Glossary

Words matter to us

We admit it. Sometimes it's really difficult to understand what we're talking about. We are so immersed in technology 24 hours a day, that we "elevate" our technical jargon to a universally known dictionary. Sorry, on behalf of all of us and the geeks of the world. Having said that, we want to share our language with you. After all, sharing is caring, right?
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A
Access point
Network device that provides WiFi, to which you can connect to access the local network and Internet.
Infrastructure
Account
A user personal profile within a specific digital system through which you can access a service and/or obtain its customization.
Infrastructure
Active Directory
Active Directory is a service developed by Microsoft for Windows networks that can be used to hierarchically organize actions, user accounts and IT resources.
Infrastructure
Advanced Persistent Threat (APT)
"Security breach that allows an individual to gain access to or to gain control of a system for an extended period of time, usually without the system owner being aware of the breach. It represents a threat carried out by an adversary with considerable technical expertise and large resources, capable of carrying out large-scale attacks, using multiple vectors, and for very extended periods of time."
Cybersecurity
Alert
Alerts are often created and managed by system management tools. Alerts occur when a threshold has been reached, something has changed or a failure has occurred.
Service Management
Antivirus (AV)
"Software aimed at preventing, detecting and rendering harmless malicious code and malware to a computer, such as viruses, adware, backdoor, dialer, fraudtool, hijacker, keylogger, LSP, rootkit, spyware, trojan, worm or ransomware. Generally this type of program is not able to totally protect a computer from all existing cyber threats - cyber attacks, advanced persistent threats (APT), botnets, DDoS attacks, phishing, scams, social engineering or spam - and therefore the security should be guaranteed by using several other products and services."
Cybersecurity
Asset
Technological asset refers to any element that can generate, receive or process digital information to support the company activity.
Infrastructure
Asset Management
Process responsible for tracking the ownership of assets throughout their life cycle and reporting their financial value.
Service Management
Attack vector
An attack vector is a pathway or method used by a hacker to illegally access a network or computer in an attempt to exploit system vulnerabilities. Hackers use numerous attack vectors to launch attacks that take advantage of system weaknesses, cause a data breach, or steal login credentials. Such methods include sharing malware and viruses, malicious email attachments and web links, pop-up windows, and instant messages that involve the attacker duping an employee or individual user.
Cybersecurity
B
Backup
Duplication of a file or a set of data on a medium external to the computer. It can be run locally, in the cloud, on a different physical device or at multiple media and locations.
Business Continuity
Best Practice
Proven activities or processes that have been used successfully by multiple organizations. ITIL is an example of Best Practice.
Service Management
Breach
Breach of information or data security that occurred on a particular device or service.
Cybersecurity
Break-fix
Approach to IT support that involves intervention when a fault or malfunction occurs.
Service Management
Bring your own device (BYOD)
Expression used to refer to company policies that allow you to bring your personal devices into the workplace and use them to have privileged access to company information and their applications.
Cybersecurity
Business Continuity
Defines processes and tools necessary to ensure the resilience of a structure following the occurrence of adverse conditions, to secure operations, production capacity, interests and image of the company.
Business Continuity
Business Email Compromise (BEC)
Type of cybercrime in which the scammer uses email to trick someone into sending money or disclosing confidential company information, acting as a trusted figure. BEC scams are on the rise due to remote working growth.
Cybersecurity
Business Impact Analysis (BIA)
Business impact analysis (BIA) helps you predict the consequences of disrupting operations. It involves examining the outage, finding out as much information about the outage as possible, and creating a recovery strategy to correct not only the outage, but also its consequences.
Business Continuity
C
CEO Fraud
Type of phishing attack aimed at very high-profile corporate figures, generally CEOs, company presidents, financial directors, etc.
Cybersecurity
Change Advisory Board (CAB)
People committee that includes expertise from different IT areas, that offers advice on the change management process on individual Request for Change. May have authorization to approve Requests for Change.
Service Management
Change Management
IT Service Management discipline that deals with changes in the IT infrastructure.
Service Management
Client
Every computer connected to the server and able to exchange data with it
Infrastructure
Cloud Computing
Term which refers to the technology that allows you to process and store data online.
