Technology & Cybersecurity Glossary

The combination of technologies and processes that protect business data and ensure operations can be restored after a disruption. Backups create secure copies of data, while disaster recovery ensures systems, applications, and workflows can be brought back online quickly.

• Our approach: We integrate BDR into our Managed IT and Cloud Infrastructure plans to ensure revenue protection, not just file archival.

An organization’s ability to continue operating critical functions during and after unexpected disruptions such as cyberattacks, system failures, or natural disasters. It aligns technology, people, and processes to define acceptable downtime and recovery objectives.

• Strategic alignment: Our Strategic IT Consulting and Compliance & Risk teams help executives build continuity plans that protect reputation and trust.

Servers, storage, networking, and computing resources delivered over the internet rather than hosted on-site. Platforms like Microsoft Azure and AWS allow businesses to scale resources up or down as needs change, reducing capital expense and improving flexibility.

• Learn more: Explore how we design scalable environments in our Cloud & Infrastructure and IT Modernization practice areas.

The process of moving applications, data, or workloads from on-premise environments to cloud platforms. Successful migrations are planned around business outcomes, accounting for security, compliance, performance, and long-term cost management.

• See the impact: We manage these transitions through our IT Modernization services to reduce complexity and technical debt.

A shared responsibility model where internal IT teams retain control while CompassMSP provides supplemental expertise, tools, monitoring, and coverage. This prevents burnout and adds critical security capabilities without replacing existing staff.

Meeting regulatory and industry requirements that govern how data is protected and systems are managed (e.g., HIPAA, NYDFS 500, PCI DSS, SOC 2). For leadership, compliance is a risk management discipline requiring documented processes and executive oversight.

An evaluation of an organization’s cybersecurity posture that identifies vulnerabilities, threats, and gaps across people, processes, and technology. The goal is to translate technical findings into business impact and actionable priorities.

• Start here: Our Cybersecurity Advisory team uses these assessments to build roadmap-driven security strategies.

The ability to prevent, withstand, recover from, and adapt to cyber incidents. It recognizes that not all attacks can be prevented, prioritizing continuity and recovery over the unrealistic goal of perfect prevention.

• Our strategy: We build resilience into every layer of our Apex Security and Cybersecurity Advisory services.

A security capability that continuously monitors endpoints (laptops, servers) for suspicious behavior and enables investigation and response in real time. EDR tools are critical for detecting threats that bypass traditional defenses.

• Core protection: EDR is a standard component of our Core Defense and Apex Security packages.

A defined strategy outlining how an organization detects, responds to, contains, and recovers from cybersecurity incidents. It clarifies roles, communication protocols, and escalation paths to reduce chaos during high-pressure situations.

• Executive readiness: Our vCISO Advisory service helps leadership teams build and test these plans before a crisis occurs.

A service that combines security technology with human analysts who monitor, investigate, and respond to threats 24/7. Unlike software-only tools, MDR provides active threat hunting and response to reduce dwell time.

• Advanced defense: MDR is the engine behind our Apex Security solution, providing enterprise-grade protection for mid-market firms.

A security control that requires users to verify their identity using more than one factor, such as a password and a mobile prompt. It is one of the highest-impact controls available for reducing credential-based attacks.

• Implementation: We mandate and manage MFA across all client environments as part of our Cybersecurity Advisory standards.

A centralized function responsible for continuously monitoring, detecting, and responding to cybersecurity threats. SOCs operate 24/7 to provide visibility across endpoints, networks, and cloud environments.

• 24/7 Coverage: Our US-based SOC powers our Apex Security service, delivering continuous eyes-on-glass monitoring.

Executive-level technology leadership provided on a flexible basis. A vCIO aligns IT strategy with business goals, budgets, and growth plans, focusing on long-term governance rather than day-to-day support.

• Strategic value: vCIO guidance is a core pillar of our Strategic IT Consulting and high-level Managed IT engagements.

Security leadership that provides risk management, compliance oversight, and governance without the cost of a full-time executive. The vCISO establishes security strategy, policies, and reporting structures.

• Governance: Our vCISO Advisory service is essential for regulated organizations in Healthcare and Finance.