Use our quick navigation menu to jump to specific sections, or browse through all terms to better understand your security options.
Click to jump to a section.
SLA (Service Level Agreement): A documented commitment between an IT service provider and a client that defines expected response times, resolution times, and support availability. SLAs set clear expectations for how quickly issues will be acknowledged and resolved based on their severity.
Onboarding (IT): The process of setting up a new employee’s technology access, including creating user accounts, assigning software licenses, configuring security groups, provisioning devices, and scheduling orientation. Proper IT onboarding ensures new staff are productive and secure from day one.
Offboarding (IT): The process of securely removing a departing employee’s access to company systems, including disabling accounts, revoking licenses, recovering devices, transferring data ownership, and updating security groups. Timely IT offboarding is critical to preventing unauthorized access after an employee leaves.
See how we handle your IT management for you. →
Antivirus: Traditional security software that detects and removes known malware threats by comparing files against a database of known threat signatures.
Cybersecurity: The practice of protecting computers, servers, devices, data, and networks from digital attacks or unauthorized access.
Defense-in-Depth: Security strategy that uses multiple layers of protection, ensuring that if one defense fails, others continue protecting your systems and data.
Endpoint: Any device that connects to your business network, including computers, phones, tablets, and servers. Each endpoint is a potential entry point for security threats.
Firewall: A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules, acting as a barrier between your trusted internal network and untrusted external networks.
Malware: Harmful software designed to damage systems, steal data, or gain unauthorized access to your network. Includes viruses, ransomware, spyware, and trojans.
Phishing: Fraudulent attempts to obtain sensitive information like passwords or credit card numbers by disguising as a trustworthy entity in emails or messages.
Ransomware: Malicious software that encrypts your data and demands payment for its release. One of the most costly cybersecurity threats facing businesses today.
Security Breach: Unauthorized access to data, applications, networks, or devices that compromises the confidentiality, integrity, or availability of information.
Security Posture: The overall strength of your organization’s cybersecurity defenses, policies, and readiness to prevent and respond to threats.
Adaptive Authentication: Security approach that adjusts authentication requirements based on real-time risk assessment, applying stronger controls only when risk is elevated.
Conditional Access Policies: Security rules that evaluate user identity, device health, location, and risk factors before granting, limiting, or blocking access to business resources.
Device Trust/Compliance: Verification that devices meet your security requirements (encryption, updates, antivirus) before allowing them to access business resources.
Emergency Access Accounts: Special administrative accounts that bypass standard security controls for critical business situations or lockout scenarios.
Identity and Access Management (IAM): Systems and policies that ensure the right people have appropriate access to technology resources at the right times and for the right reasons.
JIT (Just-in-Time) Access: Temporary elevated permissions granted only when needed and for a specific duration, reducing the risk of compromised privileged accounts.
MFA (Multi-Factor Authentication): Security measure requiring two or more verification methods beyond just a password, such as codes sent to your phone or biometric verification.
PAM (Privileged Access Management): Security tools that control and monitor the use of elevated permissions on your devices and systems. PAM ensures that administrative actions like software installations require explicit approval, reducing the risk of unauthorized changes or malware gaining control of your systems.
Privileged Access: Elevated permissions that allow users to perform administrative functions, access sensitive systems, or make critical changes to your IT environment.
Risk-Based Access: Security approach that applies stronger authentication and controls only when elevated risk is detected, balancing security with user experience.
Role-Based Access Control (RBAC): Security approach that restricts system access based on a person’s role within your organization, ensuring users only access what they need for their job.
SSO (Single Sign-On): Authentication system that allows users to access multiple applications with one secure login, improving both security and user experience.
Trusted Locations: Pre-approved network locations where security requirements may be adjusted for verified users, such as your office network.
Zero Trust: Security approach that verifies every user and device attempting to access resources, regardless of whether they’re inside or outside your network. Assumes breach and verifies explicitly.
BYOD (Bring Your Own Device): Policy framework allowing employees to use personal devices for work while maintaining security controls that protect business data.
Device Compliance: Security verification ensuring devices meet minimum standards (encryption enabled, operating system updated, security software active) before accessing company resources.
