Glossary
ASR rules — Attack Surface Reduction. Block risky actions attackers abuse (e.g., malicious macros).
BCP/DR — Business Continuity/Disaster Recovery Keep the business running and recover after an outage.
CA / Conditional Access — Sign-in rules (e.g., force MFA if logging in from an unexpected geographical location, block access via older software versions).
Defender — Microsoft’s security tools (anti-malware, EDR).
E8 / Essential Eight — Australia’s government-endorsed baseline of eight mitigation strategies—published by the Australian Signals Directorate (ASD)—to help organisations prevent, limit, and recover from cyber attacks.
Intune — Manages and secures company devices.
JML — Joiner/Mover/Leaver access checks when people start, change roles, or leave.
M365 / Microsoft 365 — Microsoft’s email, files, and admin platform.
MFA — Multi-Factor Authentication (extra step beyond a password).
MSP — Managed Service Provider, your external IT provider.
PCI DSS — Payment Card Industry Data Security Standard. Payment card security standard.
Penetration Testing — A simulated cyberattack against a system, application, or network, carried out in a controlled way to find security weaknesses before real attackers do.
RTO/RPO — Recovery Time Objective - How quickly you must recover / Recovery Point Objective - How much data loss is tolerable.
SaaS (Software as a Service) — Software you access over the internet (by subscription) instead of installing on your own servers. Examples: Microsoft 365, Xero, HubSpot.
SOPs (Standard Operating Procedures) — Step-by-step instructions for how your team does a task the right way every time—clear, repeatable, and easy to follow.
SPF / DKIM / DMARC — Sender Policy Framework, Domain Identified Keys, Domain-based Message Authentication Reporting and Conformance. These authentication methods prove your emails are genuine; reduce your emails from being impersonated.
WDAC / App Control — Windows Defender Application Control. Only allow approved apps to run.