The IT industry is chock full of its own lingo. Below are definitions for some of the most of the common words and terms in today's technology vocabulary.
Access point: A device that allows wireless-equipped computers and other devices to communicate with a wired network.
Alias: A short, easy to remember name created for use in place of a longer, more complicated name; commonly used in e-mail applications. Also referred to as a “nickname”.
Amazon Web Services: Amazon Web Services is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis.
Application Programming Interface (API): An application programming interface is a computing interface that defines interactions between multiple software intermediaries. It defines the kinds of calls or requests that can be made, how to make them, the data formats that should be used, the conventions to follow.
APT Threats: An advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation-state or state-sponsored group, that gains unauthorized access to a computer network and remains undetected for an extended period.
Artificial Intelligence: Artificial Intelligence (AI) is the emulation of human intelligence by machines, enabling them to perform tasks such as learning, reasoning, problem-solving, and understanding natural language.
Authentication: The process of identifying yourself and the verification that you’re who you say you are. Computers where restricted information is stored may require you to enter your username and password to gain access usually as a form of security/ cybersecurity.
Bandwidth: A measurement of the amount of data that can be transmitted over a network at any given time. The higher the network’s bandwidth, the greater the volume of data that can be transmitted. Network bandwidth is usually expressed in bits per second (bps); modern networks typically have speeds measured in the millions of bits per second (megabits per second, or Mbps) or billions of bits per second (gigabits per second, or Gbps).
Blockchain: A growing list of records, called blocks, that are linked using cryptography. Each block contains a cryptographic hash of the previous block’s timestamp and transaction data. By design, a blockchain is resistant to modification of the data.
Break/Fix: The term break/fix refers to the fee-for-service method of providing information technology services to businesses. Using this method, an IT solution provider performs services as needed and bills the customer only for the work done.
Business Continuity: Activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. These activities include many daily chores such as project management, system backups, change control, and help desk. Business Continuity is not something implemented at the time of a disaster; Business Continuity refers to those activities performed daily to maintain service, consistency, and recoverability.
BYOD: Bring Your Own Device or “BYOD” is a business and technology policy that allows employees to bring in personal mobile devices and use these devices to access company data, email, etc.
Cache: A set of files saved on your hard disk that help your browser display pages you have already visited more quickly. It displays the files from your hard disk instead of the web.
ChatGPT: ChatGPT is a conversational AI developed by OpenAI. It's based on the GPT (Generative Pre-trained Transformer) architecture and is designed to engage in natural language conversations with users. ChatGPT is trained on a diverse range of internet text and is capable of understanding and generating human-like responses across various topics. It can provide information, answer questions, offer suggestions, and engage in dialogue on a wide range of subjects.
Cloud: A common shorthand for a provided cloud computing services (or even an aggregation of all existing cloud services) is “The Cloud”. The cloud, simply, refers to software and services that run on the Internet instead of your computer. Apple iCloud, Dropbox, Netflix, Amazon Cloud Drive, Flickr, Google Drive, Microsoft Office 365, Yahoo Mail — those are all cloud services.
CMMC: Cybersecurity Maturity Model Certification; a certification program created by the Department of Defense (DoD).
Compliance Management: Compliance management is the ongoing process of monitoring and assessing systems to ensure they comply with industry and security standards, as well as corporate and regulatory policies and requirements.
Content Management: Content management is a collection of tools, software and processes that allow you to collect, manage and publish information on any medium. Content management also ensures that whatever content you have is indexable or searchable, making it easy for users to find that information. It also encompasses deletion of content.
Cookie: A small piece of information you may be asked to accept when connecting to certain servers via a web browser. It is used throughout your session as a means of identifying you. A cookie is specific to, and sent only to the server that generated it.
Copilot (Microsoft): Microsoft Copilot is a code completion tool developed by Microsoft. It assists developers by providing contextually relevant suggestions as they write code, helping to improve productivity and efficiency in software development. Copilot is powered by OpenAI's GPT language model and uses machine learning to analyze code and generate helpful suggestions, such as code snippets, function completions, and documentation references, based on the developer's input.