Device Provisioning: The process of configuring a new device with the correct security policies, software, user accounts, and network settings so it is ready for use. Automated device provisioning streamlines this process so new computers can be shipped directly to employees and configure themselves on first login, without requiring hands-on IT setup.
EDR (Endpoint Detection & Response): Advanced security solution that continuously monitors endpoints, detects suspicious behavior using behavioral analysis, and responds to threats in real-time—going beyond traditional signature-based antivirus detection.
Encryption: Converting data into code that can only be read by authorized parties with the correct decryption key, protecting information even if devices are lost or stolen.
Endpoint Management: Comprehensive approach to securing and managing all devices (computers, phones, tablets) that connect to your business network.
MDM (Mobile Device Management): Centralized security solution for smartphones and tablets, ensuring company security policies are enforced on all mobile devices accessing business data.
Microsoft Intune: Microsoft’s cloud-based endpoint management platform that allows IT administrators to manage devices, enforce security policies, deploy software, and ensure device compliance—all without requiring those devices to be on a corporate network. Intune is the engine behind mobile device management (MDM) and device compliance in Microsoft 365 Business Premium and Enterprise environments.
Patch Management: The process of testing, deploying, and verifying software updates and security patches across all devices to protect against known vulnerabilities.
Remote Wipe: Security capability allowing IT administrators to erase all data from lost, stolen, or compromised devices remotely to prevent data breaches.
Data at Rest: Information stored on devices, servers, or cloud storage. Requires encryption and access controls to protect against unauthorized access.
Data Classification: The process of organizing and labeling data based on its sensitivity level and business importance to apply appropriate security controls.
Data Discovery: Automated scanning process that locates sensitive information across your organization using pattern recognition, machine learning, and predefined rules.
Data in Motion: Information actively traveling between systems, applications, or locations. Requires encryption during transmission to prevent interception.
Data Sovereignty: Legal requirement that data must be stored and processed within specific geographic boundaries, important for regulatory compliance.
DLP (Data Loss Prevention): Security tools that identify, monitor, and protect sensitive data across email, cloud storage, and endpoints to prevent accidental or malicious data exposure.
Information Protection: Comprehensive approach to discovering, classifying, labeling, and protecting sensitive business information throughout its lifecycle.
Insider Threats: Security risks from employees, contractors, or partners who have authorized access but may intentionally or accidentally misuse it.
Microsoft Purview: Microsoft’s information protection and governance platform that helps organizations classify, label, and protect sensitive data across cloud and on-premises environments.
Persistent Protection: Security controls (encryption, access restrictions, usage limitations) that remain attached to documents even after they leave your organization.
Sensitivity Labels: Visual and technical markers applied to documents that enforce encryption, access controls, and usage restrictions—protection that persists even when files are shared externally.
Trainable Classifiers: Machine learning models that learn to recognize specific types of documents and content patterns, enabling automatic application of appropriate security classifications.
CASB (Cloud Access Security Broker): Security tool that sits between your organization and cloud service providers to monitor activity, enforce policies, and protect data.
Cloud Access Security: Tools and policies that protect and monitor how your organization uses cloud services, preventing unauthorized access and risky behaviors.
Cloud Backup: Automated copies of your data stored in secure cloud locations, providing protection against local disasters, ransomware, and hardware failures.
Cloud Security: Comprehensive approach to protecting data, applications, and infrastructure hosted in cloud services like Microsoft 365, Azure, or Google Workspace.
Entra ID (formerly Azure AD): Microsoft’s cloud-based identity and access management service that controls user access to cloud applications and resources.
Security Policies: Documented rules defining how cloud services should be configured, accessed, and used securely within your organization.
Shadow IT: Unauthorized cloud applications and services used by employees without IT approval, creating security blind spots and compliance risks.
NAS (Network Attached Storage): A dedicated file storage device connected to your office network that allows multiple users and devices to access shared files from a central location. NAS devices are commonly used for shared drives, local backups, and collaboration in office environments.
Network Infrastructure: The hardware and software components (routers, switches, access points, cabling) that enable network connectivity and must be properly secured.
Network Monitoring: Continuous surveillance of network traffic and activity to detect anomalies, performance issues, and potential security threats.
Network Security: Practices and tools that protect the integrity, confidentiality, and accessibility of your computer network and the data transmitted across it.
