IT Terms Explained in Plain English
A reference guide for Perth business owners. Every term explained as what it does for your business — not what it is called.
Accounts and Access
Terms related to user accounts, login security, and who has access to what in your Microsoft 365 environment.
Accounts and access
A second login step
Multi-factor authentication (MFA) / Two-factor authentication (2FA)
A security setting that requires a second confirmation after entering your password — usually a code sent to your phone. Means a stolen password alone is not enough to access an account. DM1 enables this on every account as standard.
Admin account
Administrator / Global Admin
An account with full control over your Microsoft 365 environment — creating users, changing settings, accessing all data. Should be restricted to authorised people only. DM1 configures a separate emergency admin account (break-glass account) so you are never locked out.
Break-glass account
Emergency access account
A dedicated administrator account kept separate from any individual staff member, used only if the main admin account is compromised or locked. DM1 sets this up for every new client and stores the credentials securely.
Conditional access
Conditional Access Policy
A rule that controls when and how staff can log in. For example: block logins from countries your business has no connection to, or require a second login step when accessing from an unmanaged device. Included in Microsoft 365 Business Premium.
Least privilege access
Role-based access control (RBAC)
The principle that every staff member should have access only to the data and systems they need for their job — nothing more. DM1 configures SharePoint permissions and Microsoft 365 roles so access is granted by role, not given to everyone by default.
Single sign-on
SSO
A system that lets staff log in once and access multiple applications without logging in again separately. Microsoft 365 provides single sign-on across all Microsoft apps and many third-party services.
Stale account / orphaned account
Inactive user account
A Microsoft 365 account that is still active but belongs to a staff member who has left the business. A common security risk — DM1 finds active stale accounts in the majority of new client onboarding reviews.
Email and Communication
Terms related to business email, email security, and how your emails are authenticated and protected.
Email and communication
Email authentication settings
SPF, DKIM, and DMARC records
Three DNS settings that prove to other email services that your emails are genuine — not fake emails sent by someone pretending to be you. Without them, your domain can be used to send fraudulent invoices or phishing emails to your clients. DM1 configures all three as standard.
Email archiving
Exchange Online Archiving / In-Place Archive
A feature that automatically moves older emails to a separate archive mailbox, keeping your main inbox uncluttered while ensuring all emails are retained for compliance purposes. Available in Microsoft 365 Business Premium through Microsoft Purview.
Email encryption
Transport Layer Security (TLS) / Message encryption
A security feature that scrambles the contents of an email so it cannot be read if intercepted in transit. Microsoft 365 encrypts all emails in transit as standard. Additional message encryption can be applied to specific sensitive emails.
Phishing
Phishing / Spear phishing
An email designed to look like it comes from a trusted source — Microsoft, the ATO, a bank, or a known supplier — to trick someone into clicking a link and entering their login details on a fake page. The most common way business accounts are compromised.
Spam filtering
Microsoft Defender for Office 365 / Exchange Online Protection
Automated filtering that screens emails before they arrive in your inbox, blocking known malicious content, suspicious links, and impersonation attempts. Included in Microsoft 365 Business plans.
Tenant
Microsoft 365 tenant
Your organisation's private instance of Microsoft 365 — the environment that contains all your user accounts, emails, SharePoint sites, Teams, and settings. Completely separate from other organisations' environments. DM1 manages your tenant as your Microsoft CSP partner.
Devices and Endpoints
Terms related to the computers, phones, and other devices your staff use for work — and how they are managed and secured.
Devices and endpoints
Device management
Microsoft Intune / Mobile Device Management (MDM)
A system that lets DM1 configure, monitor, and manage every device used for work — laptops, desktops, phones, and tablets — from a central console. Included in Microsoft 365 Business Premium. Enables remote wipe if a device is lost or stolen.
Device encryption
BitLocker / FileVault
A feature that scrambles the data on a device's hard drive so it cannot be read without the correct login credentials. If an encrypted laptop is stolen, the data on it is inaccessible. DM1 enables device encryption on all managed devices as standard.