CPU: Central processing unit; the part of a computer that oversees all operations and calculations.
Cross-Platform: Cross-platform (a.k.a. agnostic, agnostic application and agnostic platform) refers to something that is interoperable among different operating systems, systems and platforms. Cross-platform, however, is more focused on software that can run on any operating system and on any processor architecture.
Crowdsourcing: Crowdsourcing means the outsourcing of your tasks to, well, a crowd of people. That is, you will have a loosely defined group, which will do the work for you. Crowdsourcing takes away the task that you have to do in-house or by using an employee and letting a bigger group of people do it. In IT, crowdsourcing usually involves the general public.
CSP: Cloud Service Provider; a business model for providing cloud services.
CSS: Cascading Style Sheet; A set of rules that define how web pages are displayed using CSS, designers can create rules that define how page.
Customer Relationship Management: Customer relationship management refers to a set of processes, tools, technologies and software that help businesses manage their relationships with their customers. For instance, a customer relationship management software would be able to give businesses enough details about their customers from the level of communication that has been done by each customer and when. This allows businesses to personalize and customize their contacts with the customer to gain more sales.
Cyber-Insurance: A specialty insurance product intended to protect businesses from Internet-based risks, and more generally from risks relating to information technology infrastructure, information privacy, information governance liability, and related activities.
Cyber Physical Attacks: A security breach in cyberspace that impacts on the physical environment. A malicious user can take control of the computing or communication components of water pumps, transportation, pipeline valves, etc., and cause damage to property and put lives at risk.
Database: A collection of information organized so that a computer application can quickly access selected information; it can be thought of as an electronic filing system. Traditional databases are organized by fields, records (a complete set of fields), and files (a collection of records). Alternatively, in a Hypertext database, any object (e.g., text, a picture, or a film) can be linked to any other object.
Data center: Facility used to house computer systems and associated components, such as telecommunications and storage systems. Generally includes redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices.
Data Loss Prevention (DLP): Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. Data loss prevention software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.
DDoS Attacks: A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic to a web property. In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
Desktop: On computers like IBM PC or compatibles and Macintoshes, the backdrop where windows and icons for disks and applications reside.
Devices: Input devices include things like microphones, keyboards, mouse, touchpads, wheels, joysticks, etc. Output devices include printers, monitors, projectors and speakers.
DevOps: DevOps is a set of practices that combines software development and IT operations. It aims to shorten the system’s development life cycle and provide continuous delivery with high software quality. DevOps is complementary with Agile software development; several DevOps aspects came from Agile methodology.
DHCP: Dynamic Host Configuration Protocol; a protocol that lets a server on a local network assign temporary IP addresses to a computer or other network devices.
Digital Transformation: The adoption of digital technology by a company with the goal for its implementation being to improve efficiency, value or innovation.
Dialog box: Sometimes referred to as a window; on a graphical user interface system, an enclosed area displayed by a program or process to prompt a user for entry of information in one or more boxes (fields).
Differential Backups: A copy of all the data that has been changed since the last full backup.
Disaster Recovery: Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster. Disaster recovery is a subset of business continuity. While business continuity involves planning for keeping all aspects of a business functioning in the midst of disruptive events, disaster recovery focuses on the IT or technology systems that support business functions.
Disruptive Technology: New technology that surprisingly displaces an already established one.
DNS: The domain name system is how computers convert human-readable domain names and hostnames to numerical IP addresses. When you type howtogeek.com into your web browser’s address bar, your computer contacts its DNS server and the DNS server replies with the numerical IP address of How-To Geek’s server, which is what your computer connects to.
Domain: Part of an Internet address. The network hierarchy consists of domains and subdomains. At the top are a number of major categories (e.g., com, edu, gov); next are domains within these categories (e.g., ohio-state); and then there are subdomains. The computer name is at the lowest level of the hierarchy.