Infrastructure
Cloud Journey
Path that leads a company to abandon local IT systems with the aim of migrating to cloud platforms.
Infrastructure
Content Filtering
Technique that blocks and controls access to unsafe or inappropriate web content.
Cybersecurity
Credential Stuffing
Type of cyber attack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and their corresponding passwords, and then uses the credentials to gain unauthorized access to user accounts on other systems via automated, direct access requests to a web application.
Cybersecurity
Cryptography
Basis of data protection. This is the conversion of data from a readable format into an encoded one that can only be read or processed after it has been decrypted. Only the authorized person can decrypt the data and access the information in the original format.
Cybersecurity
CryptoLocker
Malware from the ransomware category that encrypts the victim's computer data, effectively blocking it, and demanding the payment of a ransom to restore it.
Cybersecurity
Cyber Resilience
Ability of an organization to preventively resist an attack and to restore normal operations following it.
Cybersecurity
D
Dark Web
Websites and online content that exist beyond the reach of search engines and traditional browsers. These contents are protected by encryption methods and can only be accessed with specific software, configuration settings or pending approval from their administrators. The Dark Web is considered a part of the Deep Web. The Dark Web's reputation is often linked to criminal intent or illegal content, or to "trading" sites where illicit goods or services can be purchased. The Dark Web was once the specialty of hackers, law enforcement officers, and cybercriminals. However, the advent of new technologies such as encryption and Tor - the browser anonymization software - has meant that anyone can browse the "dark" part of the Web if they want. In the Dark Web, users enjoy three advantages above all: anonymity, virtually untraceable services and sites, and the possibility of committing illegal actions, both by users and providers.
Cybersecurity
Data availability
Indicates the ease of accessing data or resources in a usable format, as well as the overall availability of a system. Includes the speed of recovery in the event of an accident or temporary outage of a system.
Infrastructure
Data Breach
A breach of security resulting in the destruction, loss, modification, unauthorized disclosure of or access to personal data transmitted, stored or processed. It can also be accidental.
Cybersecurity
Data Center
Centralized physical structure where company computers, network, storage and other IT equipment that support company operations reside. Computers in a data center contain or streamline business-critical applications, services and data.
Infrastructure
DDoS (Distributed-denial-of-service) Attack
DdoS attacks are an evolution of DoS attacks and consist of intentionally sending large amounts of data to a target from multiple sources to prevent a user, group of users, or organization from accessing a network resource.
Cybersecurity
Deep Web
Web content not indexed by search engines. It includes sites, content and individuals that purposely refuse to be indexed, for greater privacy or secrecy.
Cybersecurity
Defrag
Process by which file segments, originally saved in different areas of the hard disk, are rewritten on adjacent sectors to increase operational speed (i.e. defragmentation)
Cybersecurity
Denial-of-Service (DoS) Attack
A denial-of-service (DoS) attack is a cyber attack in which the attacker attempts to prevent users from accessing the network or computer resources.
Cybersecurity
Deploy
Delivery or release to the customer, with related installation, configuration and commissioning or operation, of an application or software system typically within a company IT system.
Service Management
Deprovisioning
Process by which a system administrator removes resources and privileges, not only from users on a network, but also from those who use them remotely.
Service Management
Desktop Support Engineer
IT support specialist who assists customers with hardware and software issues. Provides on-site or remote technical support, including configuring computer hardware systems, installing and updating software, and basic IT troubleshooting.
Service Management
Digital Transformation
Process of organisational, economic, social and creative change enabled by the adoption and development of digital technologies.
Infrastructure
Disaster Recovery
Part of the broader Business Continuity strategy. Defines procedures and tools to be used in the event of an IT disaster.
Business Continuity
Disposal
Disposal of technological devices that can no longer be used through recycling procedures, respecting the environment and with safety procedures.
Service Management
Docking Station
Hardware platform to which a laptop can be connected to convert it into a Desktop PC. Typically it contains slots for expansion cards, compartments for hard disk drives, connectors for peripherals such as monitor, printer, keyboard, etc.
Infrastructure
Domain Controller
Core of Windows Active Directory service. It aims to authenticate users, store user account information, enforce security policies for a Windows domain. It allows for hierarchical organization and protection of users and computers operating on the same network.
