As a small business owner or manager, you're likely familiar with the daily decision: should you shut down your Windows computer at the end of the day or simply put it to sleep? Each option has its own set of advantages and considerations, and understanding these can help you make the best choice for your business's efficiency and equipment longevity.​

Shutting Down: The Complete Power-Off

When you shut down your computer, it closes all running programs and completely powers off the system. This process ensures that all temporary data is cleared, providing a fresh start upon the next boot.​ Advantages:

• Energy Conservation: A shut-down computer consumes minimal to no power, which can lead to energy savings, especially if multiple machines are involved. ​

• System Refresh: Regular shutdowns can help clear temporary files and reset system processes, improving performance.

But there are considerations:

• Startup Time: Booting up after a shutdown takes longer than waking from sleep mode, which might slightly delay the start of your workday.​

• Interruptions: Any unsaved work needs to be saved appropriately before shutdown to prevent data loss.​

Sleep Mode: Quick Resumption with Minimal Power

Sleep mode puts your computer into a low-power state, preserving your current session (open applications and documents) in RAM while powering down non-essential components. This allows for a quick resume when you're ready to work again.​

Advantages:

• Immediate Access: Waking from sleep is almost instantaneous, allowing you to pick up right where you left off without waiting for an entire boot process.​

• Convenience: There's no need to close and reopen applications, which can enhance productivity, especially during short breaks.​

Considerations:

• Power Consumption: While minimal, sleep mode does consume some power to maintain the system state in RAM. Over extended periods, this can add up.

• Potential Vulnerabilities: In the event of a power outage or battery drain (for laptops), unsaved data could be lost. However, many modern systems have safeguards like hybrid sleep to mitigate this risk.

Hybrid Sleep: Combining the Best of Both Worlds

Some Windows systems offer a "hybrid sleep" option, which combines sleep and hibernation. It saves the contents of RAM to the hard drive (like hibernation) and then enters a low-power state (like sleep). This ensures data preservation even if power is lost, while allowing for a quick resume.

Making the Right Choice for Your Business

The decision between shutting down and sleeping your computer depends on your specific work patterns and priorities:

• Short Breaks (e.g., lunch hours): Sleep mode is ideal as it allows for quick resumption of work without needing a complete system restart.​

• End of Workday: If you won't use the computer until the next day, shutting it down can save energy and provide a fresh start in the morning.

• Overnight Tasks: If your computer is set to perform updates, backups, or other maintenance tasks during off-hours, sleep mode (with appropriate settings) or leaving it on might be more suitable.​

Additional Considerations

• Hardware Longevity: There's a common concern that frequent shutdowns and startups can wear out hardware components. However, modern computers are designed to handle power cycles efficiently, with minimal impact on hardware lifespan. ​

• Security: Shutting down your computer can reduce exposure to certain security risks, as it disconnects the machine from networks and potential threats.​

The Argument for Always On — Daily Reboots

I encourage my business clients to leave their Windows PC (desktop) on permanently in High-Performance power mode. In this APM (Advanced Power Management) mode, the Windows machine remains on overnight. I encourage this so that daily processes (Windows updates, reboots for patching, malware and anti-virus scans, backups, and general maintenance) can be performed on the machine overnight. If unable to run during the evening, they’ll try to run during the day, slowing the machine down and may even interrupt the user. In business, we want computers to perform such maintenance while we’re not around.

I also encourage my business clients to get into the practice of restarting their Windows computers every day, usually through the practice of logging off. When performing a restart, the whole system reboots; if done when the user’s leaving work, that reboot can take as long as it needs to, and when the operating system returns, it waits to enter interactive mode; somebody has to log in to it, so it’s secured. This forces a best practice behavior (never leaving applications or files open — restarting closes all files) and secures the machine. It also tackles a problem that Windows computers specifically suffer from: memory leaks.

