TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Is Your Cloud Setup Still The Right Fit for Your Business?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

A lot has changed in the way small businesses use technology. Ten years ago, you might have had a server humming away in a back closet and a basic email system hosted on your web provider. Today, most businesses have moved parts of their operations to the cloud – email, file storage, accounting, maybe even their phone system.

The cloud has made work more mobile, more collaborative, and in many ways, more efficient. But it’s not always as simple or secure as it seems, especially as your needs change and new risks emerge.

Recent research shows that more than 90% of businesses plan to update or rethink their cloud usage in the next two years. Interestingly, a growing number of those companies aren’t just adding more cloud – they’re also pulling some systems out of the public cloud and moving them to more secure, private, or in-house environments.

So why the shift?

Public cloud isn’t one-size-fits-all

When most people talk about “the cloud,” they’re referring to the public cloud – services like Microsoft 365, Amazon AWS, and others. These platforms are affordable, flexible, and easy to scale, which makes them a great fit for a lot of business functions.

But not every system or type of data belongs in a shared environment. Businesses that handle sensitive customer information, financial data, or medical records are realizing they may need more control and oversight than the public cloud can provide.

That’s where hybrid cloud comes in – a mix of public and private solutions that gives you the flexibility of cloud services with the added control of on-premise systems.

Is it time to reevaluate your cloud strategy?

Here are a few questions that might help you decide:

What type of data do you store? If you’re dealing with regulated, confidential, or business-critical data, a hybrid or private solution might be worth considering.

Are all your systems cloud-compatible? Some legacy software simply isn’t built for cloud environments. Rather than replace it all at once, a hybrid setup allows for a gradual, controlled transition.

How confident are you in your security measures? Regardless of where your data lives, you still need to protect it. That means strong passwords, multi-factor authentication, endpoint protection, regular security reviews, and most importantly, backups.

Many businesses set up their cloud systems years ago and haven’t looked back. But as your business grows, your tech should evolve with it – and so should your approach to risk, compliance, and performance.

We can help you build a smarter setup

At Tech Experts, we help small businesses design cloud strategies that actually fit their needs – not some generic one-size-fits-all setup. Whether that means optimizing what you already have, moving part of your systems to a more secure environment, or just getting a better understanding of where your data lives and how it’s protected, we’re here to help.

If it’s been more than a year since you’ve reviewed your cloud infrastructure – or if you’ve never had a cloud strategy at all – it’s time. Let’s make sure your technology is working for your business, not creating hidden risks behind the scenes.

Five Reasons To Be Wary Of AI

Artificial intelligence (AI) is an incredible tool. It’s revolutionizing industries, advancing medical research, and making businesses more productive. But like any powerful technology, it can also be used for the wrong reasons – and it’s important you’re aware of it.

Cyber criminals have discovered that generative AI (the same kind of AI that powers tools like ChatGPT and Copilot) makes their scams faster, smarter, and more convincing than ever…

AI-generated malware

Malware (malicious software) isn’t new, but AI has made it quicker to produce, harder to detect, and more effective at bypassing security measures. Cyber criminals use AI to write malware that looks like legitimate browser extensions, software downloads, and even innocent-looking files like PDFs or images.

Stay safe: Keep your security software up to date and never download software or browser extensions from unknown sources.

Fooling security systems

Most cyber security software works by spotting known malware patterns. By slightly tweaking existing malware, scammers can create thousands of unique versions that security systems don’t recognize.

Stay safe: Regularly update your security software to keep up with evolving threats. AI-powered security tools can also help to detect suspicious activity.

AI-powered password cracking

Cyber criminals are now using AI to break into accounts faster than ever. AI can test millions of password combinations per second, analyze leaked passwords, and even predict passwords based on common patterns.

Stay safe: Use strong, unique passwords for every account and enable multi-factor authentication (MFA) to add an extra layer of security.

Smarter phishing scams

Phishing emails used to be easy to spot – bad grammar, weird phrasing, and suspicious links were all giveaways. But with AI, scammers can create perfectly written, highly personalized messages that look exactly like they came from a trusted colleague or supplier.

