IT Glossary

Artificial Intelligence for IT Operations — using machine learning and big data analytics to automate and enhance IT operations, including anomaly detection, event correlation, and root cause analysis.

Business Continuity Plan — a documented strategy outlining how an organization will continue operating during and after a disaster or disruption, covering IT systems, communications, personnel, and facilities.

Cloud Access Security Broker — a security policy enforcement point between cloud service consumers and providers that enforces security policies for cloud-hosted resources.

Configuration Management Database — a repository that stores information about IT assets (configuration items) and their relationships, used for change management and impact analysis.

Data Loss Prevention — a set of tools and processes that detect and prevent data breaches, exfiltration, and unauthorized destruction of sensitive data across endpoints, networks, and cloud.

Digital Personal Data Protection Act — India's comprehensive data protection legislation governing the processing of digital personal data, establishing consent frameworks, data fiduciary obligations, and penalties for non-compliance.

Endpoint Detection and Response — security solutions that continuously monitor endpoints to detect, investigate, and respond to cyber threats in real time.

Financial Operations — a cloud financial management discipline and cultural practice that brings financial accountability to variable cloud spending, enabling teams to make business trade-offs between speed, cost, and quality.

Health Insurance Portability and Accountability Act — US federal law requiring safeguards to protect the privacy of personal health information (PHI) and setting conditions on its use and disclosure.

Infrastructure as Code — managing and provisioning computing infrastructure through machine-readable configuration files rather than physical hardware configuration or interactive configuration tools.

IT Service Management — the activities performed by an organization to design, plan, deliver, operate, and control IT services offered to customers, typically following ITIL frameworks.

IT Asset Management — the set of business practices that join financial, contractual, and inventory functions to support lifecycle management and strategic decision-making for IT assets.

Identity and Access Management — a framework of policies, processes, and technologies that manages digital identities and controls user access to critical resources through authentication and authorization mechanisms.

Intelligent Document Processing — AI-powered technology that extracts, classifies, and validates data from unstructured documents like invoices, contracts, and forms using OCR, NLP, and machine learning.

Managed Detection and Response — an outsourced cybersecurity service that provides threat monitoring, detection, and response capabilities with a dedicated team of security analysts.

Mean Time to Resolve — the average time taken to fully resolve an incident from the moment it is detected, a key SLA metric for measuring operational efficiency.

Network Operations Center — a centralized location from which IT support technicians monitor, manage, and maintain client networks, servers, and infrastructure 24/7.

North American Electric Reliability Corporation Critical Infrastructure Protection — a set of mandatory cybersecurity standards for bulk electric system operators covering physical and cyber security of critical assets.

Payment Card Industry Data Security Standard — an information security standard for organizations handling branded credit cards, requiring specific security controls for cardholder data environments.

Quality of Service — the set of network technologies and techniques used to manage bandwidth, delay, jitter, and packet loss to ensure consistent and predictable network performance for critical applications.

Robotic Process Automation — technology that uses software robots to automate repetitive, rule-based tasks typically performed by human workers across applications and systems.

Secure Access Service Edge — a cloud-delivered architecture combining SD-WAN capabilities with cloud-native security functions like SWG, CASB, FWaaS, and ZTNA into a single service.

Software-Defined Wide Area Network — a virtual WAN architecture that uses software to manage connectivity, circuit management, and traffic steering across geographically distributed sites.

Security Information and Event Management — technology that aggregates and analyzes log data from across the IT environment to detect threats, support incident response, and meet compliance requirements.

Service Level Agreement — a commitment between a service provider and client that defines the expected level of service, including uptime guarantees, response times, and resolution timeframes.

Security Operations Center — a centralized unit that deals with security issues on an organizational and technical level, staffed by security analysts who monitor, detect, and respond to cybersecurity incidents.

Service Organization Control 2 — an auditing procedure that ensures service providers securely manage data to protect the interests of the organization and the privacy of its clients, based on Trust Service Criteria.

Security Orchestration, Automation, and Response — technology that enables organizations to collect threat data, automate repetitive security tasks, and orchestrate incident response workflows.

Extended Detection and Response — a unified security platform that integrates data from multiple security products (endpoints, network, cloud, email) to provide holistic threat detection, investigation, and response.

A security framework requiring all users, inside or outside the network, to be authenticated, authorized, and continuously validated before being granted access to applications and data. Based on the principle of "never trust, always verify."