

Implementation 

Implementation Summary

Knowledge Transfer 

Policy Review 

Policy Review Document 

Pre-Installation Checklist 

Project Plan 

Solution Design Document 

Technical Design Document 

Technical Needs Evaluation 

Training

Training Requirements
Checklist 

Training Schedule 

Upgrade Plan 

Upgrade Summary 

Architecture Questionnaire 

A questionnaire provided by Infolock that requests information on a customer's architecture. The questionnaire also provides technical pre-requisites that the customer must complete prior to any implementation or upgrade work. 

Engagement Score 

Measures both the customer's internal interaction with end users regarding DLP incidents and communication between customer and Infolock.  

Functional Validation Report 

A summary of the results of the functional validation of the in-scope product components. 

Health Check 

An assessment of an organization's product environment that reviews policies and technical features. The Health Check is used by Infolock to develop a Health Check Report and best practices and recommendations. 

Health Check Information Gathering Checklist 

Checklist that outlines the technical activities that must be completed before the Infolock Team can perform the Health Check of the in-scope product(s) in the customer's environment. 

Health Check Report 

A report provided by Infolock on the Health Check assessment of a customer's product environment, including information on the analysis conducted, technical areas of improvement, and other best practice recommendations.  

Implementation 

The method of systematically and effectively integrating a product into the customer's environment so that it does not interrupt business processes, but rather integrates seamlessly into the environment to be able to support product objectives.  

Implementation Summary 

A summary of the product implementation, including information related to the maintenance of product operations.  

Knowledge Transfer 

The process of helping the customer to identify the features and apply basic configurations to the product that we deployed. Infolock provides the customer with the knowledge of how to use the product, including how to do basic administration and configuration tasks, to ensure product health and sustainability post-implementation. 

Policy Review 

An assessment of the policies that a customer has active within their DLP (or other in-scope product) environment. During the assessment, Infolock compares customer's current policies against industry and vendor best practices.  

Policy Review Document 

A report on the assessment of a customer's policies that includes findings and gaps, recommendations, and configuration information.  

Pre-Installation Checklist 

Checklist that outlines the technical activities that must be completed before the Infolock Team can remotely install the in-scope product(s) in the customer's environment. 

Project Plan 

A blueprint of the activities to be created during the course of the implementation activities as a part of the engagement.  

Solution Design Document 

A system architecture design document used to illustrate how the in-scope product will be implemented. 

Technical Design Document 

A design document that will illustrate how the in-scope product components will be implemented in a customer's environment.  

Technical Needs Evaluation 

An evaluation that provides visibility into an organization's ability to manage data risk. Infolock leverages DataRAMPTM to evaluate the current state of the customer's DLP and other security products and how well they protect their organizational data. 

Training  

The process of educating the customer on the product with predefined content (usually requires a Lab or non-production environment). 

Training Requirements Checklist 

A checklist provided to the customer prior to training provided by Infolock to collect information necessary to build out training for the customer's environment and technical personnel.  

Training Schedule 

A schedule of the training to be provided to the customer on the in-scope product(s). 

Upgrade Plan 

A document detailing the process (methodology, steps, and order of activities) that Infolock will use to upgrade the customer's production and/or test environments.  

Upgrade Summary 

A report detailing the work performed during the upgrade and the state of the upgraded product in customer's environment post-upgrade. 

Bi-weekly Status Calls

Technical Health Check 

Application Upgrade 

Policy Review & Recommendations 

Architectural Review & Recommendations 

Training

Policy Development 

Support Manager 

Support Manager 

Consulting Services Engineer 

SCC for Broadcom Application 

Support Management 

Value-added Services 

SCC Portal 

Severity 1 

Severity 2 

Severity 3 

Severity 4 

Critical Issues 

Non-critical Issues 

Bi-weekly Status Calls 

An operational call between the SCC team and the customer. Held on a biweekly (once (1x) every two (2) weeks) basis to review open issues, discuss upcoming Value-added Activities, and/or otherwise discuss the status of the customer’s application(s) environment(s).  

Technical Health Check 

The primary CSE for the application will perform an assessment of customer’s application environment, to include system performance analysis, assessment of system functionality, review of configurations and settings; the primary deliverable of this activity will be a findings report with recommendations for improving overall system health. The Technical Health Check provides perspective on the state of the customer's applications.  

Application Upgrade 

The primary CSE for the application will perform an application upgrade of software components, including a functional validation of software and related integration points post-upgrade; if endpoint agents are in scope for the upgrade, the CSE will prepare an endpoint agent package and test it on up to five (5) endpoints, however, customer will be responsible for deployment of any agents to users. By conducting upgrades on the in-scope applications, Infolock gives time back to customer technical teams.  

Policy Review & Recommendations 

The primary CSE will conduct a review of system policies and/or perform an analysis of policy effectiveness according to customer’s policy objectives; the primary deliverable of this activity will be a findings report with recommendations for improving policy efficiency. Infolock's SMEs provide insight into how to better write - and use - policies to protect the customer's data environment.  

