Reference · Plain English
A glossary, for buyers.
The acronyms and jargon that show up across the rest of this site, defined the way we'd define them to a non-technical board member. We add entries here as new ones come up in proposals.
Security.
- MDRManaged Detection and Response
A security service where someone is contractually paid to read the alerts at 3am and respond on your behalf — not just generate a dashboard.
- EDREndpoint Detection and Response
A tool that monitors endpoints — laptops, desktops, servers — for malicious behaviour and contains threats automatically, going beyond signature-based antivirus.
- SOCSecurity Operations Centre
The 24/7 function — people, process, and tooling — that monitors security telemetry, triages alerts, and responds to incidents on an organisation's behalf.
- MFAMulti-Factor Authentication
A sign-in control that requires two or more proofs of identity — typically a password plus a phone, security key, or biometric — before granting access.
- Conditional Access
A Microsoft Entra ID feature that gates sign-ins based on context — user, location, device compliance, sign-in risk — and applies controls like MFA or block.
- Zero Trust
A security architecture philosophy summarised as "never trust, always verify" — every access request is authenticated and authorised explicitly, regardless of network location.
- SIEMSecurity Information and Event Management
A tool that aggregates and correlates security logs from across an environment and applies detection rules to surface alerts for human investigation.
- Phishing
A social-engineering attack that tricks users into revealing credentials or executing malicious payloads, usually via email — and the most common initial access vector for data breaches.
- BECBusiness Email Compromise
An email-based fraud where attackers impersonate executives or vendors to redirect payments or extract sensitive data — no malware involved, hard for traditional tooling to catch.
- Ransomware
Malware that encrypts data and demands payment for the decryption key — increasingly paired with data extortion, where stolen data is threatened with publication.
Infrastructure.
- RPORecovery Point Objective
The maximum amount of data loss, measured in time, that a business can tolerate for a given workload after an incident.
- RTORecovery Time Objective
The maximum acceptable downtime for a given workload after an incident, measured from the moment of failure to the moment service is restored.
- Patch management
The discipline of applying security and stability updates to operating systems and applications promptly, on a defined schedule, with reporting on what's done and what's outstanding.
Compliance.
- ISO 27001ISO/IEC 27001 — Information Security Management Systems
The international standard for how an organisation manages information security. Symsafe has been certified against it since 2018, under a JAS-ANZ-accredited certification body.
- Essential Eight
The Australian Cyber Security Centre's prioritised list of eight mitigation strategies for protecting Microsoft Windows-based environments from common cyber threats.