Huneidi Services

04/20/2026

You deleted it. Microsoft shrugged.

Retention policies and backup policies get confused constantly. One keeps data accessible on Microsoft's terms. The other gets your files back on yours. Most organizations have one and assume they have both.

When I audit a new environment I usually find out they have zero actual backups in place. They just didn't know to ask.

Business owners see Microsoft 365 failover features and assume they are fully covered. Microsoft definitely has failover. But it backs up to Microsoft. That design protects their infrastructure liability rather than your business data.

If an employee accidentally purges a critical folder or ransomware encrypts your SharePoint files, Microsoft won't save you. They provide the platform. You are responsible for the data.

The reality is simple.
➔ Microsoft protects their infrastructure
➔ You have to protect your data

True recovery requires backing up to a completely isolated third-party location.

Four hours of downtime usually costs far more than reliable backup software would have cost for an entire decade. You lose revenue. You frustrate customers. You damage trust.

Are you relying on retention or do you actually have a verified backup?

Drop a like if you agree that hoping for the best is a terrible IT strategy. Comment below if you've ever had a close call with a deleted file.

04/18/2026

Week one. New client. Admin password was password123.

That's not the worst thing we found. It wasn't even close. This is what the first week actually looks like when we take over an environment nobody has touched in years.

I took over IT for a company recently where the previous vendor promised everything was perfectly secure. We ran our initial audit and started installing our monitoring software to get a real look at the hardware and infrastructure.

Total chaos.

Every single user was set up as a local admin. They had their Microsoft 365 tenant configured so employees could approve any third-party integration they wanted without asking. One of those happened to be a signature scraping tool with an active exploit that allowed hackers to inject code right into their tenant.

We found former employees who left six months ago still holding active credentials with full access to company data.

Then we checked the backups.

The client assumed they were safe because they had Microsoft 365. They thought Microsoft backed up everything automatically. In reality, they had absolutely zero third-party backups in place. If an incident happened, the downtime wouldn't just mean a few hours of lost productivity. It would mean lost customers, damaged brand reputation, and major lost revenue.

Convenience without structure creates real liability. Employees were even pasting sensitive company data directly into free ChatGPT accounts just to save a few minutes on daily tasks.

This is what happens when accountability is missing from the design. If the same issues keep recurring, the system itself is broken. Tools don't solve problems if no one is enforcing the standards.

Have you ever walked into a new job and realized the internal security was a complete mess?

Like and comment below if you agree that setting hard boundaries in IT is completely non-negotiable.

04/17/2026

Your employees already decided your security policy. Not maliciously. They needed a faster way to share files, so they used their personal Dropbox. They needed a tool the company didn't have, so they signed up with their work email. The decision was made without you. The exposure started the same day.

I see this constantly when I take over an IT environment.

We deploy our software during the first week and the reality is usually a shock to the leadership team. Employees are just trying to get their jobs done. But because the company didn't provide a secure, structured way to do it, people found their own path.

Like pasting sensitive company data into the free version of ChatGPT just to summarize a meeting.

Or clicking approve on a random M365 integration for a signature scraping tool... which actually had an exploit allowing hackers to inject code right into the system.

Convenience without structure creates massive long-term liability.

When you allow users to approve their own integrations or hold local admin passwords, you lose control of your own company. I've walked into setups where former employees still had full access to core systems six months after they left the building.

That happens because there are no enforced boundaries.

Tools alone don't fix this. Clear ownership and enforced standards do. We have to stop treating shadow IT as a technical glitch and start treating it as an organizational visibility failure. You need an environment where security and accountability are built in from day one.

Have you audited what apps your team is actually using to do their daily work?

Drop a like and comment below if you've ever discovered a random software tool being used in your company that you had absolutely no idea about.

04/15/2026

30 people. 4 hours. No one working. That's 120 hours of payroll evaporating before lunch. That's not counting the deadline you pushed, the client who noticed, or the overtime it took to catch up. You absorbed the cost. You just didn't name it.

I see leaders track every single dollar spent on software licenses and minor office supplies. Yet they completely ignore the most expensive leak in their business.

Reactive IT support.

Let's break down what actually happens during a half-day outage. Your team stops working but your payroll keeps running right along. Then the ripple effects start hitting your operation in ways you can't easily put in a spreadsheet. Customer frustration builds up fast when they can't reach you. You end up paying staff overtime just to meet the basic deadlines you missed while the screens were dark.

You might even face contract penalties.

Most businesses never actually calculate this total number. They just absorb the hit and call it a bad Tuesday. They accept the chaos because they don't know exactly what it costs them in hard dollars.

Once you sit down and run the actual math on lost revenue and reputation damage, proactive IT management stops looking like a luxury expense.