Endpoint
Endpoint
Any device that connects to your business network or Microsoft 365 environment — laptops, desktops, phones, tablets. The term is used in security contexts because each device is a potential entry point for an attacker.
Endpoint protection
Microsoft Defender for Business / Endpoint Detection and Response (EDR)
Security software that runs on every managed device, monitoring for suspicious activity, blocking known malicious software, and alerting DM1 if something needs attention. Included in Microsoft 365 Business Premium — no separate antivirus product required for managed devices.
End of support
End of Life (EOL) / End of Support (EOS)
The date after which a software product or operating system no longer receives security updates from its manufacturer. A device running end-of-support software is no longer receiving patches for known vulnerabilities. Windows 10 reached end of support in October 2025.
Remote wipe
Remote wipe / Selective wipe
The ability to erase all data from a device remotely — for example, if a staff member's laptop is stolen. Requires the device to be enrolled in Microsoft Intune. DM1 can perform a remote wipe on any managed device within minutes of a loss being reported.
Security baseline
Security configuration baseline
A standard set of security settings applied to every managed device — screen lock, encryption, automatic updates, endpoint protection. DM1 deploys a security baseline across all managed devices so every machine meets the same standard regardless of when it was set up.
Data, Storage and Recovery
Terms related to where your business data lives, how it is protected, and how it can be recovered if something goes wrong.
Data, storage and recovery
Geo-redundant storage
Geo-redundant storage (GRS) / Geo-redundancy
Data stored across multiple datacentres in different geographic locations, so that a failure at one location does not affect your data. Microsoft 365 uses geo-redundant storage by default — your data is distributed across Microsoft's datacentres automatically.
OneDrive
Microsoft OneDrive for Business
Personal cloud storage for each staff member in your Microsoft 365 environment. The equivalent of a local Documents folder, but stored securely in the cloud and accessible from any device. DM1 configures default save locations to point to OneDrive rather than local drives.
Ransomware
Ransomware
A type of malicious software that encrypts your files and demands payment for the key to unlock them. Microsoft 365 includes a ransomware detection and recovery feature for files stored in SharePoint and OneDrive. DM1 also monitors managed devices for ransomware behaviour patterns.
Recovery point
Recovery Point Objective (RPO)
How much data your business can afford to lose in a worst-case scenario. For businesses on Microsoft 365, SharePoint and Exchange Online store data continuously — there is no scheduled snapshot. Version history means most files can be recovered to a point minutes before a problem occurred.
Recovery time
Recovery Time Objective (RTO)
How long your business can afford to be without access to its systems. For cloud-first businesses on Microsoft 365, there is no server to restore — staff work from another device and data is immediately accessible. Recovery time in most scenarios is the time to provision a replacement device.
Retention policy
Microsoft Purview retention policy
A rule that determines how long data is kept and what happens to it afterwards. DM1 configures retention policies through Microsoft Purview to match your industry requirements — ensuring data is kept for as long as the law requires and deleted or de-identified when no longer needed.
SharePoint
Microsoft SharePoint Online
Microsoft's shared document management platform — where team files, operational documents, and shared business content should live. Included in Microsoft 365 Business plans. DM1 structures SharePoint sites and configures permissions for every new client.
Version history
Document versioning
SharePoint and OneDrive automatically save previous versions of every document — up to 500 versions. If a file is accidentally overwritten, corrupted, or edited incorrectly, any earlier version can be restored in seconds. No separate backup product required for this scenario.
Security and Threats
Terms related to cybersecurity threats, protective measures, and how attacks happen — explained without the jargon.
Security and threats
Attack surface
Attack surface
Every account, device, application, and connection that could potentially be exploited by an attacker. The more accounts, devices, and services your business has, the larger the attack surface. Good security management reduces the attack surface — disabling unused accounts, removing unnecessary software, and applying security baselines.