A memory leak in Microsoft Windows occurs when an application or process fails to release memory it no longer needs, leading to progressively higher RAM usage. Over time, this can slow down the system, cause performance issues, and even lead to crashes as available memory is exhausted. This happens all the time on Microsoft Windows. Memory leaks are often caused by poorly optimized software, driver issues, or long-running applications that continuously consume resources without freeing them. Regular system restarts and software updates can help mitigate memory leaks and maintain optimal performance. Restarting the machine daily helps address memory leaks.

Conclusion

Both shutting down and using sleep mode have their merits, but I’d recommend to anyone: restart your Windows machine when you’re done with it, and leave it on.

For small business owners and managers, aligning your choice with your operational needs and energy efficiency goals is key. By understanding the benefits and limitations of each option, you can optimize your workflow and ensure the longevity of your equipment.​ But don’t take my word for it. Remember, the best choice is the one that fits seamlessly into your business routine while supporting productivity and sustainability.

R

If you’re a small business owner, safeguarding your business's data is paramount. Yet you might wonder: Is Windows 11's built-in security sufficient, or should you invest in third-party antivirus software?

Let’s Talk About AV Software

There are all kinds of anti-virus software, and we still need it after 40 years of personal computing because … why? Because the operating system is inherently flawed? The premise that you need a 3rd-party to monitor the holes in something seems hokey.

• How effective is something that seems to have a built-in demand fulfillment?

• How useful is it if it’s not guaranteed to work by its own EULA (End User License Agreement), and nobody is responsible if it fails?

• How important is having a product focusing on a computer when threats have evolved away from personal computers and websites? Email? Phishing, infostealers, and browser hijacking?

• How effective is something updated in the scope of days or weeks when the significant flaws strike within hours, creating Zero-Day effects?

• Why rely on something that isn’t warranted to work? Why do we shrug off AV solutions that fail?

I’d submit that anti-virus software is a passive, reactionary tool. It’s not a proactive response to viruses (writing and testing good, error-free, safe code). It’s something we hope works. So, first, let’s talk about that: an anti-virus is not a foolproof iron shield. Nobody claims it is — yet they insist we need it.

Instead of a supplemental expense to help give us better confidence in a computing platform’s security, why not choose an operating system with a history of writing and testing good, error-free code? Regretably, that’s not Microsoft Windows.

Linux (Apple’s MacOS and ChromeOS) has a better track record. So, if you’re at all interested in security, you should immediately see that Windows (a 35-year-old operating system distributed with the promise of never having to recompile anything since the 1990s) is the antithesis of secure.

Windows 11's Built-in Security Features

But, if you must run Windows, Windows 11 comes equipped with robust security measures designed to protect your system from various threats:​

• Microsoft Defender Antivirus: Formerly known as Windows Defender, this built-in antivirus solution offers real-time protection against malware, viruses, and spyware. It operates seamlessly in the background, ensuring your system remains secure without additional installations.
  

• Trusted Platform Module (TPM) 2.0: Windows 11 requires TPM 2.0, a hardware-based security feature that ensures platform integrity by verifying the boot process and protecting encryption keys. This addition enhances protection against firmware and hardware attacks.
  

• Virtualization-Based Security (VBS) and Hypervisor-Protected Code Integrity (HVCI): These features isolate critical parts of the operating system, preventing malicious code from tampering with system defenses. ​

So long as the user sets a decent password, Windows remains current on its patches, its firewall is activated, and the disk volume is Bitlockered (encrypted), a Windows 11 machine can be trusted with its native security solutions.

Guaranting those state of affairs is the problem without oversight. That’s where Endpoint Management becomes so important.

But viruses aren’t the whole of the security problem.

The Case for Third-Party Antivirus Software

Most modern operating systems (including Windows) have built-in controls that make it difficult to harm the operating system. Security threats, though, have evolved beyond the local operating system. We’re now more at risk of things stealing our information online, from hacks of insecure websites or from aggressors who trick us into going somewhere on the web we shouldn’t.

That’s where 3rd-party products come in.

