Bookmark this page! This glossary is regularly updated with new tech terms. Last updated: January 2026
Technology is always changing and evolving quickly. It can be difficult to keep up with everything a user needs to know. This handy guide is meant to be a quick reference for any tech terms that might be new to you. Bolded terms within definitions are found elsewhere in the document. Let’s translate this technobabble!
Anti-Spam: Software designed to identify and block spam or unwanted emails
Authentication: Confirming a user’s identity to allow access, usually with passwords, biometrics, or security tokens
Biometrics: Using physical features, like fingerprints or facial recognition, to verify someone’s identity
Business Continuity Plan: Preparations to help start business operations as soon as possible after a disruption or disaster
Business Email Compromise (BEC): A type of phishing in which attackers use targeted, spoofed emails to gain access to someone’s inbox
Cloud Computing: Provides services over the Internet like storage or processing, allowing resources to be accessible and scalable
Conditional Access: Only grants a user access when they meet certain conditions, like location or compliant devices
Data Center: A facility that processes large amounts of data, such as computer servers, storage systems, and networking equipment
Disaster Recovery Plan: Similar to a Business Continuity Plan, this is a detailed strategy to recover and restore operations and data after a disaster
Distribution List: An email address that forwards email it receives to multiple users defined in the list. See M365 Group Emails to learn how they differ from Distribution Lists
- Alias: In the context of emails (such as Distribution Lists or M365 Group Emails), an additional email address that can be used to reach a user
DMARC: Aka Domain-based Message Authentication, Reporting, and Conformance, this protocol helps prevent email spoofing by ensuring email authentication
DNS (Domain Name System): A system that changes domain names (like example.com) into IP addresses
Encryption: The conversion of data into a coded format to protect sensitive information
Firewall: Security feature that monitors and controls network traffic to protect internal networks from untrustworthy external networks
Generative AI: Artificial Intelligence that can create new content, such as text, images, or music
Grayware: Software that isn’t designed to be malicious but can still pose security risks or worsen a user’s experience
Help Desk: A support service that assists users by troubleshooting technical issues related to hardware, software, or networks
IP Address: A unique identifier assigned to devices connected to the internet
IT Assessment: A comprehensive review of an organization’s IT systems, policies, and infrastructure to identify risks, gaps, and opportunities for improvement. Check out our IT checklist for inspiration!
LLM (Large Language Model): A type of artificial intelligence that is trained on massive datasets
Malware: Malicious software like viruses, worms, or spyware designed to harm or gain unauthorized access to systems
M365 Group Emails: A more collaborative approach to distribution lists in which users also share a mailbox, calendar, and files
Mobile Device Management (MDM): Tools used to secure and manage employees’ mobile devices to ensure compliance and protect data
Multifactor Authentication (MFA): A security practice that requires users to verify their identity using two or more methods, such as a password and a code from an app. 2FA (two factor authentication) and 2SV (two step verification) are synonymous, with two factors implied
Passwordless Sign-in: A security practice that allows users to identify using an account/email and factor(s) other than a password, such as a passkey
Passkey: A physical or digital device with a small amount of encrypted data that resembles a “key” to sign in to a service. This is used to prove a user’s identity, often as part of passwordless sign-in
Penetration Test: A simulated cyberattack used to test the security of a system and identify vulnerabilities before they can be exploited
Personally Identifiable Information (PII): Personal data, such as names or Social Security numbers, that are used to identify an individual
Phishing: A targeted cyberattack in which attackers trick individuals into revealing sensitive information with fake emails or websites
Ransomware: Malicious software that encrypts a victim’s data and then allows the threat actor to demand payment for the decryption of stolen data
Remote Backup: Data stored securely in an offsite location, ensuring fast recovery in case of disasters or technical failures
Security Token: Similar to a passkey, but used to keep a device or program “logged in” without the constant need of a sign-in
Sensitive Information: Critical data that requires protection, like trade secrets, financial records, or personal information
Server: A powerful computer or system that is designed to provide resources, data, or services to other devices in a network and the people using them
Shared Mailbox: A mailbox that multiple users can access to read and send emails from a common email address
Single Sign-On (SSO): Authentication process that allows individuals to access multiple applications or systems with a single set of credentials, like a code emailed to the user
SOC (Security Operations Center): A centralized unit or team that monitors, detects, and responds to cybersecurity threats in an organization’s systems and networks
SMTP (Simple Mail Transfer Protocol): A set of standards used for sending and relaying emails, followed especially for emails sent in high volumes
SPF (Sender Policy Framework): An email authentication method designed to prevent email spoofing by verifying that sender IP addresses are authorized by the domain owners
Spyware: Malicious software that secretly gathers information about a user’s activities, often for fraudulent or intrusive purposes
Trojan: A type of malicious software that is disguised as legitimate applications or files that, when used, can compromise systems or steal sensitive information
Two-factor Authentication (2FA): A form of Multifactor Authentication (MFA) in which two methods of authentication are used
Virus: Malicious software designed to infect systems, replicate itself, and infect the systems to disrupt operations or compromise data
Virtual Private Network (VPN): A secure connection that encrypts data and protects online activities by routing traffic through a private server for privacy and anonymity
Worm: A self-replicating malicious program that spreads across systems without user intervention
Still have IT Questions?
SpireTech explains technology in plain English and provides managed IT services for Portland businesses. Trust the locals.