This glossary is provided to help you better understand some of the technical and legal terms used in these Product Terms. Our goal is to offer plain English explanations to make the document as clear as possible and easy to understand.
Application Allowlisting:
Only letting certain, approved apps run on your computers, blocking everything else for security.
Application Control:
Technology or a policy that only lets approved programs run on your devices, blocking everything else to keep your computers safe from harmful or unknown software.
Asset Lifecycle:
The entire useful life of a device - from when you buy it, through upgrades/repairs, to disposal.
Bandwidth:
The maximum amount of data you can send/receive over the internet each second (measured in Mbps or Gbps).
Baseline Security Requirements:
The minimum security measures your business must have in place, as set out in this agreement.
CAPTCHA:
CAPTCHA ("I am not a robot" tests) help defend against brute force attacks and other similar attacks.
Brute Force Attack:
A brute force attack is when hackers try lots of passwords really fast to break in.
Centralised Logging / Logging Data Sources:
Collecting logs (lists of important events or activities) from your devices and systems into one central place for monitoring and analysis.
Cloud Printing / Print Agent:
Printing from any device over the internet - using software (print agent) that makes this possible even if you're not in the office.
CVE / National Vulnerability Database / Exploit Prediction Scoring System (EPSS):
CVE: a list of known computer vulnerabilities. National Vulnerability Database: a government database of CVEs. EPSS: a score showing how likely a vulnerability will be used in real attacks.
Cybersecurity Awareness Training:
Training for your staff to help them spot scams, avoid bad links, use strong passwords, and generally keep your business safe from cyber threats.
Data Backup / Backup Solution:
Making a copy of all important business information (data), kept in a safe place, so it can be restored if lost or stolen.
Disaster Recovery:
Strategies and tools used to quickly restore your systems and data if something major goes wrong, like a cyber attack, equipment failure, or fire.
DNS Security Filtering:
A safety feature that blocks computers from accessing websites known to be dangerous (such as scam or virus-infected sites) by stopping the connection at the "name lookup" stage.
Domain Registration and DNS Management:
Registering your website address (like yourcompany.com) so no one else can use it, and managing the records needed to make your website and email work securely.
Dynamic Content (Email Signatures):
Automatically updating parts of your email signature - with, for example, new promotions, legal disclaimers, or seasonal messages.
Endpoint Detection and Response (EDR):
Special security software on computers that looks for and reacts to signs of cyber attacks, viruses, or suspicious behaviour - often automatically.
Fortification System (Web Hosting):
"Fortification system" is extra protection to block hackers from making unauthorized changes to your website.
HR Collaboration (onboarding/termination):
Working with your HR team so that all new staff have their accounts set up properly and staff who leave have their access removed quickly and safely.
Identity Threat Detection and Response:
Security monitoring that focuses on suspicious activity with user accounts, like someone logging in from an unusual place or at a strange time, and can stop attacks on user identities.
Incident Response Plan / Incident Response:
A clear plan for how your business will react if there's a cyber attack or IT security issue, so you can fix problems and recover as quickly as possible.
Intune (Microsoft 365 Intune Management):
An app from Microsoft that helps set rules, deploy software, and keep company devices secure (like remote control for IT management).
IVR Menu / Ring Groups / Hot Desking / Busy Lamp Field:
Phone system features. "IVR menu": automated menus ("press 1 for sales"); "Ring groups": multiple phones ring together; "Hot desking": logging in at any phone; "Busy Lamp Field": see who's on a call.
License Overages / Shared Mailboxes / Deactivated Mailboxes:
Terms related to the way your Microsoft 365 mailboxes (email accounts) are backed up. "Overages" means going over the amount included in your plan; "shared mailboxes" are functional group email accounts; "deactivated" are mailboxes for ex-staff.
NBN / eNBN:
The National Broadband Network (NBN) is Australia's main internet infrastructure. "eNBN" means "enterprise-grade" NBN, which is a more reliable business version.