Domain Name: Domain names are the base part of website names like howtogeek.com or google.com. Note that domain names are just another type of hostname.
Download: The process of transferring one or more files from a remote computer to your local computer. The opposite action is upload.
Edge Computing: Edge computing is a distributed computing paradigm that brings computation and data storage closer to the location where it is needed, to improve response times and save bandwidth.
EHR/EMR/PHR (Electronic Health Record/Electronic Health Record/Personal Health Record) these three are together because people often use them interchangeably. EMR stands for Electronic Medical Record, EHR stands for Electronic Health Record and PHR stands for Personal Health Record.
Encryption: The manipulation of data to prevent accurate interpretation by all but those for whom the data is intended.
Endpoint: Physical devices that connect to and exchange information with a computer network, such as desktops, mobile devices, virtual machines, and servers.
Endpoint Security: Endpoint security is the practice of securing endpoints or entry points of end-user devices such as desktops, laptops, and mobile devices from being exploited by malicious actors and campaigns. Endpoint security systems protect these endpoints on a network or in the cloud from cybersecurity threats.
Ethernet: Ethernet is the standard wired network technology in use almost everywhere today. If your computer is connected to a network via a cable, it’s likely using an Ethernet cable. That cable plugs into an Ethernet port on your computer.
Ethernet card: An adapter card that fits into a computer and connects to Ethernet cabling; different types of adaptor cards fit specific computers.
Exploit Kits: An exploit kit or exploit pack is a type of toolkit cybercriminals use to attack vulnerabilities in systems so they can distribute malware or perform other malicious activities. Exploit kits are packaged with exploits that can target commonly installed software such as Adobe Flash®, Java®, Microsoft Silverlight®.
Female connector: A cable connector that has holes and plugs into a port or interface to connect one device to another.
Filter: Refers to: 1) a program that has the function of translating data into a different format (e.g., a program used to import or export data or a particular file); 2) a pattern that prevents non-matching data from passing through (e.g., email filters); and 3) in paint programs and image editors, a special effect that can be applied to a bit map.
Firewall: A firewall is a piece of software or hardware that blocks certain types of traffic & can be used a security measure/ cybersecurity. For example, a firewall could block incoming traffic on a certain port or block all incoming traffic except traffic coming from a specific IP address.
Flash drive: A small device that plugs into computer’s USB port and functions as a portable hard drive.
FTP: File Transfer Protocol; a method of exchanging files between computers via the Internet. A program like WS FTP for IBM PC or compatibles or Fetch for Macintosh is required. Files can contain documents or programs and can be ASCII text or binary data.
Gateway: A gateway is a device that routes traffic between networks. For example, at home, your router is your gateway. It provides a “gateway” between your LAN and WAN.
Gigabyte (Gig or GB): 1024 x 1024 x 1024 (2 to the 30th power) bytes; it’s usually sufficient to think of a gigabyte as approximately one billion bytes or 1000 megabytes.
Help desk: A help desk is an information and assistance resource that troubleshoots problems with computers or similar products.
HDD: Hard Disk Drive; storage devices with spinning platters that read and write data.
Hostnames: A hostname is a human-readable label that points to a device connected to a network. For example, on your home network, your Windows computer’s hostname may be WINDOWSPC. Your other devices can connect to WINDOWSPC and will be pointed at that computer’s local IP address.
HTML: HyperText Markup Language; a language used for creating web pages. Various instructions and sets of tags are used to define how the document will look.
HTTP: The hypertext transfer protocol is the standard protocol modern web browsers and the web itself uses. FTP and BitTorrent are examples of alternative protocols.
Human Firewall: A group of people in an organization that works towards detecting cyber attacks such as ransomware or phishing attacks that may bypass your computer security system.
Hybrid Workforce: A hybrid workforce is a group of employees that can work from their company's workplace as well as remotely.
