Resources · Glossary

IT, cybersecurity & compliance terms, explained

Plain-English definitions of the acronyms and standards Kansas City business owners run into — SOC 2, PCI DSS, HIPAA, MFA, EDR, ransomware, zero trust and more.

Business Continuity / Disaster Recovery (BCDR)

The combined practice of keeping a business running during disruption (continuity) and restoring systems and data after an incident (disaster recovery).

Co-Managed IT

A model where an MSP works alongside a client's internal IT staff, filling gaps in tools, security expertise, and after-hours coverage rather than replacing the team.

Cyber Insurance

Insurance that covers losses from cyber incidents (breach response, downtime, ransomware). Insurers now require specific controls — MFA, EDR, backups, and training — before they'll issue or renew a policy.

Data Sovereignty

The principle that data is subject to the laws and control of the place where it's stored and processed. Running AI on local hardware (as Kalre does) keeps sensitive data under your control instead of in a third-party cloud. Learn about our local-silicon AI.

Endpoint Detection & Response (EDR)

Next-generation security software for laptops, desktops, and servers that detects threats by behavior, blocks them, and lets a security team investigate and respond in real time — far more capable than traditional antivirus.

Firewall

A device or software that controls traffic in and out of your network based on security rules — the front door to your business network. We deploy and manage business-grade firewalls.

HIPAA

The Health Insurance Portability and Accountability Act — U.S. law requiring healthcare providers and their partners to protect patient health information (PHI) with administrative, physical, and technical safeguards. We help practices meet HIPAA security requirements.

Large Language Model (LLM)

An AI model trained on vast amounts of text to understand and generate human-like language (e.g., the models behind ChatGPT and Claude). LLMs power assistants, content tools, and automation — and can be run privately on local hardware.

Managed Service Provider (MSP)

A company that proactively manages a client's IT — monitoring, support, security, and strategy — for a predictable recurring fee, acting as an outsourced IT department. See our managed IT services.

Microsoft 365

Microsoft's cloud productivity suite (Outlook/Exchange email, Teams, SharePoint, OneDrive, Office apps). Note: Microsoft guarantees uptime, not recovery of your data — independent backup is still required.

Multi-Factor Authentication (MFA)

A login security method that requires two or more proofs of identity (e.g., a password plus a code from your phone). MFA stops the large majority of account-takeover attacks even when a password is stolen.

Patch Management

The process of regularly applying software and firmware updates to fix security vulnerabilities and bugs. Unpatched systems are one of the most common ways attackers get in.

PCI DSS

The Payment Card Industry Data Security Standard — a set of security requirements every business that stores, processes, or transmits credit-card data must follow. It covers network security, encryption, access control, and monitoring. Non-compliance can mean fines and loss of the ability to accept cards.

Phishing

Fraudulent emails, texts, or sites designed to trick people into revealing credentials or installing malware. Business Email Compromise (BEC) is a high-cost form targeting finance staff. Security awareness training is the key defense.

Ransomware

Malicious software that encrypts your files and demands payment for the key. Modern ransomware also steals data to pressure victims. The best defenses are MFA, EDR, patching, staff training, and tested, immutable backups.

RTO & RPO

Recovery Time Objective (how quickly you must be back online after an outage) and Recovery Point Objective (how much data, measured in time, you can afford to lose). These two targets drive how a backup and disaster recovery plan is designed.

SIEM

Security Information and Event Management — software that collects and analyzes logs from across your systems to detect, alert on, and help investigate security threats.

SLA (Service Level Agreement)

A written commitment defining the level of service you can expect — for an MSP, this usually means guaranteed response and resolution times for support requests.

SOC 2

A voluntary compliance standard (System and Organization Controls 2) developed by the AICPA that defines how service organizations should manage customer data across five 'trust services criteria': security, availability, processing integrity, confidentiality, and privacy. A SOC 2 report, issued after an independent audit, is often requested by enterprise clients before they'll trust a vendor with their data.

Virtual CIO (vCIO)

A strategic IT advisor (often provided by an MSP) who helps a business plan technology budgets, roadmaps, and risk — the strategic counterpart to day-to-day support.

VoIP

Voice over Internet Protocol — phone service delivered over the internet instead of traditional phone lines, enabling calling from any device, anywhere, usually at lower cost. See our business phone systems.

Zero Trust

A security model summarized as 'never trust, always verify.' Instead of assuming anyone inside the network is safe, every user and device must continuously prove they're authorized for each resource they access.

Get Started

Have a term we didn't cover?

Our team is happy to explain anything technology- or security-related in plain English — no jargon, no sales pressure.

📞 Call 816-648-1910Free Consultation