Infrastructure
Domain Name System (DNS)
"The Domain Name System is Internet's ""phone book"". People access information online through domain names, such as nytimes.com. Web browsers interact via Internet Protocol (IP) addresses. DNS translates domain names into IP addresses, so browsers can load Internet resources. Every device connected to the Internet has a unique IP address, which other machines use to find it. DNS servers eliminate the need for humans to memorize IP addresses, such as 192.168.1.1 (in IPv4), or the newer, more complex alphanumeric IP addresses, such as 2400:cb00:2048:1::c629:d7a2 (in IPv6 )."
Infrastructure
Domain-based Message, Authentication, Reporting and Conformance (DMARC)
Email authentication standard that helps prevent sender spoofing and phishing.
Infrastructure
Downtime
Period of temporary unavailability - due to breakdown or maintenance - of an IT device and/or the services provided by it.
Infrastructure
Dropper
Small malicious code usually attached to the email that installs the actual malware.
Cybersecurity
E
Elapsed TIme
Solar time interval within which a project or part of it is carried out.
Service Management
End User Computing (EUC)
Term that describes the act of using computer hardware and software from businesses or individual consumers.
Infrastructure
End-to-end
One of the principles of computer network design that is applied across different network protocols such as TCP protocol. The end-to-end principle states that if you have two applications communicating over a network, all specific functions and operations required by those applications, such as error checking, must be fully implemented and executed at the end nodes (or end point) and not in the intermediate nodes (or intermediate nodes) of the network.
Infrastructure
Endpoint
The term endpoint refers to any device that can connect to the Internet, both physically and in the cloud.
Infrastructure
Endpoint Detection and Response (EDR)
Emerging class of security systems capable of detecting and analyzing suspicious activity on hosts and endpoints through the use of a high level of automation. They allow securty teams to respond quickly and through an automatic threat response mechanism.
Cybersecurity
Endpoint Protection Platform (EPP)
Security platform deployed on devices to prevent cyber attacks and security breaches. An EPP uses cloud-managed data to protect endpoint devices such as laptops, mobile phones, tablets and desktops from malware attacks, malicious activity and other types of security threats.
Cybersecurity
Exchange Online Protection (EOP)
Cloud-based filtering service that protects your organization from spam, malware and other email threats. EOP is included in all Microsoft 365 organizations with Exchange Online mailboxes.
Cybersecurity
Exploit
Term used to identify a type of script, virus, worm, piece of data or binary that exploits a bug or vulnerability to create unexpected behavior in software, hardware or electronic systems
Cybersecurity
External Vulnerability Scan
An external vulnerability scan is conducted from outside the company network. These scans target external IP addresses on the corporate network and detect open ports and protocols to identify security flaws.
Cybersecurity
F
False Positive
A false positive error occurs when anti-virus software falsely claims to have detected an infection in a file that is actually ""clean."" False positives usually occur when the same string chosen as the ""signature"" for a given threat is also present in another program.
Cybersecurity
Field Engineer
Field Engineers are responsible for managing technical functions, testing equipment, managing repairs, managing engineering projects and conducting on-site inspections. They ensure project compliance, conduct feasibility studies and apply technical knowledge to practical problems.
Service Management
Fileserver
Instance of a central server that allows connected clients to access stored resources. This system includes both the hardware and software needed to implement such a server. If provided with the relevant permissions, users can open, read, modify, delete and even upload their files to the file server.
Infrastructure
Firewall
Perimeter security system designed to prevent unauthorized access to public or private networks. Its function is to control incoming and outgoing communications based on a set of rules.
Cybersecurity
Forensic Analysis
Everything concerning the identification, conservation, protection, extraction, documentation, use and any other form of processing of computer data, in order to be evaluated in a trial.
Cybersecurity
FTTC
In the presence of an FTTC connection, the cable that connects the control panel to the cabinet or road cabinet is in optical fibre, while the section from the cabinet to the home is in copper.
Communication & Collaboration
FTTH
Indicates ultra-broadband connections in which the connection from the transmission center to the end user's modem is entirely made of optical fiber. Currently, FTTH technology is the one that guarantees greater connection stability, high performance and low environmental impact
Communication & Collaboration
Full Stack
A computer system or application, including both the Front-End and the Back-End
Infrastructure
G
Gang Ransomware
Organization whose main objective is to obtain financial gains through illicit activities in the IT field.
