Reference
IT and AI Glossary for Business
Plain-language definitions of the IT, cybersecurity, Microsoft 365, compliance, and AI terms small and mid-size businesses run into most.
Last updated . Published the IT and AI glossary with plain-language definitions.
Terms in this glossary
- Managed IT
- Managed IT is an arrangement where an outside provider runs, monitors, secures, and supports a business’s technology for a predictable monthly fee, instead of the business fixing problems only as they break. It covers day-to-day support, maintenance, security, and planning under one accountable partner.Managed IT services
- MSP (Managed Service Provider)
- A managed service provider is a company that delivers IT services on an ongoing, proactive basis for a recurring fee, taking responsibility for keeping a client’s systems running rather than only responding to incidents. The model emphasizes prevention, monitoring, and planning over reactive break-fix work.Managed IT services
- Managed AI
- Managed AI is the managed-services model applied to artificial intelligence: a provider builds AI into the platform a business runs on, then runs it, monitors it, and secures it for a flat monthly fee. The aim is AI that is part of operations and accountable to one partner, rather than a pile of tools the business manages itself.Managed AI
- BluePrint
- BluePrint is ClayGen’s approach to building custom business software quickly and fitting it to how a specific organization works. It is what lets AI and workflows be shaped around a business at a sensible pace and price, rather than through a multi-year custom-development project.
- ClayGen Connect
- ClayGen Connect is the operations platform ClayGen builds and runs for clients, where a business’s data, workflows, and automation live in one place. It is where managed AI and custom workflows are built in so a business can see and use them alongside its everyday operations.ClayGen Connect platform
- EDR (Endpoint Detection and Response)
- Endpoint detection and response is security software that continuously monitors laptops, desktops, and servers for suspicious behavior, then alerts on or automatically contains threats it finds. Unlike traditional antivirus, which mainly blocks known malware, EDR records activity so threats can be detected, investigated, and rolled back.Cybersecurity services
- MFA (Multi-Factor Authentication)
- Multi-factor authentication requires more than just a password to sign in, adding a second proof such as a code from an app, a hardware key, or a fingerprint. Because an attacker would need both factors, MFA blocks the large majority of account-takeover attempts that rely on a stolen password alone.Cybersecurity services
- RMM (Remote Monitoring and Management)
- Remote monitoring and management is the software a managed service provider uses to watch client devices and servers, apply updates, and fix issues remotely. It is how an MSP keeps systems patched and healthy at scale without needing to be on site.Managed IT services
- vCIO (Virtual Chief Information Officer)
- A virtual CIO is an outsourced senior advisor who provides the technology strategy, budgeting, and planning a business would otherwise get from a full-time chief information officer. The role focuses on aligning IT spending and roadmap with business goals rather than day-to-day support.IT consulting and vCIO
- Microsoft 365
- Microsoft 365 is Microsoft’s subscription suite of productivity and collaboration tools, including Outlook, Teams, Word, Excel, SharePoint, and OneDrive, along with the identity and security controls that manage them. For most small and mid-size businesses it is the core platform email, files, and collaboration run on.Microsoft 365 management
- Conditional Access
- Conditional Access is a Microsoft 365 security feature that decides whether to allow, block, or add requirements to a sign-in based on signals such as the user, device, location, and risk. For example, it can require multi-factor authentication from an unknown device or block sign-ins from outside approved countries.Microsoft 365 management
- Intune
- Microsoft Intune is the part of Microsoft 365 used to manage and secure the devices that access company data, including laptops and phones. It lets a business enforce security settings, push apps and updates, and remotely wipe a lost or stolen device.Microsoft 365 management
- Zero Trust
- Zero Trust is a security approach that never assumes a user or device is trustworthy just because it is inside the corporate network. Every request to access a resource is verified based on identity, device health, and context, on the principle of “never trust, always verify.”Cybersecurity services
- Phishing
- Phishing is a fraud technique where an attacker sends a deceptive message, usually email, that impersonates a trusted person or company to trick the recipient into revealing credentials, sending money, or installing malware. It remains one of the most common entry points for business security breaches.Cybersecurity services
- Ransomware
- Ransomware is malicious software that encrypts a victim’s files or systems and demands payment to restore access, often while also stealing data to pressure the victim further. Recovering without paying depends heavily on having tested, isolated backups in place before an attack.Cybersecurity services
- Cyber Insurance
- Cyber insurance is a policy that helps cover the costs of a security incident, such as data breach response, legal fees, business interruption, and sometimes ransom payments. Insurers increasingly require specific security controls, like multi-factor authentication and endpoint detection, before they will issue or renew coverage.Cyber insurance readiness tool
- PIPEDA
- PIPEDA, the Personal Information Protection and Electronic Documents Act, is Canada’s federal privacy law governing how private-sector organizations collect, use, and disclose personal information in the course of commercial activity. It requires meaningful consent, reasonable safeguards, and mandatory reporting of breaches that pose a real risk of significant harm.Compliance services
- PHIPA
- PHIPA, the Personal Health Information Protection Act, is Ontario’s health-privacy law governing how health information custodians, such as clinics and hospitals, handle personal health information. It sets rules for consent, safeguards, patient access, and notification when health information is lost, stolen, or accessed improperly.Compliance services
- SOC 2
- SOC 2 is an independent audit report that evaluates how well a service organization protects customer data against criteria such as security, availability, and confidentiality. Enterprise buyers often require a SOC 2 report from vendors as evidence that proper controls are in place and operating.Compliance services
- Quebec Law 25
- Quebec Law 25 is the province’s modernized private-sector privacy law, which applies to any organization handling the personal information of Quebec residents regardless of where the business is located. It introduced stronger consent rules, mandatory breach reporting, a designated privacy officer, and significant penalties for non-compliance.Compliance services
- Backup vs Retention
- A backup is a recent copy of data kept so it can be restored after loss, corruption, or a ransomware attack, and is about getting operations back quickly. Retention is the separate policy that defines how long records must be kept to meet legal, regulatory, or business requirements; the two serve different purposes and are not interchangeable.Compliance services
- Patch Management
- Patch management is the disciplined process of testing and applying software updates across a business’s systems to fix security flaws and bugs before attackers can exploit them. Because most breaches exploit known, already-patched vulnerabilities, keeping patches current is one of the most effective and basic security controls.Managed IT services
- Dark Web Monitoring
- Dark web monitoring is a service that scans criminal marketplaces and breach data for a business’s leaked credentials and information, then alerts when matches appear. It does not remove the exposed data; its value is early warning so passwords can be reset and accounts secured before stolen credentials are abused.Cybersecurity services
- Help Desk / Service Desk
- A help desk is the support function users contact to get technology problems fixed and questions answered, usually by phone, email, or a ticketing portal. A service desk is a broader version of the same function that also handles service requests and changes, not just incidents, and is the day-to-day face of managed IT support.Managed IT services
Go Deeper
Managed IT in Ontario
The complete guide to managed IT for Ontario businesses
Cybersecurity for Canadian SMBs
A practical security reference for small and mid-size businesses
Compliance for Ontario Businesses
PIPEDA, PHIPA, SOC 2, and what applies to your business
Microsoft 365 Management
Getting security and value out of Microsoft 365
Managed AI
The managed-services model applied to artificial intelligence
Common Questions
Straight answers to questions businesses ask us most