Glossary
The IT/ICT vocabulary without the jargon.
Short definitions of the technical terms you come across: cybersecurity, infrastructure, export, compliance. Updated regularly.
A
Terms in A
ANSSI
French cybersecurity agency- France's National Cybersecurity Agency. The French authority that certifies cybersecurity solutions (ANSSI security visa) and publishes security frameworks for government bodies.
API
Application Programming Interface- An interface that lets two pieces of software communicate. The standard way to integrate third-party services (Stripe, Resend, Airtable, etc.).
Active Directory
Microsoft centralized directory- Microsoft service that centralizes users, groups and permissions across a Windows network. Evolving toward Entra ID (cloud).
B
Terms in B
BYOD
Bring Your Own Device- A policy that lets employees use their own hardware (smartphone, laptop) at work. Requires MDM oversight and a security policy.
Backup 3-2-1
Backup rule- 3 copies of the data, on 2 different media, with 1 stored off-site. The resilience standard against hardware failure, ransomware or disaster.
C
Terms in C
CAF (valeur)
Cost + Insurance + Freight- The value of imported goods including purchase price + shipping + insurance up to the destination port. The basis for calculating customs duties.
CEDEAO
Economic Community of West African States- Economic union of 15 West African countries. Common External Tariff (CET): 5–20% customs duties on IT hardware.
CMS
Content Management System- A content management platform (WordPress, Sanity, Strapi, etc.). Lets non-developers update a website.
CRM
Customer Relationship Management- Software for managing customer relationships (HubSpot, Salesforce, Pipedrive, etc.). Centralizes contacts, opportunities and sales history.
Cyber-résilience
Ability to withstand + recover- An organization's ability to anticipate, withstand, recover from and adapt to cyberattacks. Goes beyond simple prevention.
D
Terms in D
DKIM
DomainKeys Identified Mail- An email authentication protocol based on cryptographic signatures. Lets servers verify that an email really comes from the stated domain.
DMARC
Domain-based Message Authentication- An anti-phishing policy that tells servers how to handle emails that fail SPF/DKIM. Reduces domain spoofing.
DAP
Delivered At Place (Incoterm)- The seller delivers the goods to the destination (unloading and customs clearance are the buyer's responsibility).
DDP
Delivered Duty Paid (Incoterm)- The seller delivers the goods cleared through customs at the destination, all costs included. The seller's maximum level of commitment.
DORA
Digital Operational Resilience Act- The 2022 EU regulation in force since January 2025. Mandates digital resilience for the financial sector (banks, insurers, fintechs): incident management, testing, oversight of critical third-party IT providers.
E
Terms in E
EDR
Endpoint Detection and Response- A cybersecurity solution that monitors suspicious behavior on endpoints (beyond a simple antivirus). Microsoft Defender for Business, CrowdStrike, SentinelOne.
Entra ID
Microsoft cloud identity- Formerly Azure AD. Microsoft's cloud identity service for managing users, MFA, SSO and conditional access across M365 and other SaaS.
EDR
Endpoint Detection & Response- The evolution of the traditional antivirus. Detects abnormal behavior on endpoints and servers (mass encryption, privilege escalation) and offers an automatic response (isolation, rollback). Bitdefender GravityZone, Sophos Intercept X, Microsoft Defender for Business.
F
Terms in F
FOB
Free On Board (Incoterm)- The seller delivers the goods on board the vessel at the port of departure. Risk transfers to the buyer once loaded.
Firewall
Network firewall- Equipment that filters inbound/outbound network traffic according to defined rules. The first line of network security defense (Fortinet, Stormshield, Cisco).
G
Terms in G
GLPI
Open-source IT asset management- Open-source software for IT asset management and helpdesk. Frequently used in SMEs and French government bodies.
H
Terms in H
HDS
Health Data Hosting (French certification)- A mandatory French certification for hosting identifiable health data. Guarantees technical and organizational compliance.
I
Terms in I
IA locale
AI run on-prem- AI models (LLMs) run on local infrastructure rather than sent to a third-party API. Llama, Qwen via Ollama. Guarantees data sovereignty.
Incoterm
International trade terms- ICC rules that define the seller's and buyer's responsibilities for transport, customs, insurance and delivery. EXW, FOB, CIF, DAP, DDP, etc.
Intune
Microsoft MDM- Centralized device management (Windows, Mac, iOS, Android). Included in M365 Business Premium and E3/E5. Security policies and app deployment.
IAM
Identity & Access Management- Centralized management of identities and access rights. Account lifecycle (joiner/mover/leaver), provisioning, SSO. Entra ID, Okta, Auth0.
L
Terms in L
LAN
Local Area Network- A company's local network (Ethernet + Wi-Fi). Managed by internal switches and Wi-Fi access points.
M
Terms in M
MDM
Mobile Device Management- Centralized management of mobile devices (smartphones, tablets). Enables app deployment, security policy and remote wipe. Intune, Jamf, Knox.
MFA
Multi-Factor Authentication- Multi-factor authentication (password + app code/physical key). Blocks 99% of account compromises. Free and essential.
MIL-STD-810H
Military ruggedness standard- A US standard that certifies a device's resistance to shock, vibration, dust, heat and humidity. Applicable to field and defense use.
MTTR
Mean Time To Repair- The average time to resolve an incident. A key performance indicator for an IT team or a service provider.
MDR
Managed Detection & Response- An outsourced service: a third-party SOC analyzes your EDR/XDR alerts 24/7 and intervenes. Well suited to SMEs without an in-house on-call team. Indicative cost: €50–150 per endpoint per year.
