top of page

Glossary of Terms

  • RMM (Remote Management and Monitoring Agent Licenses) - Software enables us to maintain IT systems, including servers, desktops, laptops, applications and mobile devices, by supplying performance data and other reports that our service technicians can review. In addition to client endpoint device monitoring, we can also use RMM to execute management tasks, such as patch management, security updates and service configurations, on your systems. As well monitor and proactively fix any software or hardware issues.  All functions can be done remotely.

 

  • Bitdefender Cloud Security Anti-Virus – Global leader in cyber security.  The anti-virus program keeps PC’s clean of virus and malware.

 

  • Datto SaaS Infinite Cloud Retention – This product creates a third party backup of all Google Workspace Email and Google Drive or Office 365 Email.  This backup is cheap insurance incase something happens at Google or Microsoft. 

 

  • Datto Cloud Continuity bare metal backup – This product creates a full backup of each desktop or laptop and is stored in the cloud.  It’s not 100% necessary.  Or if a PC is stolen, dies and crashes we can recover the original state prior to crash within a couple of hours.  Which ends up saving labour time and money in the long run.

  • ​

  • EDR stands for Endpoint Detection and Response. It is a cybersecurity technology that focuses on detecting, investigating, and responding to suspicious activities and threats on endpoints, such as computers, mobile devices, and servers. EDR solutions provide real-time monitoring and analysis of endpoint activities to identify potential security incidents and help organizations respond quickly to mitigate risks.

  • Key features of EDR include:

    • Real-time monitoring: Continuously monitors endpoints for signs of malicious activity.

    • Threat detection: Uses behavioral analysis, machine learning, and threat intelligence to identify potential threats.

    • Incident investigation: Provides tools for detailed forensic analysis to understand the scope and impact of a security incident.

    • Response capabilities: Enables quick actions such as isolating affected endpoints, terminating malicious processes, and removing malware.

    • Data collection: Gathers data from endpoints to provide visibility into activities and potential threats.

    • Integration: Often integrates with other security solutions like SIEM (Security Information and Event Management) systems to provide a comprehensive security posture.

  • EDR solutions help organizations enhance their security posture by providing advanced tools to detect and respond to sophisticated threats that may bypass traditional security measures.

  •  

  • A 24/7 SOC (Security Operations Center) is a centralized unit within an organization that operates around the clock to monitor, detect, prevent, and respond to cybersecurity incidents. The primary function of a SOC is to protect an organization's IT infrastructure and data by identifying and mitigating security threats in real time.

  • Key components and functions of a 24/7 SOC include:

  • Continuous Monitoring: The SOC team uses advanced tools and technologies to continuously monitor networks, endpoints, servers, and other critical systems for signs of malicious activity.

  • Threat Detection: The SOC employs various methods, such as intrusion detection systems (IDS), security information and event management (SIEM) systems, and threat intelligence feeds, to detect potential threats and anomalies.

  • Incident Response: When a security incident is detected, the SOC team follows predefined protocols to investigate, contain, and mitigate the threat. This involves analyzing logs, conducting forensic investigations, and implementing remediation measures.

  • Proactive Threat Hunting: SOC analysts proactively search for hidden threats or vulnerabilities within the organization’s environment, often using advanced techniques and threat intelligence.

  • Security Event Analysis: SOC analysts review and analyze security events and logs to understand the nature of threats and to improve detection and response strategies.

  • Reporting and Documentation: The SOC maintains detailed records of security incidents, response actions, and overall security posture. This documentation is essential for compliance, auditing, and continuous improvement.

  • Collaboration and Communication: The SOC coordinates with other IT and security teams, as well as external entities like law enforcement and threat intelligence communities, to share information and enhance security measures.

  • Maintenance and Tuning: The SOC continuously updates and fine-tunes security tools, rules, and procedures to adapt to the evolving threat landscape and ensure optimal performance.

  • A 24/7 SOC is critical for organizations that require constant vigilance against cyber threats, such as financial institutions, healthcare providers, government agencies, and large enterprises. By operating continuously, a 24/7 SOC ensures that any potential security incident is promptly detected and addressed, minimizing the risk of data breaches and other cyberattacks.

​

​

​

bottom of page