Glossary

Access Key:
An Access Key is a secret key created for you when you start to connect a Room to your infrastructure and is required by the Gateway Agent to connect to that room. It uniquely identifies the Gateway Agent to a particular Room's Gateway Service for establishing the connection. You can regenerate a new Access Key as required so secure storage of this key for future use (e.g. moving the agent) is optional.

Activity Stream:
The Activity Stream for a room or organization shows all the activity that has taken place on or to the room or organization since its creation. Examples of activity include (but is not limited to) the addition of members to an organization or room, the creation of a desktop within in a room etc.

Asset:
An Asset is a resource or service in your infrastructure (internal network, cloud, ...) that you want to access from the room. You store the list of assets in an encrypted secrets vault.

Application (Desktop Application):
An application installed on a desktop.

Desktop:
A shared or individual virtual desktop computer hosted in a Room. From the desktop, the user can access the configured assets. All work performed using the desktop is audited.

Desktop Group:
A desktop configuration used by one or more users of a Room.

File Vault:
A tool/service available in each Room that provides an audited/secure file transfer service. It is used to transfer data onto a secure Desktop.

Firewall Rules:
A tool/service available in each Room that provides the ability to customize access to the room's Desktops from remote applications/services through the room's Gateway Agent.

Gateway Agent:
The Tehama Gateway Agent is a software agent (binary) that you install on your infrastructure to enable a secure encrypted connection between a Room's Gateway Service and your infrastructure. See Gateway User Guide for more information.

Gateway Service:
The Gateway Service enables an Organization to control exactly what assets on their network (that is, applications, databases, internal sub-networks) can be accessed by a Room. See Secrets Vault.

Manager:
A Member of an Organization with elevated privileges. In addition to using the services available to ‘Staff Members’, Managers are also able to create policies, create and delete team member accounts and create additional desktops. There may be many Managers in an Organization.

Member:
A User within an Organization. Has access, on request and approval, to Rooms in which that Organization participates. May belong to a Team.

Org Admin:
A Member of an Organization with super-elevated privileges (more than a Manager). There may only be one Org Admin in an Organization.

Organization:
An Organization is a key concept in Tehama. Organizations can host Rooms or be invited to use a Room. Organizations also have a set of Members (Users). See Organization User Guide for more details.

Organization Owner:
Has access to all privileged information for the organization, including payment and account information.

Tehama Admin:
A Tehama Support Team member with super-user privileges in Tehama.

Policy:
A Policy, sometimes referred to as an "access policy", determines the policy and principles that users need to meet in order to gain access to a Room and the Assets accessible within it. Policies are owned by an Organization. When an Organization invites another Organization to access a Room, it specifies one Policy under which that access is authorized. Different access policies may be specified for each Organization invited to a Room. See Policy User Guide for more details.

Room:
A Room is the key and most important concept in Tehama. A Room is a connected hosted extension of an Organization's IT infrastructure that provides a fully audited and controlled space that hosts a set of tools, services and/or applications for use by one or more other Organizations. Access is optionally governed by a Policy specified for each Organization invited to use the Room. In short, a Room is a secure Platform for the acquisition and delivery of Software Development and IT Management Services between Organizations. For more information see the Rooms User Guide.

Room Owner:
The Organization that is paying for the Room. Note that this isn't necessarily the organization that is connected to by the room. The organization being connected to always approves access for individuals or teams to be added to a room.

Secrets Vault:
The secrets vault is used to provide secure storage of access credentials, secrets and firewall rules. Each Room has its own secrets vault repository providing single tenant secure storage for details of Assets for that Organization's connected environment. See Secrets Vault User Guide for more details.

Service Provider:
A company that uses a secure access method to present services to recipients (buyers).

Service Recipient:
Also known as a buyer, a service recipient is an organization that requires and pays for services.

Staff Member:
A Member of an Organization with basic privileges. There may be many Staff Members in an Organization.

Team:
A list of Members from an Organization. Convenient for adding or requesting access for groups of people to Rooms.

Tool:
A service (web application, API service, ...) that is hosted in a Room. Examples include the File Vault and Secrets Vault but also includes the video recording and auditing services.

User:
See member.