Learn to decode IT lingo with our IT glossary
Active Directory (AD) is a proprietary directory service from Microsoft that enables IT administrators to centrally manage permissions and access to network resources.
“Azure Active Directory securely unifies users, groups, applications, services, and devices on the corporate network.”
Application is a general term for client-server software and software hosted in a data center.
“We recently switched from a client server version of QuickBooks to Right Networks, where the application is hosted in the cloud.”
Artificial Intelligence (AI) is the computer simulation of human behavior to simplify routine tasks like speech recognition, decision-making, and language translation.
“Grammarly uses Artificial Intelligence to assess the tone of my writing and suggest improvements that will better resonate with non-technical readers.”
Automation is a term for technologies that reduce the need for human intervention in repetitive tasks.
“Online retailers use Automation to reduce the time it takes to make credit card purchases. Buying shirts used to take 5 minutes. Now I can select an item and check out in two minutes by clicking on the Amazon Pay link.”
Backup is a facet of business continuity and refers to the process of backing up data.
“Backup solutions protect all critical data (on-premises and in the cloud), with clearly defined Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs), including periodic test restores with data storage and replication in at least one recovery point outside of the client’s network.”
Business Continuity is an organization’s state of readiness to support critical operations after emergencies and other adverse events.
“Our Business Continuity plan includes backup and disaster recovery services. All our data is backed up and replicated offsite. So even if we get breached, we don’t have to negotiate with ransomware attackers.”
The Cloud is a resource you access over the internet.
“Mobility is a Cloud-enabled technology that allows people to conduct business, access applications, and interact with our digital world 24/7/365 on mobile devices, tablets, and laptops.”
Compliance is the process of following and aligning business practices with established regulatory guidelines like GDPR, PCI DSS, NIST, HIPAA, SOX, SOC2, CMMC, and others.
“We follow the NIST Compliance framework and use the contents of our IT Roadmap to answer all the IT questions on our annual cybersecurity insurance renewal application.”
Content Filtering is a hardware or software-based internet security solution that permits user access to approved emails and websites and blocks user access to restricted emails and websites.
“We use Proofpoint and Watchguard Firewalls to enforce corporate policies that reduce the influx of malware by screening sketchy emails and preventing users from accessing known malicious sites.”
The executive “chief” level roles in a company—CEOs, CFOs, COOs, CISOs, and CIOs.
“This glossary was created to save time and frustration when making a business case for technology upgrades with the C-Suite.”
The Dark Web is much larger than the surface web. Since it’s not tracked by Google and other search engines, criminals work anonymously selling stolen identities, passwords, bank account routing numbers, social security numbers, health care benefits, illicit drugs, contract hit jobs, escort services, weapons, and more.
“If you use the same password for every account and frequently click on random email links, cyber criminals can acquire your access credentials for multiple accounts and sell this data, multiple times, on the Dark Web.”
Desktop as a Service (DaaS)
Desktop as a Service (DaaS) is a computing solution where the operating system and productivity software reside in the cloud instead of on the user’s physical machine.
“With Microsoft Azure DaaS, our remote workforce can securely reach all of their applications from mobile devices, workstations, or tablets.”
Disaster Recovery is a program and process within a business continuity plan for a company to resume access and maintain IT functionality following natural disasters, cyber-attacks, and other operational disruptions.
“Our managed IT provider offers Disaster Recovery, which maximizes our uptime and reduces capital expenses.”
Email Security is a portfolio of complimentary protective services including anti-spam, antivirus, archiving, content and image filtering, and encryption.
“For added protection against malware, ransomware, and phishing attacks, we use a third-party email security gateway with Microsoft 365.”
End of Life (EOL)
End of life means companies stop marketing, selling, or updating your equipment after a specific date.
“Our office desktops will reach EOL next year.”
End of Service (EOS)
End of service indicates the end of services and updates for server, storage, and network equipment. This milestone is the final deadline for sales, updates, or hardware support contract renewals.
“Our technology budget for the upcoming year includes a replacement for a server that will hit EOS next year.”
An Endpoint is any infrastructure device connected to a company network.
“Physical servers, hosted servers, cloud apps, firewalls, backup appliances, mobile devices, workstations, shared computers, switches, Wi-Fi hot spots, copiers/printers, and security cameras are endpoints. Many managed IT providers base service fees on the number of endpoints and users being covered and supported.”
A Firewall is a hardware or software-based network security solution that enforces network security rules by monitoring and managing inbound and outbound traffic.