Hyperconverged Infrastructure (HCI): Hyperconverged infrastructure is a software-defined IT infrastructure that virtualizes all of the elements of conventional "hardware-defined" systems. HCI includes, at a minimum, virtualized computing, software-defined storage and virtualized networking.
IaaS: Infrastructure as a Service; In the most basic cloud-service model, providers of IaaS offer computers – physical or (more often) virtual machines – and other resources.
Incremental Backup: A small increment of data backup only copying changes to the data since the previous backup.
Information Security Policy: An information security policy is a set of rules that guide individuals who work with IT assets. Your company can create an information security policy to ensure your employees and other users follow security protocols and procedures.
Internet of Everything (IoE): Coined by Cisco, the term “Internet of Everything” is defined as the networked connection of people, process, data, and things. The benefit of IoE is derived from the compound impact of connecting people, process, data, and things, and the value this increased connectedness creates as “everything” comes online.
IoE creates opportunities for organizations, individuals, communities, and countries to realize dramatically greater value from networked connections among people, process, data, and things.
Internet of Things (IoT): The Internet of Things, or IoT, refers to the billions of physical devices around the world that are now connected to the internet, all collecting and sharing data.
IP Address: An Internet Protocol address, or IP address, is a numerical address that corresponds to your computer on a network. When a computer wants to connect to another computer, it connects to that computer’s IP address.
ISP: Your Internet service provider is the company that provides you with your Internet connection. For example, your ISP may be Comcast, Time Warner, or whatever other company you’re paying each month.
ITIL®: The Information Technology Infrastructure Library (ITIL®) sets forth the best practices and standards for providing IT services.
LAN: A local area network is a small network that’s confined to a local area. For example, your home network or an office network is a LAN. Connects a group of computers for the purpose of sharing resources such as programs, documents, or printers. Shared files often are stored on a central file server.
LOB Application: Line of Business Application; any specific software application(s) that a company may have in use that is required for business operations, typically provided by a third-party vendor and/or service provider and may have specific support requirements.
Localhost: The hostname “localhost” always corresponds to the device you’re using. This uses the loopback network interface — a network interface implemented in software — to connect directly to your own PC.
MAC: Media Access Control; The hardware address of a device connected to a shared network.
MAC Address: Each network interface has a media access control address, or MAC address — also known as a physical address. This is a unique identifier designed to identify different computers on a network. MAC addresses are usually assigned when a manufacturer creates a network device.
Machine Learning: Machine learning is the study of computer algorithms that improve automatically through experience. It is seen as a subset of artificial intelligence.
Mail server: A networked computer dedicated to supporting electronic mail. You use a client program like Microsoft Outlook for retrieving new mail from the server and for composing and sending messages.
Male connector: A cable connector that has pins and plugs into a port or interface to connect one device to another.
Malware: Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy.
Man-in-the-Middle Attacks: A man-in-the-middle attack requires three players. There’s the victim, the entity with which the victim is trying to communicate, and the “man in the middle,” who’s intercepting the victim’s communications. Critical to the scenario is that the victim isn’t aware of the man in the middle.
Managed Antivirus: Managed Antivirus is a centrally managed software option that protects all of the computers at a business from virus threats. The “managed” part means that an IT provider installs the software on a company’s computers and other devices and schedules regular scans to check for issues, as well as ensuring the programs are updated and monitors the health of the network.
Managed Security Service Provider (MSSP): A managed security service provider (MSSP) provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services. MSSPs use high-availability security operation centers (either from their own facilities or from other data center providers) to provide 24/7 services designed to reduce the number of operational security personnel an enterprise needs to hire, train and retain to maintain an acceptable security posture.
MDM: Mobile Device Management; Any routine or tool intended to distribute applications, data, and configuration settings to mobile communications devices. The intent of MDM is to optimize the functionality and security of a mobile communications network. MDM must be part of a coherent BYOD strategy.