Stay safe: Always verify unexpected emails, especially if they request payments, login details, or sensitive information. Hover over links before clicking and double-check sender addresses.

Deepfake impersonation

Imagine getting a video call from your CEO asking you to process an urgent payment. You recognize their voice and face… but it’s not actually them. AI-generated deepfakes can clone voices and faces to trick employees into transferring money or sharing sensitive data.

Stay safe: If something seems unusual or too urgent, verify the request by calling on a known number or confirming in person.

Don’t Trust The Cloud Alone: Backup Your Cloud Data

Many small business owners breathe a sigh of relief once they move their email, documents, or applications to the cloud. It feels like someone else is finally in charge of the heavy lifting: fewer in-house servers, less hardware to maintain, fewer headaches.

It’s a smart move in many ways. Cloud platforms like Microsoft 365, Dropbox, and others offer convenience, flexibility, and a degree of built-in protection that’s far beyond what most businesses could manage on their own.

But there’s a blind spot most people don’t realize until it’s too late: cloud providers don’t back up your data the way you think they do.

Don’t they have it handled?

When you store files or emails in the cloud, it’s easy to assume those providers are keeping everything perfectly safe. And to be fair, they are – from their side. If their servers crash or there’s a natural disaster, they can recover your data because they run redundant systems and have their own internal backups.

A common assumption is that if you’re using Microsoft 365 (formerly Office 365), your data is automatically backed up and protected. After all, it’s in the cloud, right?

Yes – but not in the way you might think.

Microsoft does offer some redundancy and short-term retention, but they’re not in the business of providing long-term, restorable backups for your business. In their own documentation, they recommend using third-party tools for that.

Here’s what’s at risk if you don’t have your own backup:

  • Emails permanently deleted (even by accident) are unrecoverable after a short time.
  • OneDrive and SharePoint files overwritten or removed may be gone forever.
  • If an employee leaves and you close their account, so goes all their data.
  • Ransomware or internal sabotage can lock or destroy cloud data just like local data.

Without a true backup solution, you’re one mistake – or one bad day – away from losing information your business depends on.

A smarter solution: Managed cloud backup for Office 365

The right approach is to use a managed backup platform designed specifically for Microsoft 365, delivered and maintained by your IT partner (that’s us).

This kind of backup works in the background, quietly capturing all your email, inboxes, folders, and attachments; contacts, calendars, and shared mailboxes; OneDrive and SharePoint files; and, Microsoft Teams conversations and shared files.

Cloud backup solutions are fully automated – no one on your team needs to click a button or remember to save anything. Backups run automatically, several times per day.

You can keep data for as long as your business needs it – 90 days, one year, or forever. Not just Microsoft’s very short default window.

Need a file or email as it existed last Tuesday at 3 p.m.? This is called “point in time recovery.” We can restore it exactly as it was, instantly.

Even if an employee is terminated, leaves the company, or an account is deactivated, their data is still backed up and recoverable. Once an account is deleted in Microsoft 365, you only have a short amount of time to recover the data.

And the best part? We manage it for you. We monitor it daily, fix problems before they become issues, and make sure your critical cloud data is always protected.

Peace of mind without lifting a finger

Small businesses are moving more and more of their operations to the cloud – which makes protecting that cloud data more important than ever. Just because it’s stored online doesn’t mean it’s safe from deletion, cyberattacks, or even billing errors that can deactivate accounts.

When you work with Tech Experts, we handle the whole backup process for you. You don’t have to buy software, assign someone to monitor it, or wonder whether you’ll be able to get a deleted file back. It’s covered – securely, automatically, and professionally.

If you’d like to make sure your Microsoft 365 data is being backed up the right way – or if you’re not sure at all – let’s talk. We’ll review your current setup and show you how we can protect your cloud data before it becomes a problem.

Seven New And Tricky Types Of Malware To Watch Out For

Malware is a huge threat. It can cause a lot of damage and cost people a lot of money. As technology advances, so do the tactics used by cybercriminals.