“Firewalls have evolved from simple gatekeeping devices to next-generation solutions with advanced malware detection, URL blocking, VPN services, content filtering, intrusion prevention, quality of service enhancement, and integration with complimentary security technologies.”
Fractional refers to expertise that is not a full-time employee. Fractional IT expertise can be helpful for specializations, especially in cybersecurity and compliance, or if doesn’t make sense for your organization to retain full-time talent.
“Our IT director is working with a Virtual Chief Information Security Officer (vCISO) from our managed IT provider on a fractional basis to prepare for our next FINRA audit.”
A Help Desk, also known as a Service Desk, is where an MSP’s clients go for IT support, available through multiple channels—live operator dispatch, call centers, email, desktop shortcuts, web applications, and chat.
“Users typically engage the Help Desk for IT support during standard office hours. Many Managed IT service providers have on-call technicians that respond to high-priority system alerts and client requests 24/7.”
Identity & Access Management
Identity & Access Management is the administrative policy and practice of verifying and controlling who is granted or denied permission to log into a company’s network or applications.
“Your managed IT service provider protects your users, endpoints, and IT systems with a digital fence empowering them to function as a gatekeeper (and bouncer) for identity & access management.”
Infrastructure is a general term for IT systems, including but not limited to most of the physical elements in a local area network (LAN): switches, low voltage cabling, firewalls, servers, workstations, wireless access points (Wi-Fi), UPS, data backup appliances, copiers/printers, cameras, phone systems, and ISP services.
“Low voltage cabling and wiring is a critical component of our Infrastructure because it affects the communication speeds between all our devices and applications.”
Internet Service Provider (ISP)
An ISP offers wireline, wireless, cable, fiber, 5G, and satellite internet access.
“Our IT provider recommends we maintain two ISP services for redundancy: an inexpensive, 100Mbps X 25Mbps bandwidth cable connection from Comcast, and a premium 1Gbps X 1Gbps fiber connection from Verizon.”
IT Governance is the practice of drafting, implementing, and managing IT policies, procedures, and plans.
“Our managed IT service provider delivers proactive IT Governance in the form of advisory services that include security guidance, documentation, network diagrams, vendor risk management, backup and disaster recovery, and assistance completing cyber insurance applications.”
An IT planning document that plots short-, medium-, and long-term IT initiatives, prioritized by cost, risk, and business impact.
“Purchasing a 48-port switch is a high impact initiative on our IT Roadmap because we’re adding 25 employees next month, and our current switches don’t have any available ports for 25 new user machines.”
IT Steering Committee
A group of company stakeholders from different departments who evaluate, analyze, and approve IT initiatives.
“Establishing and maintaining an IT Steering Committee increases accountability, reduces risk, and prevents one person from holding the proverbial keys to an organization’s digital estate.”
A dynamic and proactive approach to cybersecurity integrating multiple technology tools with user education and physical security.
“When we layer our security with different tools from different providers, we offer a better way to keep our business safe.”
License Management is the IT provider’s role administering hardware, software licenses, service and maintenance agreements, warranties, renewals, upgrades, and integrations.
“Our managed IT service provider always gives us advance notice of upcoming server license renewals, so we maintain compliance with the manufacturer’s guidelines.
Managed Detection and Response (MDR)
Managed Detection and Response (MDR) is a cloud-friendly cybersecurity solution with fully-staffed 24/7 security operations centers to monitor, protect, detect, respond, and manage up-to-the-minute cyber risks, including zero-day threats and vulnerabilities. MDR also includes security awareness training and corrective measures to strengthen security readiness. Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) are product categories within MDR.
“Our in-house IT team implemented a SIEM four years ago, but we recently scrapped it when our new MSP offered an MDR solution. MDR employs artificial intelligence, machine learning, and automated analytical tools, making it more effective for continuous threat detection and response. It’s also easier to manage than SIEM.”
Managed Service Provider (MSP)
Managed Service Providers monitor, manage, support, and secure corporate IT systems and users for a fixed monthly fee. These IT services are fully managed or co-managed depending on the client’s in-house IT footprint.
“Our MSP is an extension of our company. They oversee every piece of technology in our environment. This includes troubleshooting with third-party software developers and our copier company whenever we experience application or hardware malfunctions.”
Managed Security Service Provider (MSSP)
Managed Security Service Providers offer cybersecurity services directly to IT departments at midsized companies and enterprises, or indirectly through MSPs that integrate and administer MSSP services to their small and midsized business clients.
“In response to new cybersecurity and compliance requirements from our insurance company, we added supplemental MSSP services to our MSP agreement. Since our MSP is also an MSSP, we do not have to engage another specialized security vendor.”