MDR: Managed detection and response (MDR) is an outsourced service that provides organizations with threat hunting services and responds to threats once they are discovered. It also involves a human element: Security providers provide their MDR customers access to their pool of security researchers and engineers, who are responsible for monitoring networks, analyzing incidents, and responding to security cases.
Megabyte (Meg or MB): 1,024 x 1,024 (2 to the 20th power) bytes; it’s usually sufficient to think of a megabytes as one million bytes.
Microsoft Azure: Microsoft Azure, commonly referred to as Azure, is a cloud computing service created by Microsoft for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.
Microsoft Exchange: Microsoft Exchange Server is the server side of a client–server, collaborative application product developed by Microsoft. It is part of the Microsoft Servers line of server products and is used by enterprises using Microsoft infrastructure products. Exchange’s major features consist of electronic mail, calendaring, contacts and tasks; support for mobile and web-based access to information; and support for data storage
Microsoft Teams: Microsoft Teams, also referred to as simply Teams, is a unified communication and collaboration platform that combines persistent workplace chat, video meetings, file storage, and application integration.
Microsoft Windows: A group of operating systems for PC or compatible computers; Windows provides a graphical user interface so you can point and click to indicate what you want to do.
MIME: Multipurpose Internet Mail Extensions; a protocol that enables you to include various types of files (text, audio, video, images, etc.) as an attachment to an e-mail message.
Monitor: The part of a computer that contains the screen where messages to and from the central processing unit (CPU) are displayed. Monitors come in a variety of sizes and resolutions. The higher the number of pixels a screen is capable of displaying, the better the resolution. Sometimes may be referred to as a CRT.
MSP: Managed Service Provider; A business model for providing information-technology services.
Multi-Factor Authentication (MFA): An authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence. Two-factor authentication is a type, or subset, of multi-factor authentication.
Nameserver: A computer that runs a program for converting Internet domain names into the corresponding IP addresses and vice versa.
NAT: Network Address Translation; a standard that enables a LAN to use a set of IP addresses for internal traffic and a single IP address for communications with the Internet.
NCE: New Commerce Experience (NCE); Microsoft’s new experience for purchasing and managing licenses.
Network: A group of interconnected computers capable of exchanging information. A network can be as few as several personal computers on a LAN or as large as the Internet, a worldwide network of computers.
Network adapter: A device that connects your computer to a network; also called an adapter card or network interface card.
Network Environment: Comprised of servers, systems, software, and services that tie multiple users together.
Network hub: A common connection point for devices on a network.
Network Interface / Network Adapter: Your computer’s wired Ethernet connection and Wi-Fi connection are basically both network interfaces. If your laptop was connected to both a wired connection and a Wi-Fi network, each network interface would have its own IP address. Each is a different connection.
Network Operations Center (NOC): A network operations center, also known as a "network management center", is one or more locations from which network monitoring and control, or network management, is exercised over a computer, telecommunication or satellite network.
NIST: National Institute of Standards and Technology; an agency of the US Department of Commerce to promote innovation and industrial competitiveness.
NIST Compliance: Adhering to the security standards and best practices to protect data used by the government and its contractors.
NIST Framework: The NIST Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks. It provides a common language that allows staff at all levels within an organization—and at all points in a supply chain—to develop a shared understanding of their cybersecurity risks.
NNTP: Network News Transport Protocol; the protocol used for posting, distributing, and retrieving network news messages.
On-site: At-place-of-work-or-business support, typically provided by a technically qualified individual.
Password Manager: A password manager is a computer program that allows users to store and manage their passwords for local applications and online services like a web application, websites, online accounts, or social media.
Patch: Piece of software designed to update a computer program or its supporting data, to fix or improve it. This includes fixing security vulnerabilities and other bugs, and improving the usability or performance.
PC: Usually refers to an IBM PC or compatible, or when used generically, to a “personal computer”. In a different context, PC also is an abbreviation for “politically correct.”
Personally Identifiable Information (PII): Personally Identifiable Information, or PII, is any data that could potentially be used to identify a particular person. Examples include a full name, Social Security number, driver's license number, bank account number, passport number, and email address.
