Technology is integral to every business, yet many business owners, executives, and managers are lost when confronted with IT jargon. That’s why we’ve rounded up 10 of the most important IT terms to know. Familiarize yourself with these so you can better understand common technical terms used in a workplace.
1. Multi-Factor Authentication (MFA)
Also known as Two-Factor Authentication (2FA), Multi-Factor Authentication (MFA) is one of the top IT buzzwords right now. MFA secures your online accounts and applications by demanding two or more forms of verification that you are the authorized user. These authentication methods can include a password plus the answer to a security question, a one-time passcode (OTP) sent to your phone or email, a mobile authenticator app, or biometric identification like fingerprint or facial recognition.
If an unauthorized person gains access to credentials like your username and password, MFA acts as a highly effective second layer of protection. For this reason, many businesses now make it a requirement for their employees to activate MFA. MFA can be enabled by going to the security settings of your apps and software.
2. Phishing and ransomware
Phishing and ransomware are different but closely related cyber threats that all business owners should be aware of due to their growing prevalence and sophistication. Phishing involves fraudulent emails or other types of communication sent to individuals from seemingly legitimate sources. The goal is to mislead the victim into revealing sensitive personal information, such as banking details or passwords, or to trick them into clicking a malicious link or download, which then results in malware being installed on their device.
Phishing is the primary vector for ransomware, a form of malware that is often delivered via these links or downloads. Attackers typically use this malicious software to block access to the victim’s files and network until a monetary ransom is paid. This type of attack is common among small businesses and major global enterprises alike.
Related IT jargon includes whaling, a.k.a. ‘CEO fraud’, a type of phishing attack that uses advanced social engineering to target senior employees like C-level executives and financial managers; smishing, which targets victims via text message rather than email; and vishing, which targets individuals by phone. Cybercriminals can easily spoof the email accounts of trusted individuals like colleagues, or the phone numbers of legitimate entities like banks, making these types of attacks particularly dangerous.
3. Business continuity and disaster recovery (BCDR)
A BCDR plan is a set of protocols designed to help an organization resume operations and recover quickly in the event of an attack, disaster, or unexpected interruption. By analyzing the potential impact and risk factor of a variety of scenarios – such as a ransomware attack, power failure, flood, or employee error – businesses can develop a strategy for continuing operations, i.e. business continuity.
Disaster recovery focuses on securing access to mission-critical technology, systems, and data following an adverse event to minimize downtime and destruction. To ensure minimal loss of data, recoverable data backups are an important part of any BCDR plan. For the best protection, data should be backed up to at least two different locations offsite. Data backups should be automated and tested regularly to ensure they can be restored when needed.
4. Endpoint protection platform (EPP) and endpoint detection and response (EDR)
As the cyber threat landscape grows in complexity, EPP and EDR are two of the most vital IT terms to know. Endpoint protection platforms (EPP) prevent security threats on network-connected devices like computers, laptops, servers, smartphones, printers, etc. Endpoint detection and response (EDR) solutions detect and automatically respond to suspicious activity using AI and behavioral analysis to identify, react to, and analyze previously unknown threats. Microsoft’s Defender for Endpoint combines EPP and EDR capabilities in a single platform.
In a world where the barrier to entry for cybercrime is low and zero-day (previously unknown) threats are proliferating, antivirus – which only protects against known threats – no longer provides adequate protection. This makes EPP and EDR essential security measures for any business. The transition to remote work and the accompanying rise of BYOD (see below) has increased the physical attack surface of many organizations, also calling for more advanced security measures.
Still confused? Learn more about EPP, EDR, and antivirus here.
5. Bring your own device (BYOD)
One of the top tech phrases of the moment, BYOD refers to the policy of allowing employees to use personally owned devices for work – as opposed to COBO devices (Company Owned/Business Only). BYOD covers smartphones, laptops, tablets, cameras, and any other device that can connect to the organization’s network. With the recent rise in remote work, BYOD is becoming inevitable. In turn, cybercriminals are increasingly exploiting these often poorly secured endpoints to access sensitive business data and networks.