Malware keeps getting more complex and harder to detect. Here are seven new and tricky types of malware that you should know about:

Polymorphic Malware

Polymorphic malware is a type of malware that changes its code every time it replicates. This makes it hard for antivirus software to detect because it looks different each time. Polymorphic malware uses an encryption key to change its shape and signature. It combines a mutation engine with self-propagating code to change its appearance continuously and rapidly morph its code.

This malware consists of two main parts: an encrypted virus body and a virus decryption routine. The virus body changes its shape, while the decryption routine remains the same and decrypts and encrypts the other part.

Fileless Malware

Fileless malware is malicious software that works without planting an actual file on the device. Over 70% of malware attacks do not involve any files. It is written directly into the short-term memory (RAM) of the computer. This type of malware exploits the device’s resources to execute malicious activities without leaving a conventional trace on the hard drive.

Fileless malware typically starts with a phishing email or other phishing attack. The email contains a malicious link or attachment that appears legitimate but is designed to trick the user into interacting with it. Once the user clicks on the link or opens the attachment, the malware is activated and runs directly in RAM.

Advanced Ransomware

Ransomware is a sophisticated form of malware designed to hold your data hostage by encrypting it. Advanced ransomware now targets not just individual computers but entire networks. It uses strong encryption methods and often steals sensitive data before encrypting it. This adds extra pressure on victims to pay the ransom because their data could be leaked publicly if they don’t comply.

Ransomware attacks typically start with the installation of a ransomware agent on the victim’s computer. This agent encrypts critical files on the computer and any attached file shares. After encryption, the ransomware displays a message explaining what happened and how to pay the attackers.

Social Engineering Malware

Social engineering malware tricks people into installing it by pretending to be something safe. It often comes in emails or messages that look real but are actually fake. This type of malware relies on people making mistakes rather than exploiting technical weaknesses.

Social engineering attacks follow a four-step process: information gathering, establishing trust, exploitation, and execution. Cybercriminals gather information about their victims, pose as legitimate individuals to build trust, exploit that trust to collect sensitive information, and finally achieve their goal, such as gaining access to online accounts.

Rootkit Malware

Rootkit malware is a program or collection of malicious software tools that give attackers remote access to and control over a computer or other system. Although rootkits have some legitimate uses, most are used to open a backdoor on victims’ systems to introduce malicious software or use the system for further network attacks.

Rootkits often attempt to prevent detection by deactivating endpoint antimalware and antivirus software. They can be installed during phishing attacks or through social engineering tactics, giving remote cybercriminals administrator access to the system. Once installed, a rootkit can install viruses, ransomware, keyloggers, or other types of malware, and even change system configurations to maintain stealth.

Spyware

Spyware is malicious software designed to enter your computer device, gather data about you, and forward it to a third-party without your consent. Spyware can monitor your activities, steal your passwords, and even watch what you type. It often affects network and device performance, slowing down daily user activities.

Trojan Malware

Trojan malware is a sneaky type of malware that infiltrates devices by camouflaging as a harmless program. Trojans are hard to detect, even if you’re extra careful. They don’t self-replicate, so most Trojan attacks start with tricking the user into downloading, installing, and executing the malware.

Trojans can delete files, install additional malware, modify data, copy data, disrupt device performance, steal personal information, and send messages from your email or phone number. They often spread through phishing scams, where scammers send emails from seemingly legitimate business email addresses.

Protect Yourself from Malware

Protecting yourself from malware requires using the right technology and being aware of the risks. By staying informed and proactive, you can significantly reduce the risk of malware infections. If you need help safeguarding your digital world, contact us today for expert advice.

Article used with permission from The Technology Press.

Are You Leaving Your Office Door Open?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

If you left your office door unlocked overnight, would you sleep well? Knowing anyone could walk in and help themselves to anything?

Probably not.

But here’s the thing: If your business isn’t using Multi-Factor Authentication (MFA), that’s pretty much what you’re doing – but online. You might have a password in place… these days that’s not enough to keep out the bad guys.

MFA is like adding a second lock to your digital door. It means that even if someone guesses or steals your password, they’ll hit another roadblock. That second “factor” could be a code sent to your phone, your fingerprint, or a quick tap on a special app.

Simple for you, but a nightmare for cyber criminals. Why is this so important?