Phishing: Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware.
Platform as a Service (PaaS): Platform as a service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications.
Port: When an application wants to send or receive traffic, it has to use a numbered port between 1 to 65535. This is how you can have multiple applications on a computer using the network and each application knows which traffic is for it.
Proactive Monitoring: Proactive monitoring (often referred to as Remote Monitoring and Management or “RMM”) continually monitors the stability and security of your IT system for maximum uptime. It tracks and maintains your desktops, routers, mobile devices, and networks from a centralized console.
Professional Services Automation (PSA): Professional Services Automation is software, such as ConnectWise, designed to assist IT consultants and other service providers with project management and resource management for client projects and utilization rate management for billable staff.
Protocol – TCP, UDP, ICMP, etc.: Protocols are different ways of communicating over the Internet. TCP and UDP are the most common protocols. The ICMP protocol is also used, but primarily so network devices can check each other’s status. Different protocols are ideal for different types of communication.
RAM: Random Access Memory provides space for your computer to read and write data so that the CPU can find it quickly and easily. When people refer to memory upgrades they are usually talking about RAM.
Ransomware: Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.
Recovery Point Objective (RPO): Recovery Point Objective (RPO) is an important part of an IT Disaster Recovery plan and describes a period of time in which business operations must be restored following a disruptive event, such as a cyberattack, natural disaster or communications failure. RPO is typically paired with Recovery Time Objective (RTO).
Recovery Time Objective (RTO): Recovery Time Objective (RTO) represents the amount of time an application can be down and not result in significant damage to a business and the time that it takes for the system to go from loss to recovery.
Remote desktop: A Windows feature that allows you to have access to a Windows session from another computer in a different location
Remote login: An interactive connection from your desktop computer over a network or telephone lines to a computer in another location (remote site).
Remote Monitoring and Management (RMM): Remote monitoring and management is the process of supervising and controlling IT systems by using locally installed agents that can be accessed by a managed IT service provider.
Risk Assessment: A risk assessment is the combined effort of identifying and analyzing potential events that may negatively impact a business. Risk assessments help guide an organization in making rational decisions to improve their security posture and align risk with acceptable tolerance levels.
Risk Management: Risk management is the application of principles to manage the risks in a business that come with the ownership, involvement, operation, influence, adoption and use of IT in an organization.
Router: A device used for connecting two Local Area Networks (LANs); a device that passes traffic back and forth. You likely have a home router. It’s that router’s job to pass outgoing traffic from your local devices to the Internet, and to pass incoming traffic from the Internet to your devices.
SAN: A storage area network (SAN) is a dedicated storage network that provides access to consolidated, block level storage. SANs primarily are used to make storage devices (such as disk arrays, tape libraries, and optical jukeboxes) accessible to servers so that the devices appear as locally attached to the operating system. A SAN typically has its own network of storage devices that are generally not accessible through the regular network by regular devices.
SD-WAN: SD-WAN is an acronym for software-defined networking in a wide area network. SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism.
Security Assessment: A cybersecurity risk assessment identifies the various information assets that could be affected by a cyber attack(such as hardware, systems, laptops, customer data, and intellectual property), and then identifies the various risks that could affect those assets.
Security Operations Center (SOC): A centralized unit that deals with security issues on an organizational and technical level. A SOC within a building or facility is a central location from where staff supervises the site, using data processing technology.Typically, a SOC is equipped for access monitoring, and controlling of lighting, alarms, and vehicle barriers.
Serial port: An interface on a computer that supports transmission of a single bit at a time; can be used for connecting almost any type of external device including a mouse, a modem, or a printer.
Server: A computer that is responsible for responding to requests made by a client program (e.g., a web browser or an e-mail program) or computer. Also referred to as a “file server”.