It suddenly looks incredibly cheap.

Do you know your actual downtime number? Like and comment below if you refuse to let invisible costs drain your business.

04/14/2026

Your backup software says green. It's lying.

The checkmark is real. The restore capability isn't. Most businesses find this out once, at the worst possible moment, and never forget it.

When I take over a new client and run our first assessment, I almost always find the same thing. They have absolutely zero working backups. They see an icon on their screen or assume Microsoft 365 handles everything for them.

They simply don't know to ask the right questions.

Microsoft has failover. It backs up to Microsoft. That means if someone makes a mistake or your tenant gets compromised, you just have a very reliable, redundant copy of your compromised data.

I constantly see businesses paying for backup services that haven't actually been tested in years. The monthly reports look fine. The icons are green. But the worst time to discover your backups don't work is when you actually need to use them.

When your systems go down for four hours, the damage stacks up fast.

➔ Lost customers who couldn't reach your team
➔ Upset current clients waiting on delayed deliverables
➔ Major lost revenue that you cannot recover
➔ A severe, lasting hit to your brand reputation

This happens because leaders accept convenience over proper structure. A green light feels safe.

We don't accept status indicators as proof. We put data in third-party locations and test the actual restores. Accountability has to come before the technology.

When was the last time you saw physical proof of a successful data restore?

Drop a "Tested" in the comments if you know your backups actually work right now, or hit like if this made you realize you need to ask your IT provider some hard questions today.

04/12/2026

You fired them. Your systems didn't.

Six months later, their Microsoft 365 account is still active. The shared password to your client portal was never changed. They have access to everything they had the day you walked them out. Most owners find out when something goes wrong. Some never find out at all.

This happens all the time when I audit new clients.

We routinely find former employees who left half a year ago sitting with full access to company data and financial systems. The owner handled the HR side perfectly but the technology was completely left behind.

Poor offboarding is one of the biggest security gaps we see in small businesses today.

When a team member leaves under bad circumstances, leaving their digital access open is a massive liability. They can easily log in from home to download your entire client list or read private emails.

A proper IT setup simply removes human error from this equation.

When someone is terminated, their access should automatically revoke everywhere at once.

➢ Email access gets cut immediately
➢ Shared passwords are automatically rotated
➢ Device access is locked down

If you have to manually remember to turn off twenty different accounts, you will eventually forget one.

What do you think about manual offboarding? Like and comment if you believe system access should be tied directly to HR status.

04/11/2026

We walked in. Admin had no MFA. Ever.

New client. Decent-sized company. IT managed for three years by someone they trusted. First thing we found: the primary admin account had never had MFA enabled. Not disabled. Never set up.

The second thing we found was worse.

We looked at their offboarding. Several former employees still had active system access.

One of them left six months ago.

Because nobody complained the owner assumed they were protected. Silence felt like security. But then we audited their Microsoft 365 environment.

Any user could approve third-party app integrations.

We found a signature scraping tool connected to their tenant. That specific tool had an exploit allowing direct code injection on their machines.

Then we asked to see their backups.

They thought they were completely covered. Most businesses do. They assumed Microsoft was backing up their data. But Microsoft provides failover. It backs up to Microsoft.

They had zero third-party backups. If a major data loss happened that afternoon they would have had nothing to restore from.

Most small businesses trust their IT setup is secure simply because no one has complained. But the absence of problems is completely different from the presence of protection.

A quiet IT environment is dangerous if you don't know exactly why it's quiet.

Have you actually seen proof that your backups are working this month? Drop a yes or no in the comments. I'm curious how many people actually get reports.

01/22/2025

It was a pleasure working with the team at Pfrank's Dumpsters, we’re excited to see what the future holds for them!

Serving the greater St. Louis and Southern Illinois area with reliable, family-owned service, Pfrank’s Dumpsters is here to make waste management easy and stress-free. Led by Frank, our dedicated and playful German Shorthaired Pointer, we bring personalized service and community care to every job....

12/19/2023

12/16/2023

This past week, we held an event focused on reviewing the past year, looking forward, and educating our customers and guests on what's to come in 2024. We want to thank The Outlet Event Center for being a great partner in hosting our event and providing some delicious food.
We want to thank Neighbors Bakeshop for providing some original and fun sweets - they were excellent.

Special shout out to T-Mobile, Foxit, Alternative Payments, Busey Bank, First Mid Bank & Trust, Neighbors Bakeshop, The Outlet, and The Ink House for the many giveaways and raffle items provided.

Thanks to Tom Bertolino - for providing music as well.

Looking forward to a successful 2024 for our existing and new customers. Happy Holidays!