• Advanced Features: Third-party antivirus programs often offer additional functionalities, such as virtual private networks (VPNs), password managers, web filtering, and identity theft protection. These features can provide a more holistic security approach, especially for businesses handling sensitive information.
  

• Specialized Protection: Certain industries or businesses with specific compliance requirements might benefit from the tailored security measures that some third-party solutions provide.​

Considerations for Small Businesses

When deciding on your security strategy, consider the following:

• Choose the Right Tool: Get down to brass tax. Why continue spending money on flawed software? Choose an operating system with a stronger security and vulnerability remediation track record. Hint: It’s not Microsoft Windows.
  

• Risk Profile: Assess the nature of your business operations. Investing in additional security measures might be prudent if you handle sensitive customer data or intellectual property or have a compliance obligation like HIPAA, FERPA, or GLB.
  

• User Behavior: Educate your team on safe online practices. Human error, such as clicking on phishing links, remains a significant security threat.
  

• System Performance: Some third-party antivirus solutions can be resource-intensive, potentially affecting system performance. Ensure that any additional software integrates smoothly with your existing setup.​
  

• There Isn’t a Magic Pill: Anyone who says their anti-virus product solves all problems is lying. There’s no magic pill to fix all ails, and the microcomputer threat environment changes daily. The best security (confidence in our safeguards) comes from a holistic asset management approach beyond paying for a software subscription.

Conclusion

For many small businesses, Windows 11's built-in security features provide a solid foundation against common threats.

However, exploring third-party antivirus solutions could offer additional peace of mind if your business requires advanced security capabilities or operates in a high-risk environment.

Ultimately, the decision should align with your security needs and operational considerations.

What’s good for you? What makes you feel comfortable? We can work out the answers together.

R

In today's digital landscape, safeguarding Personally Identifiable Information (PII) is paramount for small businesses. A single data breach can compromise customer trust and lead to significant financial and legal repercussions. Fortunately, various technology solutions can enhance PII security, ensuring your business remains resilient against cyber threats.

How to Enhance PII Security

1. Data Encryption. Encryption transforms readable data into a coded format, ensuring that only authorized individuals can access it. Implementing encryption for both stored data and data in transit is crucial. Identifying and encrypting the PII your organization uses and stores is a fundamental step in securing sensitive information.

2. PII Data Discovery Tools. Understanding where PII resides within your systems is essential for effective protection. Advanced PII data discovery software automates the detection and classification of sensitive information, enabling businesses to manage and secure their data proactively.

3. Secure Cloud Storage Solutions. Utilizing secure cloud storage services with end-to-end encryption ensures that sensitive data is protected from unauthorized access. Proton Drive, for instance, offers encrypted cloud storage, allowing businesses to store and share files securely while maintaining compliance with data protection regulations.

4. Multi-Factor Authentication (MFA). Implementing MFA adds an extra layer of security by requiring users to provide multiple forms of verification before accessing sensitive data. This significantly reduces the risk of unauthorized access due to compromised credentials.

5. Regular Software Updates and Patch Management. Keeping software and systems up-to-date is vital, as outdated applications can have vulnerabilities that cybercriminals exploit. The U.S. Small Business Administration emphasizes the importance of conducting vulnerability scans and managing information communication technology to strengthen cybersecurity. sba.gov

6. Employee Training and Awareness. Human error remains a leading cause of data breaches. Regular training sessions can educate employees on best practices for data security, such as recognizing phishing attempts and understanding the importance of strong passwords.

7. Data Masking and Anonymization. Implementing data masking techniques can protect sensitive information by obscuring it, ensuring that even if data is accessed without authorization, the PII remains concealed.

8. Secure Disposal of Data. When data is no longer needed, ensure it is disposed of securely. This includes using data wiping tools for electronic data and shredding physical documents containing PII.

Conclusion

By leveraging these technology solutions, small businesses can significantly enhance their PII security posture. Proactive implementation of these measures not only protects sensitive information but also fosters trust with customers and ensures compliance with data protection regulations.

R