Access Key:
An Access Key is a secret key created for you when you first configure your Room's network access to connect to your organization's private network, through a Tehama Gateway (or two if the 'Multiple Gateways' option is enabled) installed in the network's infrastructure. It is required by the Tehama Gateway to connect to that Room. It uniquely identifies the Tehama Gateway(s) to a particular Room's Tehama Gateway Service for establishing the connection. You can regenerate a new Access Key as required so secure storage of this key for future use (e.g. moving the Tehama Gateway) is optional.

Activity Stream:
The Activity Stream for a Room or Organization shows all the activity that has taken place on or to the Room or organization since its creation. Examples of activity include (but is not limited to) the addition of members to an Organization or Room, the creation of a desktop within in a Room etc.

An Asset is a resource or service in your private infrastructure (internal network, cloud, ...) or publicly available applications and services in the cloud that you want to access from the room. You store the list of assets in an encrypted secrets vault.

Application (Desktop Application):
An application installed on a desktop.

A shared or individual virtual desktop computer hosted in a Room. From the desktop, the user can access the configured assets. All work performed using the desktop is audited.

Desktop Group:
A desktop configuration used by one or more users of a Room.

File Vault:
A tool/service available in each Room that provides an audited/secure file transfer service. It is used to transfer data onto a secure Desktop.

Firewall Rules:
A tool/service available in each Room that provides the ability to customize access to the room's Desktops from remote applications/services. If the room's connected organization has configured the room to connect to their organization's private network through a 'Tehama Gateway' installed in their network's infrastructure, then this access is managed through the room's Tehama Gateway instance (two instances if the 'Multiple Gateways' option is enabled). Otherwise, if the room's connected organization has configured the room to connect to 'Internet Only', then this access is managed through the room's infrastructure.

Tehama Gateway:
The Tehama Gateway is a software agent (binary) that you install on your infrastructure to enable a secure encrypted connection between a Room's Tehama Gateway Service and your infrastructure. If the room has the 'Multiple Gateways' option enabled, then you install two instances. See Tehama Gateway User Guide for more information.

Tehama Gateway Service:
The Tehama Gateway Service is used in a Room that is configured to connect to the connected Organization's private network through an instance (or two if the 'Multiple Gateways' option is enabled) of the 'Tehama Gateway' installed in their network's infrastructure to enable the Room's connected Organization to control exactly what assets on their network (that is, applications, databases, internal sub-networks) can be accessed by the Room. See Secrets Vault.

Multiple Gateways:
The 'Multiple Gateways' option, when made available, is applicable only to rooms that are configured to connect to their connected organizations' private networks through a 'Tehama Gateway' installed in the network's infrastructure. When this option is enabled, the connected organization installs a second instance of the 'Tehama Gateway' in their network's infrastructure to provide redundancy and the room provisions its infrastructure to handle the second connection. Enabling this feature adds to the cost of the room.

Internet Only:
'Internet Only' is a room network access connection option that limits the room's network access to the internet. This option is available for rooms where there is no need to access the private network of one of the room's organizations through a Tehama Gateway.

A Member of an Organization with elevated privileges. In addition to using the services available to ‘Staff Members’, Managers are also able to create policies, create and delete team member accounts and create additional desktops. There may be many Managers in an Organization.

A User within an Organization. Has access, on request and approval, to Rooms in which that Organization participates. May belong to a Team.

Org Admin:
A Member of an Organization with super-elevated privileges (more than a Manager). This is the same as the Organization Owner. There may only be one Org Admin in an Organization.

An Organization is a key concept in Tehama. Organizations can host Rooms or be invited to use a Room. Organizations also have a set of Members (Users). See Organization User Guide for more details.

Organization Owner:
Has access to all privileged information for the organization, including payment and account information. This is the same as the Org Admin.

Tehama Admin:
A Tehama Support Team member with super-user privileges in Tehama.

A Policy, sometimes referred to as an "access policy", determines the policy and principles that users need to meet in order to gain access to a Room and the Assets accessible within it. Policies are owned by an Organization. When an Organization invites another Organization to access a Room, it specifies one Policy under which that access is authorized. Different access policies may be specified for each Organization invited to a Room. See Policy User Guide for more details.

A Room is the key and most important concept in Tehama. A Room is a connected hosted extension of an Organization's IT infrastructure that provides a fully audited and controlled space that hosts a set of tools, services and/or applications for use by one or more other Organizations. Access is optionally governed by a Policy specified for each Organization invited to use the Room. In short, a Room is a secure Platform for the acquisition and delivery of Software Development and IT Management Services between Organizations. For more information see the Rooms User Guide.

Room Owner:
The Organization that is paying for the Room. Note that this isn't necessarily the organization that is connected to by the room. The organization being connected to always approves access for individuals or teams to be added to a room.

Secrets Vault:
The secrets vault is used to provide secure storage of access credentials, secrets and firewall rules. Each Room has its own secrets vault repository providing single tenant secure storage for details of Assets for that Organization's connected environment. See Secrets Vault User Guide for more details.

Service Provider:
A company that uses a secure access method to present services to recipients (buyers).

Service Recipient:
Also known as a buyer, a service recipient is an organization that requires and pays for services.

Staff Member:
A Member of an Organization with basic privileges. There may be many Staff Members in an Organization.

A list of Members from an Organization. Convenient for adding or requesting access for groups of people to Rooms.

A service (web application, API service, ...) that is hosted in a Room. Examples include the File Vault and Secrets Vault but also includes the video recording and auditing services.

See member.