Business email compromise
Business Email Compromise (BEC)
An attack where a criminal gains access to a business email account and uses it to send fraudulent instructions — typically fake invoices or payment redirection requests — to clients or suppliers. Often goes undetected for weeks. A second login step on all accounts is the primary defence.
Credential stuffing
Credential stuffing
An attack where stolen username and password combinations from one breached service are automatically tried against other services. Works because people reuse passwords. Defeated by using unique passwords for every service — a business password manager makes this practical.
Dark web
Dark web / dark net
A part of the internet not indexed by search engines, accessible only through specialist software. Stolen business credentials and personal data are frequently bought and sold on dark web marketplaces. DM1 can check whether your business email addresses appear in known credential breaches.
Firewall
Firewall / network firewall
A security system that monitors and controls network traffic — blocking unauthorised connections while allowing legitimate ones. Modern Microsoft 365 environments rely primarily on identity-based security rather than traditional network firewalls, but firewalls remain relevant for businesses with on-premises infrastructure.
Malware
Malware / malicious software
Any software designed to cause harm — including viruses, ransomware, spyware, and trojans. Delivered primarily through email attachments, malicious links, and unpatched software vulnerabilities. Microsoft Defender for Business, included in Microsoft 365 Business Premium, provides protection on all managed devices.
Social engineering
Social engineering
Manipulating people into taking actions they should not take — clicking a link, revealing a password, approving a payment. Most cyberattacks use social engineering at some point. Staff awareness is the primary defence: knowing what suspicious requests look like and how to verify them.
Zero-day vulnerability
Zero-day exploit
A security vulnerability in software that is exploited by attackers before the software manufacturer has released a fix. The risk is reduced by keeping all software up to date and by using endpoint protection that can detect unusual behaviour even for unknown threats.
Networking and Connectivity
Terms related to your internet connection, business phone system, and how your network is structured.
Networking and connectivity
Business-grade internet
Business NBN / Ethernet / fixed-line broadband
An internet connection with a higher service level agreement than a consumer plan — meaning faults are repaired faster and the connection is more reliable. DM1 arranges business internet connections for Perth clients and handles the setup without the client needing to deal with the provider directly.
Cloud phone system
Hosted PBX / VoIP phone system
A business phone system that routes calls over your internet connection rather than traditional phone lines. Supports multiple handsets and mobile devices, call routing, voicemail to email, and auto-attendant. DM1 sets up and manages cloud phone systems including number porting.
DNS
Domain Name System (DNS)
The system that translates domain names (yourbusiness.com.au) into the addresses computers use to find each other. DNS settings control where your emails go, which services are connected to your domain, and how your website resolves. DM1 manages DNS for all client domains.
Domain name
Domain name
The address your business uses on the internet — for example, yourbusiness.com.au. Should always be registered in your business's name, not your IT provider's. DM1 manages domain registrations for clients and never registers domains in DM1's own name.
IP address
IP address (Internet Protocol address)
A unique numerical address assigned to a device or service on a network. Used to identify where traffic comes from and goes to. Microsoft 365 login reports show IP addresses for every login — unusual IP addresses from unexpected countries are a sign of account compromise.
VPN
Virtual Private Network (VPN)
A system that creates an encrypted connection between a device and a network, making it appear as though the device is on that network. Used to protect connections over public Wi-Fi and to access systems that require a specific network location. Less commonly needed for cloud-first businesses on Microsoft 365.
Microsoft 365 and Licensing
Terms related to Microsoft 365 plans, licensing, and the tools included in your subscription.
Microsoft 365 and licensing
Business Premium
Microsoft 365 Business Premium
The highest tier of Microsoft 365 for small and medium businesses. Includes everything in Business Standard plus enterprise-grade security tools — Microsoft Defender for Business, Intune device management, Microsoft Purview compliance tools, and Azure Active Directory Premium. DM1's recommended licence for most Perth SMBs.