Architectural Review & Recommendations 

The primary CSE for the application will review system architecture and analyze system capacity; the primary deliverable of this activity will be a findings report with recommendations for improving system performance and/or accommodating additions in functionality. Infolock's SMEs provide guidance on how to improve the current state of the customer's environment.  

Training

The process of educating the customer on the product with predefined content (usually requires a Lab or non-production environment). 

Policy Development 

The development of policies for a customer's in-scope product(s) that will leverage Infolock's subject matter expertise and industry knowledge to better protect the customer's data. By leveraging Infolock's knowledge and expertise in the development of new policies, customers can be confident in the strength and efficacy of their policies.  

Support Manager 

Coordinates Support Activities and Added-value Activities; leads check-in calls; reports on services-related metrics (as needed). 

Technical Services Engineering Team 

Performs issue triage and initial issue troubleshooting for help requests. 

Consulting Services Engineer 

Performs advanced troubleshooting for help requests; responds to application-related questions; performs Added-value Activities. 

SCC for Broadcom Application 

Technical troubleshooting related to issues with in-scope Broadcom applications and consulting assistance related to those applications, including, but not limited to:

• Recommendations for application configuration
• System settings
• Policy settings and behavior
• Agent configuration
• System integration settings

Support Management 

Assistance with coordinating and scheduling ticket follow-up and work sessions, facilitating communication between customer and Infolock, and reporting on Services-related metrics. 

Value-added Services 

Services that take place in addition to the Support Services provided by Infolock's Solution Critical Care team. These services are performed on a pre-scheduled basis and provide additional value to SCC customers. Infolock's Value-added Services take the time - and thought - of maintaining in-scope products off the customer and puts Infolock at the front line for product health and effectiveness.  

SCC Portal 

The SCC Portal is a Web-based support interface that allows customers to submit help requests and/or request  Value-Added Services. Customers may also take advantage of the SCC team’s library of knowledge articles, which is added to on a regular basis. 

Severity 1   

There is a major problem impacting a mission-critical Production system for which there is no immediate workaround. The customer has opened a Sev 1 ticket with vendor support and would like additional assistance with troubleshooting 

Severity 2 

There is a problem that is impacting a mission-critical Production system. The customer can work around it in the short term, but long-term productivity may be affected if not resolved. The customer has opened a Sev 2 ticket with vendor support and would like additional assistance with troubleshooting. 

Severity 3 

A problem exists but it is not impacting business operations. The customer may or may not have opened a ticket with vendor support. The customer would like assistance troubleshooting and/or has questions in re: to application configuration, functionality, settings, behavior, etc. related to the problem. 

Severity 4 

No problems exist but the customer has a question regarding application functionality, configurations, settings, behavior, etc.  

Critical Issues 

Issues that fall into the Severity 1 and Severity 2 categories.  

Non-critical Issues 

Issues that fall into the Severity 3 and Severity 4 categories.  

DataRAMP 

Governance

Visibility

Solution Critical Care 

DataRAMP

Infolock's proprietary Data Risk Management Framework, DataRAMP is the industry's only control framework that empowers organizations to understand and manage data risk in the same manner as other organizational risks, such as financial, competitive, and regulatory risk. DataRAMP provides a structured set of guidelines, standards, and best practices for data risk management and leverages three (3) control families to enable organizations to assess their data risk posture, prioritize their data risk investments, and continuously improve their data risk management program overtime.  

Governance

Looks at the organization's structure, primarily focused on program ownership and charter guidance in the form of policies and standards, risk metrics, goals, reporting, and resourcing.  

Visibility

Protection

Focuses on consistently enforcing data security requirements, verifying data is appropriately secured, and providing response and remediation as incidents occur.  

AS

BUDRA

IDACT

IDAP

KT

MS

PS

SAF

SCC

AS

Advisory Services. A consultative service offering to guide customers through the paradigm shift of learning how to see data as a strategic asset that requires intentional and meaningful risk assessment. 

BUDRA

Business Unit Data Risk Assessments. See further information under the DRM Program Build section.

IDACT

INSIGHT DLP Appliance Configuration Tool. The INSIGHT Appliance. See further information under the Services section. 

IDAP

Infolock Data Analytics Platform. See further information under the Managed Services section. 

KT

Knowledge Transfer. See further information under the Professional Services section. 

MS

Managed Services. Provides incident response, application administration, and program development services for Symantec DLP, Microsoft DLP, and other security and data risk management solutions. MS’ incident response responsibilities include the initial triage of DLP events, (“incidents”), dismissal or escalation to customer contacts, and overall management of workflow and incident lifecycle.  

PS

Professional Services. Provides support on the design, architecture, implementation, support, and maintenance of data security tools. Infolock provides professional service support for technical implementations, health checks, policy, and architecture reviews, and more.  

SAF

Service Acceptance Form. A form provided to the customer at the end of each project phase that details the services and deliverables completed during that phase. A customer will have the opportunity to either accept the services as delivered or provide comment on any perceived discrepancies between scope and deliverables. 

SCC

Solution Critical Care. Provides clients with access to Infolock’s team of engineering and consulting experts for Support (reactive) and Value-added (proactive) services in support of its Symantec application environments.