Master Services Agreement (MSA)
An MSA (Master Services Agreement) is a Managed Service Provider (MSP) contract.
“We expanded our MSA from unlimited remote monitoring and management to include unlimited onsite service, including MDR and mobile device encryption.”
Microsoft 365 (M365)
Microsoft 365, formerly Office 365 (O365) is a cloud-based productivity suite which includes Teams, SharePoint, OneDrive, Outlook, Word, Excel, PowerPoint, and more.
“We run most of our business on Microsoft 365 and our Managed Service Provider, a Microsoft Gold Partner, administers all support, licensing, and integration details.”
Multifactor Authentication (MFA)
Multifactor Authentication (MFA) is the process of taking an extra step to verify your identity when logging into a secure network or application.
“Whenever I log into my bank account, it prompts me to enter a unique 6-digit code they deliver via text to my phone.”
Network Operating Center (NOC)
A Network Operating Center is command central for client management operations and IT support team. NOC employees provide technical support from a physical office or remotely, using IT management tools, hosted in multiple data centers for redundancy.
“My IT provider has a fully staffed NOC in each of their locations where help desk specialists, system engineers, network engineers, project managers, and cloud architects monitor, manage, support, and secure all of our business technology.”
Password Management is a cybersecurity discipline and a generic product name for technology solutions that manage passwords.
“Solutions like LastPass, Bitwarden, and 1Password make password management a breeze. They generate and store unique, complex passwords so I can stay secure without having to remember dozens of logins.”
Plug ‘n’ Play
A shopworn term that overpromises immediate and incident-free service activation of new devices, software programs, and applications.
“My new year’s resolution is to discontinue saying Plug ‘n’ Play because it diminishes my credibility as an IT professional.”
Point of Contact
For Managed Service Providers, a Point of Contact (PoC) is the designated client representative who interacts with the IT support team on an as-needed basis.
“While our director of operations is the Point of Contact for day-to-day concerns with our MSP, we have an IT planning committee that includes our CFO, Director of Marketing, VP of HR, and Managing Director.”
Patch Management is the administrative discipline of monitoring, updating, and patching IT systems, applications, and operating systems.
“IT Administrators, using Professional Services Automation (PSA) with Remote, Monitoring and Management (RMM) tools conduct updates and run the latest Patches, a key best practice for maintaining solid cybersecurity.”
Professional Services Automation (PSA)
Professional Services Automation (PSA) tools empower everyone in a Managed Service Provider to manage IT for a business, including but not limited to service dispatch for onsite support, help desk, system engineering, network engineering, cloud architecture, vCIO, VCISO, procurement, and project managers. IT specialists at larger SMBs, mid-market companies, and enterprises often run and manage PSA tools in-house.
“Our MSP’s PSA lets us create trackable tickets for every proactive and reactive event, prioritized by highest to lowest business impact: P1, P2, P3, or P4.”
Remote Monitoring & Management (RMM)
Remote Monitoring & Management (RMM) is an Managed Service Provider (MSP) offering and the name of the tools MSPs use to perform this service.
“MSPs use Remote Monitoring & Management tools to proactively monitor, manage, support, and secure thousands of IT client endpoints and users, lowering the demand for frequent, onsite physical intervention.”
Responsible IT Architecture
Responsible IT Architecture is a term for up-to-date, resilient, business-class IT systems, designed to support your mission and compliance requirements.
“To attain Responsible IT Architecture status, we’re replacing our 10-year-old firewall, implementing a content filtering system, and requiring everyone to use Multifactor Authentication (MFA).”
Security Awareness Training
Security Awareness Training is a dynamic educational program that teaches users to identify and reduce exposure to cyber threats, phishing emails, malware, ransomware, fake websites, and social engineering scams.
“Security Awareness Training turns our employees into ‘human firewalls’ by changing their behavior to quickly identify risks that go undetected by our next generation firewall and email security gateway.”
Security Operations Center (SOC)
A Security Operations Center (SOC) is a facility for security specialists to offer cybersecurity services 24/7/365.
“To stay ahead of evolving threats, escalating costs, and talent shortages, our MDR provider’s SOC team analyzes trillions of online activities per week, identifying correlations, responding to anomalies, and updating the latest security risk definitions.”
Service Level Agreement (SLA)
An SLA (Service Level Agreement) is a schedule detailing an IT provider’s response time for IT support, prioritized by low, medium, or high business impact.