Service Level Agreement (SLA): A service level agreement (SLA) is a contract that establishes a set of deliverables that one party (the service provider) has agreed to provide another (the client). An SLA defines the level of service you can expect from a vendor, laying out the metrics by which service is measured, as well as remedies or penalties should agreed-upon service levels not be achieved. It is a critical component of any technology vendor contract.
SID: Service Set Identifier; a name that identifies a wireless network.
SIEM: Security information and event management (SIEM), software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware.
SMB: The Server Message Block Protocol (SMB protocol) provides a method for client applications in a computer to read and write to files on and to request services from server programs in a computer network.
SMPT: Simple Mail Transfer Protocol is an Internet standard for e-mail transmission.
Smishing: The fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.
SMTP: Simple Mail Transfer Protocol; a method of handling outgoing electronic mail.
SOC-as-a-service: A subscription- or software-based service that manages and monitors your logs, devices, clouds, network and assets for internal IT teams. The service provides companies with the knowledge and skills necessary to combat cyber-security threats.
Social Engineering: Social engineering is the art of manipulating people into giving up confidential information, usually through technology. Social engineering aims to take advantage of a potential victim’s natural tendencies and emotional reactions.
Software: Any program that performs a specific function. Examples: word processing, spreadsheet calculations, or electronic mail.
Software as a Service (SaaS): Software as a service is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software".
Software-defined data center: Software-defined data center is a marketing term that extends virtualization concepts such as abstraction, pooling, and automation to all data center resources and services to achieve IT as a service.
Software-defined networking: Software-defined networking (SDN) technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, making it more like cloud computing than traditional network management.
Software-defined security: Software-defined security is a set of the security model in which the information security in a computing environment is regulated and managed by security software. Most of the security controls like segmentation of the network, detection of intrusions, and access control are automated and they are controlled through security software. Software-defined security is utilized in IT environments that utilize services of the cloud.
Spam: Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of spam that involves nearly identical messages sent to numerous recipients by email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. Spammers collect email addresses from chatrooms, websites, customer lists, newsgroups, and viruses which harvest users’ address books, and are sold to other spammers.
Spam Filtering: A spam filter is a program used to enhance users' cybersecurity protocols by detecting unsolicited, unwanted, and virus-infected emails and preventing those messages from getting to a user's inbox.
Spear Phishing: Phishing attempts directed at specific individuals or companies is known as spear phishing. In contrast to bulk phishing, spear phishing attackers often gather and use personal information about their target to increase their probability of success.
SSD: Solid State Drive; a type of storage device in computers that stores data using flash-based memory.
SSL: Small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites. SSL Certificates bind together:
A domain name, server name or hostname.
An organizational identity (i.e. company name) and location.
An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers. Depending on the type of SSL Certificate applied for, the organization will need to go through differing levels of vetting. Once installed, it is possible to connect to the website over https://www.domain.com, as this tells the server to establish a secure connection with the browser. Once a secure connection is established, all web traffic between the web server and the web browser will be secure. To view the details of an SSL Certificate, go to a secure site, click on the padlock and select “View Certificate”. All browsers are slightly different, but the Certificate always contains the same information.
Switch: A switch serves as a controller, enabling networked devices to talk to each other efficiently. Through information sharing and resource allocation, switches save businesses money and increase employee productivity.
What is a Network Switch: Unmanaged Switches: An unmanaged switch works right out of the box. It’s not designed to be configured, so you don’t have to worry about installing or setting it up correctly. Unmanaged switches have less network capacity than managed switches. You’ll usually find unmanaged switches in home networking equipment.
What is a Network Switch: Managed Switches: A managed network switch is configurable, offering greater flexibility and capacity than an unmanaged switch. You can monitor and adjust a managed switch locally or remotely, to give you greater network control.
System Hardening: The process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle, a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services.
TCP/IP: Transmission Control Protocol/Internet Protocol; an agreed upon set of rules that tells computers how to exchange information over the Internet. Other Internet protocols like FTP, Gopher, and HTTP sit on top of TCP/IP.