Cybersecurity
H
Hacker
Person who has knowledge and skill in analyzing the code of a computer program or system, modifying its functions or operations.
Cybersecurity
Hardening
Indicates the set of specific configuration operations of a given IT system which aim to minimize the impact of possible cyber attacks that exploit its vulnerabilities, thus improving its overall security.
Cybersecurity
Help Desk
Also defined as Service Desk, it is a single point of contact that allows users to resolve technical requests - called tickets - on various levels, depending on their complexity.
Service Management
I
Identity Management
Identity Management, also called Identity Access Management (IAM), is a technique that involves the implementation of policies useful for regulating user identities and access to a network. One of the main problems today, in fact, is that it is no longer possible to identify just simple standard users, but we must deal with different and different identities that coexist in an organization.
Service Management
Impact
Measurement of the effect of an incident, problem or change on business processes. Impact and Urgency are used to prioritize tickets in the ITIL framework.
Service Management
Incident
Event that is not part of the standard operations of a service and which causes, or may cause, an interruption or reduction in the quality of the service itself.
Service Management
Information technology (IT)
The use of technology to store, communicate or process information. Technology typically includes computers, telecommunications, applications and other software. The information may include company data, documents, voice, images, videos, etc.
Service Management
Information Technology Infrastructure Library (ITIL)
De facto standard for the provision and management of IT services: it is a set of guidelines in the management of IT services and consists of a series of publications that provide guidance on the provision of quality IT services and on the processes and tools necessary to support them by an organization.
Service Management
Insider
Person with malicious intentions who belongs to the organization itself.
Cybersecurity
Interactive Voice Response (IVR)
The automatic voice response system, or IVR, is an automated telephone system that combines pre-recorded messages to interact with callers, allowing you to provide and access information without the intervention of an agent in real time. By integrating computer and telephony technologies, IVR software can improve call flow and reduce wait times, resulting in greater overall customer satisfaction.
Communication & Collaboration
Internet Protocol (IP)
Unique address that identifies a device on the Internet or in a local network. An IP address is an identifier that allows devices to exchange information on a network: it can contain location information and allow access to devices for communication.
Communication & Collaboration
Intranet
Private company network completely isolated from the external network (Internet) in terms of services offered (e.g. via LAN). The communication with the external network and other networks should take place through appropriate communication systems (TCP/IP protocol, also extending with WAN and VPN connections) and related protection (e.g. firewall).
Infrastructure
IT Assessment
Analysis of the corporate information technology system and related IT processes of a specific company, whose objective is to identify the weak points and areas that can be optimized, in order to prepare a targeted intervention plan
Service Management
IT Asset Life-Cycle Management
Defines and describes the phases for managing an IT asset during its life.
Infrastructure
IT Audit
IT auditing consists of a systematic and documented process - conducted by expert IT professionals - whose goal is to verify that the information systems of an organization comply with the provisions of rules, regulations and internal policies.
Service Management
IT Governance
Set of policies and procedures, designed so that IT resources can provide maximum value to the company and its stakeholders. It does not just deal with the day-to-day management of the IT team, but provides a structure to align the department's strategy with that of the company.
Service Management
IT Infrastructure
All hardware, software, networks, facilities necessary to develop, test, provide, monitor, control or support IT services. The term IT infrastructure includes all information technology but not the associated people, processes and documentation.
Infrastructure
IT Operations Management
The corporate function within an IT service provider that performs the day-to-day tasks necessary to manage IT services and support the IT infrastructure. IT operations management includes IT Operation Control and Facilities Management.
Service Management
IT Service
Service provided to one or more customers by an IT Service Provider. An IT Service is based on the use of Information Technology and supports the customer's business processes. An IT service consists of a combination of people, processes and technology and should be defined in a service level agreement (SLA)
Service Management
IT Service Management (ITSM)
Discipline that deals with planning, designing and managing an organization's information technology system.
Service Management
K
Knowledge Base
Online, self-service information library about a product, service, department or topic. Knowledge Base for final users allow them to self-solve very basic problems, without possessing the technical skills.