Number Porting / Port Rejection / Reversal:
Moving your phone number from one provider to another. "Port rejection" happens if details don't match; "reversal" if you change your mind after porting.
Onsite/Offsite (backups):
"Onsite" means located in your office; "offsite" means stored somewhere else (like in the cloud or a data centre), often for safety.
Partner of Record (Microsoft 365):
Officially linking your Microsoft 365 subscription to your IT support provider so they can help manage your account and services.
Password Manager / Single Sign-On (SSO):
A secure app or service that saves all your passwords in one place (so you don't have to remember them all). Single Sign-On means you can use one secure login to access many systems or services.
Patching / Automated Patching:
Keeping software up to date by automatically installing fixes released by the software maker, to protect against bugs and security risks.
Personal device vs. company device:
A personal device is owned by an employee and used for personal activities; a company device is issued by the business and used for work.
Phishing Testing / Learning Moments:
Sending fake scam emails to test if staff can spot them; "learning moments" are quick follow-up lessons if someone falls for a test scam.
Phish-resistant multifactor authentication (MFA):
A type of secure login that not only requires more than your password, but also uses special technology - like a physical security key or advanced company login app - that won't work if a scammer tricks you with a fake website. Unlike basic MFA (like SMS or code generators), phish-resistant MFA only works with the real system and cannot be reused by cybercriminals.
Process Automation / Technology Roadmap:
Using computers or software to handle repetitive business tasks, and a plan (roadmap) to improve or grow your business technology.
Resource Limits (RAM/Storage/Bandwidth):
The maximum amount of computer resources (memory, data storage, and network use) you can use under your plan.
Retention Period (Backups):
How long a copy of your data or backups is kept before being deleted.
Ringfencing (Application Control):
Setting rules so certain programs can only do specific things - reducing what a hacker could do if they take over one program.
Risk Identification & Compliance Reviews:
Checking whether the software you use meets the security and legal requirements for your business.
SaaS / CRM / ERP:
Software you use online instead of installing on your computer ("Software as a Service"), e.g., CRM (customer management), ERP (business process management).
Secure Score (Microsoft 365):
A Microsoft rating that shows how secure your Microsoft 365 setup is, and how to improve it.
Security Information and Event Management (SIEM):
Software that collects, stores, and checks all logs and security events in one place, helping to catch suspicious activity quickly.
Security Operations Centre (SOC):
A team of security experts who actively watch your systems and investigate alerts for any signs of an attack or security issue, 24/7.
SLAs (Service Level Agreements) & Best Effort:
Agreed standards for how quickly your provider responds to and fixes problems. "Best effort" means there is no guaranteed speed - your provider will try but cannot promise.
Snapshot Service (Web Hosting):
"Snapshot service" takes a copy of your website at a point in time, so that it can be used to restore from at a later point in time.
SPF, DKIM, DMARC:
Security systems set up on your domain to stop scammers from pretending to send emails as you ("email spoofing"); these help make sure only approved senders can send emails from your business.
Threat Hunting (24x7 SOC Threat Hunting):
Experts actively looking for evidence of attacks or suspicious activity on your systems around the clock, not just waiting for alerts to go off.
Unified Auditing / Audit Log:
Keeping a record of all security changes and important actions on your systems so you can review who did what, and when.
Uptime Guarantee / eSLA:
The provider's promise that your service will be available a certain amount of the time (e.g., 99.9%); eSLA means "enhanced service level agreement" with stronger guarantees.
Vault Transfer (Password Manager):
Moving all passwords from one person's account to another if someone leaves your organisation.
Vulnerability Management:
The process of finding, fixing, or protecting against weaknesses ("holes") in your computers or networks before attackers can use them.
Vulnerability Scanning and Remediation:
Searching for, finding, and fixing weaknesses in computers, software, or devices before hackers find them.
Warranty Tracking:
Keeping record of the manufacturer warranties on your devices - to know what is still under free repair or replacement.
Zero-Knowledge (Password Manager):
A way of storing passwords where even the provider can't see them - only you and your staff can access what's saved.