Teams / Microsoft Teams: Microsoft Teams is a unified communication and collaboration platform in Office 365 that combines persistent workplace chat, video meetings, file storage, and application integration.
Two-factor authentication (2FA): An extra level of security achieved using a security token device; users have a personal identification number (PIN) that identifies them as the owner of a particular token. The token displays a number which is entered following the PIN number to uniquely identify the owner to a particular network service. The identification number for each user is changed frequently, usually every few minutes.
Unified Threat Management (UTM): Unified threat management is an approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function.
USB: Universal Serial Bus; a connector on the back of almost any new computer that allows you to quickly and easily attach external devices such as mice, joysticks or flight yokes, printers, scanners, modems, speakers, digital cameras or webcams, or external storage devices.
Username: A name used in conjunction with a password to gain access to a computer system or a network service.
URL: A uniform resource locator, or URL, is also known as a web address. The current URL is displayed in your web browser’s address bar.
USB port: An interface used for connecting a Universal Serial Bus (USB) device to computer; these ports support plug and play.
Virtual Desktop Infrastructure: A software technology that separates the desktop environment and its application software from the physical client device that is used to access it.
Virtualization: Virtualization is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, a storage device or network resources. In hardware virtualization, the term host machine refers to the actual machine on which the virtualization takes place; the term guest machine, however, refers to the virtual machine.
Virus: A program intended to alter data on a computer in an invisible fashion, usually for mischievous or destructive purposes. Viruses are often transferred across the Internet as well as by infected diskettes and can affect almost every type of computer. Special antivirus programs are used to detect and eliminate them.
Vishing: Voice phishing, or vishing, is the use of telephony to conduct phishing attacks. Landline telephone services have traditionally been trustworthy; terminated in physical locations known to the telephone company, and associated with a bill-payer.
VoIP: Voice over Internet Protocol; a means of using the Internet as the transmission medium for phone calls. An advantage is you do not incur any additional surcharges beyond the cost of your Internet access.
VPN: Virtual Private Networking; a means of securely accessing resources on a network by connecting to a remote access server through the Internet or other network.
WAN: A wide area network is a larger network that covers a wider area. Your ISP provides you with a connection to their own WAN, which connects to the Internet.
WAP: Wireless Application Protocol; a set of communication protocols for enabling wireless access to the Internet.
WEP: Wired Equivalent Privacy; a security protocol for wireless local area networks defined in the 802.11b standard. WEP provides the same level of security as that of a wired LAN.
Wi-Fi: Wireless Fidelity; A generic term from the Wi-Fi Alliance that refers to of any type of 802.11 network (e.g., 802.11b, 802.11a, dual-band, etc.). Products approved as “Wi-Fi Certified” (a registered trademark) are certified as inter-operable with each other for wireless communications.
Window: On a graphical user interface system, a rectangular area on a display screen. Windows are particularly useful on multitasking systems which allow you to perform a number of different tasks simultaneously. Each task has its own window which you can click on to make it the current process. Contrast to a “dialog box” which is used to respond to prompts for input from an application.
Windows: A casual way of referring to the Microsoft Windows operating systems.
Wireless (networking): The ability to access the Internet without a physical network connection. Devices such as cell phones and PDAs that allow you to send and receive email use a wireless Internet connection based on a protocol called WAP (Wireless Application Protocol). At this point, web sites that contain wireless Internet content are limited, but will multiply as the use of devices relying on WAP increases.
WLAN: Wireless Local Area Network; the computers and devices that make up a wireless network.
WPA: Wi-Fi Protected Access; a standard designed to improve on the security features of WEP.
GET WEEKLY IT SECURITY TIPS
Get short, relevant IT security tips & strategies to lower your risk of a breach delivered to your inbox weekly.
SUBSCRIBE NOW
GET ON-DEMAND WEBINARS
Learn when and where you want. These info-packed webinars are available to you any time. Just click and play.
WATCH A WEBINAR
© Copyright 2022 DP Solutions. | XML Sitemap