Because cyber criminals love going after weak targets, and passwords are often the easiest way in. They can crack them using software or steal them in phishing scams (those fake emails asking for your login).

Once they’re in, they can wreak havoc… stealing sensitive data, locking you out of your accounts, or even demanding money to give you access back. No one has time for that.

So, if you’re still relying on just a password, it’s time to level up and follow Microsoft’s lead. Scammers are getting smarter.

Here’s where Microsoft is stepping up. If you use Microsoft 365, you might’ve noticed that the admin center now requires MFA. Why? Because it works. That extra layer of security makes it significantly harder for anyone to break in.

Yes, it adds one extra step to your login process, but it’s a small price to pay for keeping your business safe. Think of it like upgrading from a basic lock to a high-tech security system. It’s not just about protecting your own accounts – it’s about safeguarding your team, your clients, and your reputation.

And honestly, setting up MFA is so quick and straightforward, you’ll wonder why you didn’t do it sooner.

But MFA makes their job a whole lot harder. It’s one of the easiest ways to protect your business – and sleep better at night knowing your “digital doors” are locked tight.

Need help getting this set up? Give us a call at (734) 457-5000, or email info@mytechexperts.com.

Malware And Ransomware: What You Need To Know

Bad software comes in many forms, but two of the most serious threats businesses face today are malware and ransomware. These types of malicious programs can damage your computers, steal sensitive data, and cause serious downtime. Understanding the difference between malware and ransomware — and how they operate — is essential to protecting your business.

Malware is the general term used to describe any “malicious software” designed to cause harm. It includes a wide variety of programs that can corrupt your files, steal your personal information, or even use your computer to attack other systems.

Some common types of malware include viruses, which spread from one computer to another; worms, which can replicate themselves without any action from you; trojans, which disguise themselves as legitimate programs to trick you; and spyware, which secretly monitors your activity.

The damage malware causes can vary widely. It may slow down your system, delete important files, steal your private information, or give control of your computer to cybercriminals. Some malware quietly operates behind the scenes without you ever knowing, while others cause immediate and noticeable problems.

Ransomware, on the other hand, is a specific type of malware that takes your data hostage. It works by locking your files — or sometimes your entire computer — and demanding payment to unlock them.

Think of it as a digital form of kidnapping. Ransomware usually finds its way into your system through infected emails, suspicious downloads, or compromised websites. Once inside, it encrypts your files and displays a message demanding payment for the decryption key.

Sometimes, even paying the ransom doesn’t guarantee that you’ll get your files back, as some attackers simply take the money and disappear.

There are two main types of ransomware. Locker ransomware locks you out of your entire computer, making it unusable. Crypto ransomware specifically targets your files, encrypting them while leaving the system itself accessible. Both types are disruptive and can severely impact business operations.

While malware and ransomware share some similarities, their goals and behaviors differ. Malware is often designed to operate silently, focusing on stealing data or causing long-term harm without immediate detection.

Ransomware, however, is loud and upfront. It wants you to know it’s there because the demand for payment is the whole point.

Unfortunately, malware and ransomware have many ways of sneaking into your business. They often arrive through infected email attachments, fake websites, compromised USB drives, or outdated software with security holes.

Staying protected means keeping your systems updated, using strong passwords, being cautious with links and attachments, and regularly backing up your data.

Knowing the difference between malware and ransomware isn’t just technical trivia — it can make a big difference. The better you understand these threats, the more prepared you’ll be to prevent them.

And if you ever do fall victim to an attack, identifying what you’re up against will help you respond more effectively and minimize the damage.

If you’re unsure whether your business is fully protected or need help strengthening your defenses, get in touch.

We’re here to help you stay secure.

Is Your Business Hardware Holding You Back?

Your business hardware – your computers, printers, and other tech that keeps your day running smoothly – is easy to take for granted.

When they’re working fine, you don’t give them much thought. But how often should you stop to think about whether they’re performing at their best?

The truth is, properly maintaining your hardware is crucial for your business’s success.

Just like a car needs regular servicing to keep running smoothly, your tech requires attention too. Dust can build up inside computers, slowing them down or even causing overheating.