Business Standard
Microsoft 365 Business Standard
The mid-tier Microsoft 365 plan. Includes business email, Teams, SharePoint, OneDrive, and the full Office suite. Does not include the advanced security and device management tools in Business Premium. Suitable for businesses with simpler security requirements.
Conditional Access
Azure Active Directory Conditional Access
A feature in Microsoft 365 Business Premium that controls login rules — for example, blocking logins from overseas, requiring a second login step for admin accounts, or restricting access from unmanaged devices. DM1 configures Conditional Access policies for every Business Premium client.
CSP
Microsoft Cloud Solution Provider (CSP)
A Microsoft partner programme that allows providers like DM1 to manage Microsoft 365 licences on behalf of clients. As a CSP partner, DM1 can add, remove, and change licences directly, and has access to Microsoft support escalation paths.
Intune
Microsoft Intune
Microsoft's device management platform, included in Microsoft 365 Business Premium. Lets DM1 configure, monitor, and secure every managed device from a central console — enforcing security settings, deploying software, and remotely wiping devices if lost or stolen.
Purview
Microsoft Purview
Microsoft's compliance and data governance platform, included in Microsoft 365 Business Premium. Used by DM1 to configure retention policies, audit logging, data classification, and eDiscovery. The tool that implements the technical side of Privacy Act compliance obligations.
Tenant
Microsoft 365 tenant
Your organisation's private instance of Microsoft 365. Contains all your user accounts, emails, SharePoint sites, Teams channels, and settings. Completely separate from other organisations. The tenancy is owned by your business — not by your IT provider.
Compliance and Privacy
Terms related to Australian privacy law, data compliance obligations, and the regulatory framework that applies to Perth businesses.
Compliance and privacy
Australian Privacy Principles
APPs — Privacy Act 1988 (Cth)
The 13 principles that govern how organisations must handle personal information in Australia. They cover collection, use, storage, disclosure, security, and individual access rights. The Privacy Act applies to most businesses with annual turnover above $3 million and to some smaller businesses regardless of turnover.
Data breach
Eligible data breach / Notifiable data breach
An incident where personal information is accessed, disclosed, or lost in a way that is likely to cause serious harm to one or more individuals. Notifiable breaches must be reported to the Office of the Australian Information Commissioner and affected individuals as soon as practicable.
De-identification
De-identification / anonymisation
The process of removing or altering personal information so that an individual can no longer be identified. The Privacy Act requires personal information to be de-identified or destroyed when it is no longer needed for the purpose it was collected.
eDiscovery
Electronic discovery (eDiscovery)
The process of identifying, collecting, and producing electronically stored information in response to a legal obligation — for example, a court order or regulatory investigation. Microsoft Purview includes eDiscovery tools that allow DM1 to search and export specific data from your Microsoft 365 environment.
Legal hold
Litigation hold / preservation hold
A setting that prevents specific data from being deleted or modified, typically applied when legal proceedings are anticipated or underway. Microsoft Purview allows DM1 to place legal holds on specific mailboxes or SharePoint content.
OAIC
Office of the Australian Information Commissioner (OAIC)
The Australian government agency responsible for privacy and freedom of information. Receives and investigates privacy complaints, conducts assessments of organisations' privacy practices, and can issue determinations and penalties. Notifiable data breach reports are submitted to the OAIC.
Reasonable steps
Reasonable steps — APP 11
The standard required by the Privacy Act for protecting personal information. Not a fixed checklist — assessed against what was reasonable for a business of your size, in your industry, given the type of information you hold. For most Perth SMBs, reasonable steps include: second login steps, role-based access, retention policies, device encryption, and audit logging.
Retention period
Data retention period
The length of time personal information or business records must be kept before they can be destroyed or de-identified. Varies by industry and record type — tax records (5 years), employment records (7 years), healthcare records (7 years for adults). DM1 configures Purview retention policies to match your obligations.
A Term Not Listed Here?
DM1 explains IT in plain English to Perth business owners every day. If you have come across a term that is not covered here, call us — we will give you a straight answer. (08) 6202 6012