MFA
Multi-Factor Authentication- Multi-factor authentication: password + TOTP code / FIDO2 key / push notification. Blocks ~95% of opportunistic attacks. Mandatory under NIS2 for admin accounts.
MDM
Mobile Device Management- Centralized management of mobile endpoints (iOS, Android, Windows). App deployment, security policies, remote wipe. Microsoft Intune, Jamf, VMware Workspace ONE.
N
Terms in N
NAS
Network Attached Storage- A network storage appliance (Synology, QNAP). Centralizes a team's files with permission management and built-in backup.
NIS2
Expanded EU cybersecurity directive- The 2022 European directive transposed into French law in 2024–2025. Massively broadens the scope versus NIS1: any listed sector with ≥50 employees or ≥€10M revenue is in scope. Penalties up to €10M or 2% of global revenue.
O
Terms in O
On-prem
On-premises- Infrastructure hosted locally (on the client's premises) rather than in the cloud. Pro: sovereignty and control. Con: maintenance and tied-up capital cost.
P
Terms in P
PoE
Power over Ethernet- Electrical power delivered over an Ethernet network cable. Handy for Wi-Fi access points, IP cameras and IP phones. Avoids separate power supplies.
PAM
Privileged Access Management- Strict management of privileged accounts (domain admin, server root). Password vault, automatic rotation, session recording. CyberArk, Delinea, BeyondTrust, Wallix Bastion.
R
Terms in R
Ransomware
Extortion software- Malware that encrypts data and demands a ransom to decrypt it. The top cyber threat in 2026 for SMEs and government bodies. Immutable backup = the best defense.
RGPD
General Data Protection Regulation (GDPR)- The 2018 European regulation governing the processing of personal data. Fines up to 4% of global revenue. Documentation and security are mandatory.
RPO
Recovery Point Objective- The amount of data you are willing to lose in the event of an incident. Defines how often backups run (hourly, daily, etc.).
RTO
Recovery Time Objective- The maximum acceptable time to restore service after an incident. Determines the architecture (cluster, standard backup, etc.).
RPO
Recovery Point Objective- The maximum acceptable data loss measured in time. RPO 1h = you accept losing 1h of data in the event of an incident. Determines backup frequency.
RTO
Recovery Time Objective- The maximum acceptable time to restart a service after a disaster. RTO 4h = service back online within 4h. Determines HA architecture, on-call team size and DR budget.
S
Terms in S
SASE
Secure Access Service Edge- A cloud architecture that combines network security and remote access (ZTNA, SWG, CASB, FWaaS) in a single service. Cloudflare, Zscaler, Cato.
SaaS
Software as a Service- Software accessed online by subscription (Microsoft 365, Google Workspace, Salesforce). No local installation; updates handled by the vendor.
SIEM
Security Information and Event Management- A platform that centralizes and analyzes security logs from across the IS. Splunk, Wazuh (open source), Elastic Security, QRadar.
SOC
Security Operations Center- A team (in-house or outsourced) that monitors cybersecurity 24/7. Analyzes EDR/SIEM alerts, investigates incidents and coordinates the response.
SPF
Sender Policy Framework- A DNS list of the servers authorized to send emails for a domain. Basic but essential email anti-spoofing.
SSO
Single Sign-On- Single sign-on: log in once to access all your applications. Implemented via SAML, OAuth or OIDC.
SOC
Security Operations Center- A cybersecurity operations center, either in-house (a team of 5–15 analysts) or outsourced via MDR. Monitors 24/7, triages alerts and triggers incident response.
SIEM
Security Information & Event Management- A platform that aggregates and correlates security logs (firewall, AD, EDR, applications) to detect incidents. Splunk, Elastic Security, Microsoft Sentinel, Wazuh.
SASE
Secure Access Service Edge- An architecture that combines SD-WAN + cloud network security (SWG, CASB, ZTNA, FWaaS) into a single service. Gartner 2019. Cloudflare One, Zscaler, Cato Networks.
SD-WAN
Software-Defined WAN- A software-driven WAN that aggregates multiple links (fiber + 4G/5G + Starlink) and routes traffic by policy. Included in FortiGate, Cisco Meraki, Cato Networks.
T
Terms in T
TPM 2.0
Trusted Platform Module- A cryptographic chip on the motherboard that secures BitLocker, Windows Hello credentials and device identity. Mandatory for Windows 11.
TVA (export)
Value Added Tax- France: 20% standard rate. Non-EU export: exemption provided you supply customs documents (SAD, B/L). Burkina Faso: 18% on CIF value.
V
Terms in V
VPN
Virtual Private Network- An encrypted tunnel that lets you access a remote network as if you were physically present. Included in SME firewalls (FortiGate, Stormshield).
W
Terms in W
Wi-Fi 6 / 6E
802.11ax- Wi-Fi standards from 2019/2020: better throughput in dense environments, lower latency, 6 GHz support (Wi-Fi 6E). A must for modern offices.
X
Terms in X
XDR
Extended Detection & Response- EDR extended to multiple sources: endpoint + firewall + email + cloud + identity. Cross-source correlation to detect complex attacks. Beware of "XDR" that is merely a rebranded EDR.
Z
Terms in Z
Zero Trust
"Never trust, always verify" security model- An approach that never trusts by default, even inside the internal network. Every access is verified (identity, device, context).
ZTNA
Zero Trust Network Access- A Zero Trust implementation for remote access. Replaces or complements the VPN. Cloudflare Zero Trust, Tailscale, Microsoft Entra Private Access.