Network Segmentation: Practice of dividing your network into separate security zones to contain potential breaches and protect sensitive systems.
Perimeter Security: Traditional security approach focusing on protecting the boundary between your internal network and external threats, though less effective in modern cloud environments.
VoIP (Voice over Internet Protocol): Technology that delivers phone calls over the internet instead of traditional telephone lines. VoIP phone systems offer business features like call routing, voicemail-to-email, and virtual extensions at lower cost than traditional phone service, and can support remote workers through software-based phone apps.
VPN (Virtual Private Network): Encrypted connection that creates a secure tunnel over the internet, allowing remote workers to safely access your business network.
Dark Web Monitoring: Service that scans dark web marketplaces and forums for your organization’s compromised credentials or sensitive data being sold or traded.
Incident Response: Structured approach to handling security breaches or cyberattacks, including detection, containment, eradication, and recovery.
Security Awareness Training: Education programs that teach employees to recognize and respond appropriately to security threats like phishing emails and social engineering.
Security Monitoring: Continuous observation of systems, networks, and user activities to identify suspicious behavior or security incidents requiring response.
SIEM (Security Incident & Event Management): Security technology that collects and analyzes log data from across your IT environment—devices, cloud services, network equipment—to detect suspicious patterns and potential security incidents. SIEM provides a centralized view of security activity and creates an audit trail for investigations and compliance.
Threat Detection: Systems and processes that identify potential security threats through monitoring, analysis, and correlation of security events.
Vulnerability Assessment: Systematic review of systems to identify security weaknesses that could be exploited by attackers.
Backup: Copies of data stored separately from primary systems to enable recovery after data loss, system failure, hardware damage, or cyberattack.
BCDR (Business Continuity and Disaster Recovery): Combined approach addressing both operational continuity and IT recovery to minimize downtime and data loss.
Business Continuity Planning (BCP): Comprehensive strategies and procedures to maintain or quickly resume business operations during and after significant disruptions.
Cloud Backup: Automated backups stored in secure cloud infrastructure, providing geographic redundancy and easy recovery without maintaining physical backup hardware.
Disaster Recovery (DR): Specific IT-focused processes and technologies for restoring systems, applications, and data after catastrophic events.
Offsite Backup: Data backups stored in a different physical location from your primary systems, protecting against local disasters like fire, flood, or theft.
Point-in-Time Recovery: Ability to restore data to a specific moment before corruption, deletion, or ransomware encryption occurred.
Recovery Testing: Regular verification that backup systems work correctly and data can be successfully restored when needed, ensuring backup reliability.
RPO (Recovery Point Objective): Maximum acceptable amount of data loss measured in time—how far back you can afford to restore from backups.
RTO (Recovery Time Objective): Maximum acceptable time your business can be without specific systems or processes before the impact becomes unacceptable.
Audit Trail: Chronological record of system activities documenting who accessed what information, when, and what actions they performed—critical for compliance and investigations.
Compliance: Meeting security and privacy standards required by laws, regulations, or industry frameworks relevant to your business operations.
Compliance Reporting: Documentation and evidence demonstrating how your organization meets regulatory requirements and security standards.
Data Retention: Policies defining how long different types of business data must be kept and when it should be securely deleted.
Information Governance: Organizational policies, procedures, and controls governing how business information is created, stored, accessed, shared, and disposed of.
ISO 27001: International standard for information security management systems, providing a systematic approach to managing sensitive information.
NIST Framework: Comprehensive cybersecurity framework developed by the US National Institute of Standards and Technology, widely adopted by Canadian organizations.
PHIPA: Ontario’s Personal Health Information Protection Act, protecting patient privacy and governing how health information is collected, used, and disclosed.
PIPEDA: Canada’s federal Personal Information Protection and Electronic Documents Act, governing how private sector organizations collect, use, and disclose personal information.
Security Assessment: Comprehensive review of your security measures, policies, and technical controls against regulatory requirements or industry standards.
Vendor Security Requirements: Security standards and documentation that suppliers or clients require you to meet before doing business together.
Book a free Discovery Call. We’ll ask about your team, your tech, your pain points, and your security requirements. Then we’ll build your IT plan and quote.
No generic packages, no pressure.
