Key Terms & Definitions.

Agent—a small program used by MSPs to remotely gather information about the status of machines and devices. Once installed, it allows MSPs to manage systems, update programs, and resolve issues.

Backup and Disaster Recovery (BDR)—a combination of data backup and disaster-recovery solutions that works cohesively to ensure an organization’s critical business functions will continue to operate despite serious incidents or disasters that might otherwise have interrupted them, or will be recovered to an operational state within a reasonably short period.

Bad Actors– A cybersecurity adversary that is interested in attacking information technology systems.

Binary Executable (EXE) Files—Unlike a plain text file, EXE files provide a computer operating system with a set of machine language instructions needed to perform the tasks necessary to accomplish specific objectives of a software application. For example, iTunes.exe is an executable file that conducts the features of Apple iTunes on your computer.

Break/Fix—an older style for delivering IT services and repairs to organizations in a fee-for-service framework. Essentially, a client contacts a break/fix technician to request upgrades, maintenance, or to resolve issues, and the technician bills the customer upon completion of the work.

Cyber Risk—Threats or vulnerabilities in networks, computers, programs and data, flowing from or enabled by connection to digital infrastructure, information systems, or industrial control systems.

Cyber Threat—A possible danger that could exploit a vulnerability to breach security and therefore seek to cause harm.

Cybersecurity—It is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

Cybersecurity Assessment—Evaluation of an organization’s cybersecurity posture to identify vulnerabilities, threats and risks.

Cybersecurity Scan—Superficial to thorough review of an organization’s computer systems, networks and devices. Assured offers the only Deep Software Scan application on the market, with its proprietary AssuredScanDKV® tool.

Cybersecurity Gaps—Security holes in an organization’s cybersecurity system that a bad actor can use to breach an information system.

Denial-of-Service (DoS) Attack—Attack to computer or network that blocks the intended user(s) from accessing their system or network capacity by flooding the system or network with dummy data.

Distributed Denial-of-Service (DDoS) Attack— A DoS attack that targets multiple compromised networks and systems.

Fully Managed IT Services—Managed IT services that are coupled with a Network Operations Center to proactively monitor systems, resolve issues and perform work with a level of expertise and efficiency unparalleled to other solutions.

Hacker—An individual, group or syndicate that breaches a computer system to unlawfully access data for malicious purposes and/or financial gain. There are many types of hackers, including corporate espionage marauders, ransomware bullies, hacktivists and even nation-states.

Help Desk—a managed IT service offering that provides information and technical support to end users. Some MSPs white label their Help Desk services for the client SMB.

Information Technology (IT)—an enterprise solution for storing, transmitting, creating, and using data through computing devices, networks and telecommunications.

Infrastructure as a Service (IaaS)—an MSP offering to SMBs; virtualized hardware over a cloud computing environment such as server space, network connections, IP addresses, load balancers, and other computer infrastructure with which clients can build their own platforms.

Internet of Medical Things (IoMT)—this term describes all medical devices connected to a healthcare provider’s computer system through the internet. These devices can generate, collect, analyze and transmit healthcare data.

Internet of Things (IoT)—the emergent network of tangible objects and products that contain software, sensors, and connectivity to the Internet and/or private networks and can exchange information based on standards set forth by the International Telecommunication Union’s Global Standards Initiative.

In House—the process where an organization hires its own IT service providers and pays their salary, benefits, and further training, as well as the infrastructure they oversee. This is typically an extremely costly endeavor, and often businesses that try to procure in-house IT lack the capabilities to fully service their system as well as an inability to grow.

IT Channel—an industry-exclusive marketplace where VARs, MSPs, and OEMs provide platforms, products and services to end users by partnering with hardware and software vendors.

Labor Arbitrage—the phenomenon of decreasing end costs by utilizing the abundant labor forces, education, and training of untapped global workforces.

Malware—Malicious software that destroys, damages and/or steals information from a computer system. These can be Trojan horses, viruses, worms, etc.

Managed IT Services—IT tasks and processes that are fulfilled by a third-party organization.

Managed Services Provider (MSP)—An IT professional (or IT organization) that offers managed IT services.

Mobile Device Management (MDM)—a security platform used to monitor, manage, and secure employees’ mobile devices (laptops, smartphones, tablets, etc.) that are deployed across multiple mobile service providers and across multiple mobile operating systems being used in an organization.

Network - A computer network is a group of computers that use a set of common communication protocols over digital interconnections for the purpose of sharing resources located on or provided by the network nodes.

Phishing Attack—An email from a malicious entity posing as a person or an organization which the recipient trusts or has done business with in the past. The purpose of this attack is to lure the receiver into giving the hacker sensitive information like social security numbers, PIN numbers and bank accounts.

Platform as a Service (PaaS)—a virtualized platform within a cloud environment that allows end users to develop and manage Internet applications that would otherwise require a complex infrastructure to launch apps.

Principle of Least Privilege (POLP)—through this practice you can limit the access rights for users to the bare minimum permissions they need to perform their work. In other words, if you don’t need it, you don’t need access to it. Every employee within your organization should have access to only the accounts and services they truly need to do their jobs, and these privileges can later be updated as they move to new positions or exit the company.

Remediation—The process of stopping a current attack from doing further damage. It would typically be part of an Incident Response Plan.

Remote Monitoring and Management (RMM)—a platform utilizing a collection of services and tools that can monitor, manage and deploy solutions to servers and endpoint devices utilizing agent software installed on endpoint systems.

Service-level agreement (SLA)—Essentially, a contract between a vendor and a client that specifies what the vendor will furnish, the timeframe in which it will be furnished, and the criteria for measuring vendor success.

Small and Medium-Sized Business (SMB)—On average, a business or organization that has 100 or fewer employees is considered small; 100-999 employees is medium sized. IT channel partners often seeks SMB organizations as clients.

Software as a Service (SaaS)—sometimes referred to as “software on demand,” SaaS is a licensing and distribution model that utilizes a subscription basis for access to software that is centrally hosted by its provider and accessed by end users via a client.

Value-Added Reseller (VAR)—an organization that adds services or features to a product, then resells it as a new product or solution.

Virtual Chief Information Officer (vCIO) — It is a dedicated resource who serves as a Chief Information Officer on a virtual and flexible basis. Their primary role is to formulate strategic IT goals for your company, and then manage an IT strategy and budget that meets those goals. Most vCIOs are hired through a reputable IT consulting service firm.

Vulnerability—A defined defect residing in an information technology enterprise. Legacy software and systems (that are outdated and no longer supported by the vendor) are especially at risk for vulnerabilities since they no longer receive security updates and patches.

Web Application Attack—Attack that targets programs run on a web server. These include user authentication systems and web applications.

Zero Day Attack—An attack vector that has never been seen before.