Gray Area Consulting

22/04/2026

Seeing a lot of cybersecurity checklists from IT companies lately. Great lists, from great companies. But I think they're missing a few things that matter just as much.

Here's the ones I think matter most right now.

AI Security
We all love AI. But the speed at which businesses are giving AI tools access to sensitive systems without thinking about it is concerning.

Vibe coding with tools like Claude Code or running agents like OpenClaw? Use .env files and lock down your GitHub repos. The number of exposed API keys on public repos right now is staggering. One key is all someone needs.
These tools run locally but send everything to the cloud for processing. The app is local. The compute is not. Agents like OpenClaw can access your files, browser, email, and shell. Cisco already caught a third-party OpenClaw skill performing data exfiltration and prompt injection without the user knowing.
Sandboxing, API permissions, security groups. No controls on what your AI tools can access means you're handing out your business data for free.

MFA on Office 365
If you only do one thing on this list, do this one. Passwords get compromised. MFA means they still can't get in. No excuse in 2026.
Separate Admin Accounts
If your daily email account is also a Global Admin and it gets compromised, they own everything. Simple fix. So many businesses get it wrong.

EDR, Not Antivirus
Traditional antivirus isn't enough. EDR monitors for suspicious behaviour and isolates the device before malware spreads across your network. The difference between catching it early and finding out three months later.

Train Your People
All the tech in the world doesn't matter if someone clicks a dodgy link on a Tuesday morning. Quarterly phishing sims and a short training module make a real difference. No filter catches everything. Your people are your last line of defence.

Get Off Windows 10
Support ended October 2025. No more patches. ESU exists but starts around $105 AUD per device year one and pretty much doubles each year after. Three years max. It's a bridge, not a long term plan.

Back Up SharePoint and OneDrive
Device dies or gets hit with ransomware and those files are gone. Most businesses also store shared files in SharePoint or Teams. If someone deletes, modifies or encrypts them, you need to roll back. Proper third party backup is not optional.

Firewalls and Logs
You need proper firewall hardware. Not the box your ISP gave you.
Logs, you need logs, and ontop of that If nobody's reviewing them, you have zero idea what's happening in your environment. You could have someone sitting in your network right now and you wouldn't know. You can't protect what you can't see.

None of this is complicated. None of it is expensive. But most businesses aren't doing even half of it.

If you looked at this list and thought "yeah we should probably sort that out"... you probably should.

21/04/2024

Are you looking for better options to ship products to customers? Delta Cargo is launching a new small parcel delivery service for online retailers.

Air freight operator teams with Massachusetts tech provider SmartKargo

20/04/2024

Looking to get more mileage out of an old tablet? Here are some tips on using it as a second PC monitor.

Spacedesk: The best free software for turning a tablet into a computer monitor

19/04/2024

We're all tied to our chargers these days. Learn how to charge effectively with this list of the best charging devices for personal or business use.

After comparing over 50 chargers, we bought the 15 best cell phone and USB device charging stations available today and tested them side-by-side to help...

18/04/2024

If you're a leader at a small or mid-sized business, here are three top cybersecurity trends you're going to want to know about.

By holistically managing risk, business leaders can boost organizational resilience in 2024, Cynet concludes.

17/04/2024

Are we getting closer to personal AI robots? Visit a day in the life of Ballie, an AI home companion robot.

A new, smart home companion is welcoming users home by taking care of household tasks, displaying the day’s events and sharing weather updates. Samsung

16/04/2024

Have you ever considered going to the library to help your small business? Turns out they have a ton of accessible resources to help with everything from market research to free or low-cost workspaces.

In today's complex business landscape, small businesses strive to find the right tools for success. Among numerous options, libraries often remain ove

15/04/2024

A large cybersecurity agency is warning that AI is going to make scam emails even harder to tell from real ones. It's time to beef up your phishing defenses!

NCSC says generative AI tools will soon allow amateur cybercriminals to launch sophisticated phishing attacks

14/04/2024

Attending school online has been a thing for a while now, but what about attending in the Metaverse? A new VR high school is being launched which will be just the beginning of a whole new way to learn.

Imagine slipping on a VR headset and stepping into a bustling high school campus, not in the physical world, but in an immersive digital universe. This isn’t a scene from a futuristic novel. It’s the reality Japanese tech company Aominext is bringing to life with their groundbreaking metaverse p...

13/04/2024

If you've been sharing a password on Hulu, look for a crackdown. The company has begun policing password sharing, similar to Disney+ and Netflix.

Following Disney+ and Netflix, another streaming giant is cutting off freeloaders.