And those software updates that seem like a hassle are often designed to keep your devices working efficiently and securely. If your hardware isn’t looked after, its performance will suffer, costing you time and money.

Sometimes, though, maintenance and repairs aren’t enough.

If your hardware is old or outdated, it could be holding your business back. For example, older computers often struggle to run modern software, leading to frustrating delays and crashes. Worse still, outdated hardware can be a security risk as it may not be compatible with the latest updates designed to protect you from cyber threats.

When you’re facing a decision between repairing or replacing hardware, consider the bigger picture. Repairs might seem cheaper upfront, but if your device is slowing down productivity or constantly breaking, it could end up costing more in the long term.

Investing in new equipment might feel like a big expense, but it can save you money and stress down the line – and give your business a competitive edge.

Outdated hardware doesn’t just affect performance; it can also impact your team’s morale and your customers’ experience. No one enjoys battling with slow computers or unreliable printers. Keeping your tech up to date makes sure everything runs smoothly, keeping your team happy and your business efficient. You’ll see gains in customer service, too.

So, take a moment to think about your hardware. Is it running smoothly, or is it time for an upgrade? The right investment now can save you headaches – and money.

The Hidden Cost of Slow Internet In Your Business

For most businesses today, Internet access is as essential as electricity or running water. You likely rely on it for everything from email and file sharing to customer service, video conferencing, and cloud-based software.

However, many business owners don’t realize the true impact of slow or unreliable Internet until it starts costing them real money – in ways that often go unnoticed.

The most obvious cost is lost productivity. Every time an employee has to wait for a large file to download, a cloud-based application to load, or a video call to stabilize, time is wasted.

Multiply that by every employee, every day, and the wasted hours pile up quickly. Over the course of a year, slow Internet could cost you hundreds – if not thousands – of lost work hours. Even small delays add up when they happen repeatedly, creating frustration for your team and potentially delaying projects or client deliverables.

Beyond wasted time, slow Internet also creates friction in customer interactions. Have you ever been on a video call that froze mid-conversation or suffered through choppy audio during a sales pitch?

Poor call quality, dropped meetings, and delayed responses caused by Internet issues can damage your professional image.

Clients and prospects expect seamless communication, and when technology gets in the way, they may quietly question whether you’re equipped to handle their business effectively.

Slow Internet also has a hidden impact on your IT systems. Many businesses depend on cloud-based backups to protect valuable data, but if your connection is unreliable or slow, backups may fail or not complete on time.

This leaves your data vulnerable, exposing you to additional risk if something goes wrong. Software updates can also be affected.

Outdated or incomplete updates due to poor connectivity can open up security gaps, leaving you exposed to cyber threats.

You might assume that upgrading your Internet service is as easy as calling your provider and ordering a faster plan – but it’s not always that simple.

Internet Service Providers (ISPs) often complicate the process with confusing contract terms, service level agreements, and pricing structures that may not be optimized for your actual needs.

You could end up paying for more than you require, or worse, not enough to meet your business’s demands.

The good news is that you don’t have to navigate this alone. Our team can actively manage your ISP relationship on your behalf. We help clients with Internet upgrades, whether it’s improving speed at your existing location, getting Internet installed properly at a new office, or evaluating multiple options to find the best fit.

We also specialize in negotiating with ISPs to improve pricing or rewrite outdated contracts. In fact, many of our clients discover they’ve been overpaying for years – sometimes without even realizing it.

Upgrading or optimizing your Internet connection isn’t just about faster browsing speeds – it’s about empowering your business to operate more smoothly, reduce downtime, and keep your team productive and your clients happy.

Where so much depends on reliable connectivity, investing in your Internet is one of the simplest ways to gain a competitive advantage.

If you’ve been struggling with slow speeds, service interruptions, or if you suspect you might be overpaying, reach out to us.

We’ll evaluate your current setup, recommend improvements, and even handle the ISP negotiations for you — so you can get back to focusing on your business without worrying about the fine print.

Do Your Cyber Security Plans Fall Short?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

When it comes to cyber security, many small businesses are caught off guard. Not only when cyber attacks happen… but also by what to do next.