Service Management
L
Lateral Movement
In cyber security it refers to a technique used by hackers to progressively move from a compromised entry point to the rest of the network as they look for sensitive data or other high-value resources to steal.
Cybersecurity
Learning Curve
Relationship between the time needed for learning and the amount of information correctly learned. This term is particularly used in the context of e-learning and in relation to software.
Service Management
Level 0 Help Desk
Application solutions that allow users to solve their problem on their own. Among these we can find blogs, manuals, FAQs (Frequently Asked Questions) or the Knowledge Base: all tools provide answers and solutions to frequent and solvable problems without having necessarily the technical skills.
Service Management
Level 1 Help Desk
Basic troubleshooting and support for resolving simple requests, such as problems using software. In case the owner of the ticket at this level (Level 1 Help Desk Support Specialist) is unable to provide a valid solution, the ticket is escalated to Level 2 support.
Service Management
Level 2 Help Desk
Tickets that require in-depth technical knowledge of the service or product are escalated to this level. The technicians responsible for this level initially determine whether the problem is new or whether it refers to a problem already known and not yet resolved. If the anomaly is new, the ticket must be escalated to level 3 support, normally the vendor manufacturer's support itself.
Service Management
Level 3 Help Desk
At this level, technical resources with the highest product knowledge are the ones involved. Typically, these resourcers are the ones who have been involved since the creation of the product itself (developers, architects, analysts, designers). Technicians try to replicate the problem and find the root cause. Once the cause is identified, it is decided whether or not to implement a fix, and in this case the solution is documented for the benefit of level 1 and 2 resources
Service Management
Lifecycle
The various phases in the life of an IT service, configuration item, incident, problem, change. The lifecycle defines the categories per state and the state transitions allowed.
Service Management
Local Area Network (LAN)
Data transmission network that connects a limited number of computers within a delimited physical environment, typically an office, a single building or several adjacent buildings.
Infrastructure
Log
A log represents the sequential and chronological recording of the operations carried out by a computer system
Service Management
M
Machine Learning
Subset of artificial intelligence that deals with creating systems that learn or improve performance, based on the data they use.
Artificial Intelligence
Malvertising / Adware
Type of online advertising used to spread malware.
Cybersecurity
Malware
Malicious software whose objective is to access, without authorization, particular information and data present in an IT infrastructure.
Cybersecurity
Man-in-the-middle (MITM) Attack
Cyberattack in which someone secretly alters communication between two parties who believe they are communicating directly with each other.
Cybersecurity
Managed Detection and Response (MDR)
Service that provides organizations with threat hunting services and responds to threats once discovered. It also involves a human element: security vendors provide their customers with access to their pool of security researchers and engineers, who are responsible for monitoring networks, analyzing incidents, and responding to security incidents.
Cybersecurity
Managed Security Service Provider (MSSP)
A provider that helps their customers to prevent, detect and/or respond to threats.
Service Management
Managed Service Provider (MSP)
An organization contracted by a customer to perform various IT services.
Service Management
Managed Services
Service that is taken over, provided and controlled by an external supplier, i.e. the Managed Service Provider.
Service Management
Maximum Acceptable Outage (MAO)
Maximum tolerable interruption time
Business Continuity
Minimum Business Continuity Objective (MBCO)
Minimum performance level of an organization
Business Continuity
Mission-critical
System essential for the survival of an organization. When a mission-critical system fails or is disrupted, business operations are significantly impacted.
Service Management
Multi-Factor Authentication (MFA)
Technology that allows to recognise, through more than two authentication methods, the person who logs in to a system or application.
Cybersecurity
N
Network Attached Storage (NAS)
A high-capacity physical storage device attached to a network that allows authorized users and network clients to store and retrieve data from a centralized location.
Business Continuity
Network Operation Center (NOC)
Unit made up of a set of people, processes and technologies that supervise networks and infrastructures.
Service Management
Non-Fugible Token (NFT)
Digital certificates based on blockchain technology aimed at identifying the ownership of a digital product in a unique, irreplaceable and non-replicable way.