It is therefore important to create risk management policies to mitigate BYOD-related threats. These might include utilizing EPP and EDR (see above), enforcing access controls for sensitive data, enabling remote wiping of data on lost devices, preventing local storage of business data on personal devices, utilizing secure wi-fi connections, carrying out regular patching of apps on network-connected devices, enforcing security protocols like MFA, and carrying out employee security awareness training to reduce susceptibility to attacks like phishing.
6. Internet of Things (IoT)
Among the most enigmatic tech phrases, the internet of things refers to the growing network of internet-connected devices that independently collect, exchange, and act on data over a wireless network. These include everything from smartphones, smart speakers, and wearable technology to home security systems, inventory tags, machinery, and biochips.
Organizations can use IoT devices to gain real-time business insights, like identifying trends and inefficiencies, enabling them to work smarter and improve their services. However, the IoT also poses growing threats to the privacy and security of businesses and individuals. As the network of connected devices grows, so do the opportunities for hackers to exploit them – and once they gain access, they may be able to move throughout the network. At the same time, it becomes increasingly difficult to maintain oversight of all endpoints.
7. The cloud
The cloud is one of the most common technical terms used inside and outside of a workplace. It refers to servers that operate over the internet, rather than being installed on-premises, and software that runs in web browsers and virtual application windows rather than being installed on local devices. The three biggest cloud platforms are AWS, Google Cloud, and Microsoft Azure.
Microsoft 365 features a range of productivity solutions delivered over the cloud, along with device management and advanced security capabilities. It features familiar Office desktop applications like Outlook, PowerPoint, Word, and Excel. But it also enables users to hold audio and video conferences from any networked device, and store and collaborate on documents in real-time via the internet, making it a powerful productivity tool for remote workers.
Cloud deployment comes in three main types. Public cloud: Servers and storage owned and operated by a third-party provider such as Microsoft. Private cloud: Resources that are used exclusively by a single organization and maintained on a private network, with the infrastructure located either on-premises or hosted by a third-party provider. And hybrid cloud, which combines the two and is often preferred by businesses as it helps fulfill data protection/regulatory requirements while utilizing existing on-premises investments.
8. Software as a service (SaaS)
SaaS (spoken like the word ‘sass’) is a software delivery model that sees cloud-based applications made available over the internet on a subscription basis. It is an alternative to locally-installed legacy software. Its benefits include scalability, security, and greater ease of access to enterprise-grade software for smaller firms.
The SaaS term has become the model for a wide and growing range of similar IT jargon, including HaaS (hardware as a service), PaaS (platform as a service), IaaS (infrastructure as a service), DRaaS (disaster recovery as a service), and more.
9. Wireless access point (WAP)
A wireless access point (WAP) is a piece of hardware that generates a wi-fi signal, enabling other devices to connect wirelessly to the internet (a wired network). It is distinct from a modem, which connects to the physical line and transfers data over a single ethernet connection, and a router, which connects to the modem to allow multiple devices to access the internet connection simultaneously via ethernet cables. WAPs connect to routers to deliver a wireless signal. Multiple WAPs can be used to extend network coverage over a wider area.
10. Wide area network (WAN)
To understand WAN, it’s important to first define LAN (local area network). A LAN is a group of interconnected network devices located in the same location – be it a home or an office. It encompasses routers, access points, cables, and switches that allow devices to connect to internal and internet-based servers, facilitating shared internet connection, file sharing, shared printers, etc. In comparison, a WAN covers a wider geographical area, connecting LANs together to facilitate communication between various locations, like branches of a corporation, buildings on a factory site, or even cities in a region.
Next time you’re faced with a confusing technology term, this list of tech phrases should help improve your communication with your IT team and employees. If you need help implementing any of the security or productivity measures outlined above, don’t hesitate to get in touch with Umbrella Managed Systems. And if you come across any tech phrases we haven’t touched on here, check out this comprehensive IT glossary for more.