“If our network goes down, our managed IT service provider is contractually bound to respond within an hour. If one of our users wants to change a workstation setting, our IT provider is contractually bound to respond within 8 hours.”
Single Sign-on (SSO)
SSO lets users enter one set of credentials to securely log into all their applications in one place.
“SSO simplifies my work life by reducing the steps to access everything I need through a single portal.”
Software-Defined Wide Area Network (SD-WAN)
SD-WAN is a cloud-friendly virtual WAN architecture solution that empowers organizations to use combinations of internet transport services to improve application performance.
“Our SD-WAN solution scans our cable, fiber, and wireless internet services and routes our users to Salesforce.com, M365, and ADP over the fastest and least congested path.”
System Administration is the proactive practice of monitoring, documenting, organizing, updating, patching, and fine-tuning a client’s IT systems.
“The system administrators at my managed IT service provider responded to an alert at 3 AM this morning and reset a virtual server that was generating error messages.”
A Technical Assessment or Security Assessment is an IT discovery project to analyze the strengths and weaknesses of a client’s IT environment and operational maturity.
“We recently scored high marks on our Technical Assessment based on five factors: our IT infrastructure is up to date, everyone uses MFA, we recently implemented mobile device management, we’re heavily automated, and all our applications are hosted in SOC 2 Type II data centers.”
Technical Debt is a term to describe client IT environments with aging, distressed infrastructure that hampers performance.
“With Technical Debt, inefficiencies compound, glitches increase in frequency, and replacement costs rise the longer the client waits to make upgrades. The best way to avoid Technical Debt is to refresh hardware, software, and applications in accordance with its useful life or technology lifecycle.”
Unified Communications as a Service
Unified Communications as a Service (UCaaS) is the rebranded name for voice over internet protocol (VoIP). UCaaS captures the integrative benefits of using the internet and software rather than traditional public switched telephone network infrastructure and premise-based hardware to route voice traffic, auto attendant, and call center capabilities across desk phones, mobile devices, email, instant messaging, and video conferencing platforms.
“Our phone system is a UCaaS solution that accommodates everyone: remote call center representatives, office workers with standard hours, and mobile salespeople with settings that include Find Me/Follow Me, simultaneous ring, and voice mail to email.”
Uninterruptible Power Supply (UPS)
An Uninterruptible Power Supply (UPS) is an emergency power option that kicks in when the main source of electricity fails.
“Even if our office was not located in an office submarket with an aging power grid (and frequent power surges), we have a UPS in our network as a safeguard against other factors that might cause our onsite data backup appliance to fail.”
A user is an employee or company associate who accesses a computer to conduct business.
“Our company has 100 employees or users and 500 workstations because everyone uses multiple devices.”
Vendor Management is the role your MSP plays as a technical liaison troubleshooting with third parties whose services integrate with your network: ISPs, phone system vendors, copier/printer companies, line of business application providers, and more.
“We were having printer issues, so we opened a ticket with our MSP who collaborated with our copier Vendor to fix the problem by downloading an updated printer driver.”
Virtual is a multi-purpose buzzword in the managed IT world to describe alternatives to full-time employees, physical machines, and offices.
“We don’t have the budget to hire a full-time Chief Information Security (CISO) Officer, so we work with a Virtual CISO (vCISO) from our MSP who provides fractional consulting services.”
Vulnerability Management is a comprehensive, 24/7 network protection, scanning, and reporting solution that monitors and finds security gaps, new devices, and threats that impact performance and weaken compliance.
“Our MSP’s Vulnerability Management tool integrates with their PSA, which triggers a notification whenever I try to log onto the network with my old MacBook. So, I’ll be using my company-approved workstation from now on. It’s the right thing to do. Plus, I hate getting called out.”
Web Hosting is the backend service that maintains websites, domain names, and e-commerce applications on the internet.
“Our MSP vendor manages the relationship with our Web Hosting provider, ensuring the latest security plug-ins for our WordPress sites are working.”
Wide Area Network (WAN)
A WAN (Wide Area Network) is an internet solution connecting company offices, users, and their Local Area Networks (LANs), across various locations.
“Our law firm with offices, and different local area networks (LANs) in LA, Phoenix, Dallas, and Atlanta, is connected via a wide area network. Our WAN service providers are Verizon, Comcast, and AT&T.”
A cynical sounding cybersecurity policy that assumes no one is automatically trustworthy, requiring everyone to verify their identity when logging into the company network.
“Every morning, I repeat the same 5-step process to establish trust (starting at ground zero) to confirm my identity. Otherwise, the system doesn’t recognize me.”