Cybersecurity
O
Office Automation
Application of software and hardware solutions to digitize, store and manage all the information inherent to the activities of an office. They are applications specifically designed to automate and speed up office activities and procedures, thus improving business management and efficiently integrating all front office and back office processes. These applications give the possibility to: write texts, create graphs and presentations, perform more or less complex calculations, send and receive emails, archive information and much more.
Communication & Collaboration
On-premise
On-premises refers to IT infrastructure hardware and software applications that are hosted on-site. This contrasts with IT assets that are hosted by a public cloud platform or remote data center. Many legacy and traditional data center resources are on-premises.
Infrastructure
Operating System (OS)
An operating system is a baseline software that manages the hardware and software resources of the machine, providing services to application software. Operating systems for desktop computers include Microsoft Windows, MacOS, Linux distributions and Chrome OS, while for mobile devices there are iOS and Android.
Infrastructure
P
Password Manager
Software that allows users to store their authentication credentials for sites and services in an encrypted archive, in a digital safe.
Cybersecurity
Patch Management
The process of creating, testing and deploying updates to an operating system, platform or application. These updates, also known as "patches", improve the software by fixing technical problems, strengthening security or releasing new features.
Cybersecurity
Penetration Test
An authorized simulated cyber attack performed to evaluate the system's security. Conducted in multiple phases from the perspective of a potential attacker, by simulating an attacker's cyber attack, it consists of exploiting the vulnerabilities detected, with the aim of helping to determine whether the system's defenses are sufficient, or whether vulnerabilities are present. The test therefore has the objective of highlighting the weaknesses of the platform by providing the greatest amount of information on the vulnerabilities that allowed unauthorized access, providing a clear estimate of the defense capabilities and the level of penetration achieved against: internal defenses to the system, defenses external to the system, physical security.
Cybersecurity
Phishing
Common Social Engineering attack. Attempt to obtain sensitive information, such as passwords and credit cards, from someone via email or chat.
Cybersecurity
PowerShell
Windows PowerShell is a program that allows users to issue commands to the system and open programs through a terminal without using the Windows graphical interface. Designed for system administrators, it allows you to perform all the tasks that can be done with the command prompt.
Service Management
Priority (ITIL)
Category used to identify the relative importance of an incident, problem or change. The priority is based on the Impact and Urgency matrix and is used to identify the time required for actions to be taken. For example, the Service Level Agreement between an IT Service Provider and one of his customers may state that Priority 2 incidents must be resolved within 18 hours.
Service Management
Proactive maintenance
Maintenance activities for IT systems that apply a proactive and data-driven approach. Thanks to the intelligent use of data analysis tools, proactive maintenance autonomously detects any anomalies in the systems or errors in the processes, to intervene with corrections before they have an impact on daily productivity.
Service Management
Problem
Cause of one or more accidents. The problem is initially unknown and results from a series of incidents that are related and have common issues
Service Management
Project
A temporary organization with people and other assets necessary to achieve a goal or other result. Every project has a life cycle that typically includes initiation, planning, execution, closure, etc. Projects are typically managed using a formal methodology such as PRINCE2
Service Management
R
Rack
Mechanical support structure, on which the actual hardware parts are mounted. By metonymy, in the jargon of hardware workers, a "rack" is also the cabinet together with the equipment mounted inside it.
Infrastructure
Ransomware
One of the most frequent types of attacks. Malwares restrict the use of a device or prevents access to the device. Then, the criminal informs the victim of the fact, demanding a ransom in exchange for the decryption key or non-public disclosure of the information.
Cybersecurity
Recovery Point Objective (RPO)
Restore point and maximum acceptable data loss
Business Continuity
Recovery Time Objective (RTO)
Time necessary for the full recovery of a system or an organizational process' operations in a Business Continuity analysis system. In a few words: it is the maximum duration, expected or tolerated, of an occuring downtime
Business Continuity
Remediation Plan
Personalized proposal to remedy the system flaws identified
Cybersecurity
Remote Desktop
Ability to access a computer or device from another device at any time and from anywhere.
Service Management
Remote monitoring and management (RMM)
Software that, by installing an agent on an endpoint, is used to: collect information from remote endpoints and networks to evaluate their integrity, perform various IT management tasks remotely and automate routine ones without interruption.