A solid cyber security plan isn’t just about preventing attacks. It’s about knowing how to respond if the worst happens.

Cyber attacks often target smaller businesses because criminals know they’re less likely to have robust defenses in place.

The most common threats include phishing (fake emails or messages that trick you into sharing sensitive information) and malware (malicious software that can steal data or shut down your systems).

You can’t stop these risks entirely, but you can reduce your chances of being hit by:

Training your team: Make sure everyone knows how to spot phishing emails, avoid dodgy downloads, and use strong passwords. This is your first line of defense.

Keeping software updated: Regular updates for apps and systems fix security flaws that cyber criminals might exploit.

Using Multi-Factor Authentication (MFA): This adds an extra layer of security, like a one-time code sent to your phone, making it harder for attackers to get in.

But even the best defenses aren’t foolproof. That’s why your cyber security plan also needs to cover what happens if you’re attacked. Without a plan, an incident can cause panic, downtime, and serious financial loss. Here’s what you should have in place:

A response team: Decide in advance who will handle the situation – your IT team, an outside expert, or both?

Backup systems: Regularly back up your data and store it securely. If ransomware locks your files, backups can mean you won’t lose everything.

A communication plan: Know how you’ll inform your team, customers, and any necessary authorities about the breach. Remember, cyber security isn’t just for big companies. A single attack could be enough to seriously damage your business. By planning ahead, you’re not just protecting your data, you’re safeguarding your reputation and your future.

We help businesses create their own plans for defense and remediation. If we can help you too, get in touch.

Is Your Business Prepared for a Cyber Disaster?

Imagine walking into your office tomorrow morning to find that your entire network is down. Your files are inaccessible, client data is missing, and your email system is unresponsive. You scramble to troubleshoot, only to realize your company has fallen victim to ransomware.

What happens next?

For too many businesses, the answer is panic. Without a solid business continuity and disaster recovery (BCDR) plan, an unexpected cyberattack, power failure, or hardware crash can bring operations to a grinding halt. The longer the downtime, the more damage is done—not just financially, but to your reputation as well.

Downtime is costly – and avoidable

Every minute your business is offline costs money. Missed sales, delayed projects, lost customer trust—it all adds up quickly. According to industry reports, even a single hour of downtime can cost small businesses thousands of dollars. For larger organizations, the losses can skyrocket into six figures.

While cybersecurity measures like firewalls and email security tools help prevent attacks, they don’t eliminate risk entirely. What matters just as much is how quickly your business can recover.

The key components of a strong BCDR plan

A well-designed BCDR plan isn’t just about having backups—it’s about having a strategy to keep your business running, no matter what happens. Here are the essential components:

Automated, Secure Backups – Regular, offsite backups ensure your files and systems can be restored quickly after an attack, hardware failure, or accidental deletion.

Incident Response Plan – If a disaster strikes, who does what? A clear, documented step-by-step response plan ensures that your team knows how to act fast to minimize downtime.

Cyber Resilience Strategy – Preventive security measures reduce the risk of data loss while redundant systems and cloud-based infrastructure help maintain operations during an outage.

Testing & Drills – Having a recovery plan isn’t enough—it needs to be tested. Simulated attacks and downtime exercises help identify weak points before a real crisis occurs.

What happens without a BCDR plan?

Businesses without a recovery strategy often face severe consequences when disaster strikes:

Permanent data loss – Without proper backups, recovering lost files may be impossible.

Extended downtime – A slow recovery means lost revenue, frustrated clients, and operational chaos.

Reputational damage – Customers expect reliability. If they can’t reach you, they may take their business elsewhere.

Regulatory penalties – Depending on your industry, data protection laws may require businesses to have a recovery plan in place.

Why you shouldn’t wait to put a plan in place

It’s tempting to assume that disasters only happen to other businesses, but cyberattacks, power failures, and hardware issues can strike at any time. Without a plan, even a small incident can escalate into a full-blown crisis.

At Tech Experts, we help businesses design and implement comprehensive business continuity and disaster recovery plans that keep operations running smoothly—no matter what happens. From secure backups to fast recovery solutions, we ensure that your company is prepared for the unexpected.