Service Management
Request for Change (RFC)
Mechanism provided by ITIL for requesting a change to the infrastructure. The RFC must contain all the information necessary for a change to be evaluated, approved and implemented.
Service Management
Risk Assessment
Risk Assessment includes: analyzing the value of a business's assets, identifying threats to these assets and assessing how vulnerable each asset is to these threats. The risk assessment can be quantitative or qualitative.
Cybersecurity
Rollout
Synonym of Deploy
Infrastructure
Router
Device responsible for routing traffic between two or more devices connected to the same network or in subnets. The existence of a router in a network is not directly linked to whether or not there is an internet connection, since it can be used internally within the local LAN network.
Infrastructure
Runbook
A set of standardized written procedures for completing repetitive information technology processes within an organization. Runbooks also serve as documentation in incident management and reduce system downtime.
Service Management
S
Sandbox
Test environment, disconnected from the normal flow of environments designed for application development and testing.
Service Management
Script
List of commands that can be executed without user interaction
Service Management
Secure Sockets Layer (SSL)
Technology that guarantees the security of an Internet connection and protects sensitive data exchanged between two systems by preventing cyber criminals from reading and modifying the transferred information.
Cybersecurity
Security information & event management (SIEM)
System for the collection and normalization of logs and for the correlation of events aimed at monitoring security
Cybersecurity
Security Operations Center (SOC)
Center for managing security features and monitoring events that could be a source of threat. It is a system that monitors the company's IT activity every day and manages to find all the anomalous behaviors that other software is not able to recognize.
Cybersecurity
Security posture
Set of data concerning the security status of a corporate network, the ability to organize its defenses and the efficiency in responding to any attacks
Cybersecurity
Server
Physical device or computer system for processing and managing information traffic. A server provides, at a logical and physical level, any type of service to other components (typically called clients) that request it through a computer network, within an IT system or even directly locally on a computer. Servers can provide various functionalities, often called ""services"" such as: sharing data or resources between multiple clients, performing computations for a client. A single server can serve multiple clients, and a single client can use multiple servers. Typical servers are database servers, file servers, email servers, print servers, web servers and application servers.
Infrastructure
Serverless
Cloud execution model where the cloud service provider allocates machine resources as they are requested. When an application is not in use, no resources are consumed and the price is based only on the resources used.
Infrastructure
Service Level Agreement (SLA)
Contract that defines the service quality standards that the supplier undertakes to maintain for its customers or users. Typically, a Service Level Agreement defines the times for taking charge, intervention and resolution of problems from the moment a ticket is created.
Service Management
Service Management
Service Management is a set of specialized organizational capabilities to provide value to customers in the form of services.
Service Management
Shadow IT
Any technology, system, solution, device, application used without the explicit approval of the IT department or the company to which the IT is outsourced.
Cybersecurity
Single Point of Contact (SPoC)
Providing a single, consistent way to communicate with an organization or business unit.
Service Management
Smishing
Cyber ​​attack that occurs via a text message, i.e. an SMS.
Cybersecurity
Social Engineering
Attack techniques based on the collection of information through study or interaction with a person. Among the most widespread techniques is phishing.
Cybersecurity
Software as a Service (SaaS)
Licensing and distribution model used to provide software applications.
Service Management
Spam
Unsolicited advertisement sent to a very large number of users via email.
Communication & Collaboration
Spear Phishing
More targeted version of the common phishing attack, as it targets a specific person and uses social engineering techniques to trick the target into disclosing sensitive information, downloading ransomware or other malware.
Cybersecurity
Spyware
Type of malware that hides on devices, monitors user activities and steals sensitive information such as banking details and passwords.
Cybersecurity
Statement of Work (SOW)
Term used in the field of project management. It is a document that defines the specific details of the project and the activities of which it is composed, the final results expected by the client and the times for which a supplier has committed to delivering the product or service to the end customer. The SoW typically also includes detailed technical requirements - as if it were a tender document - in addition to the project phases.
Service Management
Storage
Hardware devices, storage media, infrastructures and software dedicated to the non-volatile storage of large quantities of information in electronic format.
Infrastructure
Sub-contractor
A business that signs a contract to perform part or all of the obligations of another contract.
Service Management
Switch
Device that allows two or more devices to communicate with each other. Devices communicate by exchanging data “packets” over the network. Basic switches forward packets from one device to another, while more complicated operations are traditionally left to other types of networking devices.
Infrastructure
System Integrator
Service provider that mainly deals with integrating IT systems, even very heterogeneous ones, in order to create an IT environment that is unique, functional and suitable for the type of company in question.
Service Management
T
Technology Stack
Today, the term is used in a broad sense to indicate the technologies used by a company to provide its services or to manage its internal needs
Infrastructure
Ticket Assignment / Dispatch
Process of assigning a support request to the most appropriate human resources, based on the information contained in the ticket and on the basis of the assets involved
Service Management
Ticketing system
Tool used by an organization to monitor tracking, reporting and resolution of user requests.
Service Management
Total Cost of Ownership (TCO)
Methodology used to make investment decisions. TCO evaluates the entire life cycle cost of owning a configuration item, not just the initial cost.
Infrastructure
Trojan
A destructive program that masquerades as a benign application. Unlike viruses, Trojans do not replicate, but they can be just as destructive. One of the most insidious types of Trojan is a program that claims to rid your computer of viruses, but instead introduces them to your computer.
Cybersecurity
Troubleshooting
Identifies the logical and systematical process of researching the causes of a problem, so that they can be resolved definitively. The first thing to do, in the context of troubleshooting, is to receive as much information as possible on the problem that has arisen and on the circumstances that led to its manifestation.
Service Management
U
Unified Threat Management (UTM)
A cybersecurity term for a single security solution that provides multiple security features in a single point on the network.
Cybersecurity
Urgency
Measures how long it will take before an Incident, Problem or Change has a significant impact on the business. Impact and Urgency are used for prioritization in ITIL.
Service Management
User impersonation
"Technique that is used to impersonate an individual and make use of his data, his money, important information. The attacker takes on the role of a subject with whom the victim has some type of relationship, of sympathy/empathy, of subordination/authority, a subject towards whom you feel deference, a subject invested with an institutional role, so as to exploit, in one context rather than another, the victim's predispositions for action."
Cybersecurity
V
Vendor
A vendor is an individual or company that sells goods or services, often to businesses or consumers in various marketplaces. In the IT Market, vendors indicate hardware and software manufacturers
Service Management
Vendor lock-in
Relationship of dependence that is established between a customer and a supplier of goods or services, such that the customer finds himself in the position of not being able to purchase similar goods or services from a different supplier without having to incur significant costs and risks to make this transition.
Service Management
Virtual Appliance
Software application that resides and operates in a pre-configured virtual environment or platform. Virtual appliances are accessible remotely by users and do not require locally installed hardware.
Infrastructure
Virtual Local Area Network (VLAN)
Set of technologies that allow segmenting the broadcast domain, which is created in a local network. The applications of this technology are typically linked to the needs of separating the traffic of work groups or departments of a company, to apply different IT security policies.
Infrastructure
Virtual Private Network (VPN)
A VPN can be seen as the geographical extension of a secure private company local network (LAN) that connects sites within the company, located over a large territory, exploiting IP routing for transport.
Infrastructure
Voice over Internet Protocol (VoIP)
Technology that allows you to have a virtual switchboard: make a telephone conversation, similar to that carried out with a telephone network, but using an Internet connection.
Communication & Collaboration
Vulnerability
A weakness that could be exploited by a threat. For example, an open firewall port, a password that is never changed, or a missing control.
Cybersecurity
Vulnerability Assessment (VA)
Automated or manual broad-spectrum analysis performed with the use of specific advanced software, aimed at identifying and classifying known vulnerabilities.
Cybersecurity
W
Whaling phishing
"Particularly dangerous type of cyber attack, which aims to attack the CEO or a high-profile manager of the company. Whaling phishing attacks are always aimed at stealing sensitive data held by selected subjects, which results in a ransom for the return of the stolen data."
Cybersecurity
White Hat Hacker
Person who uses his/her skills in IT, networks and social fields with the intention of protecting systems and networks and the information contained therein.
Cybersecurity
Z
Zero Trust
Approach to IT security that assumes the absence of a reliable network perimeter and according to which every network transaction must be authenticated before it can materialize.
Cybersecurity

Copia del contenuto non disponibile