News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

ISSUE 16.46.0 • 2019-12-16

Logo
The AskWoody Plus Newsletter

In this issue

GOOGLE CHROME OS: The Chrome OS FAQ, Part III: You’ve got a Chromebook. Now what?

BEST OF THE LOUNGE: Phishing with a browser’s security icon as bait

LANGALIST: New laptops prompt new concerns

PATCH WATCH: Closing out the patching year …

CLOUD SERVICES: When moving to the cloud goes really bad


GOOGLE CHROME OS

The Chrome OS FAQ, Part III: You’ve got a Chromebook. Now what?

JR RaphaelBy JR Raphael

So now that you’ve read Parts I and II of our Chrome OS FAQ, you’ve worked out what Google’s operating system is all about — and possibly picked out the Chromebook that’s right for you.

Whew! It’s been a busy couple of weeks. (If you missed the first two parts of this series, no worries: just head over to issues 16.44.0 (2019-12-02) and 16.45.0 (2019-12-09) to get all caught up.)

Now we’re ready for the really fun part: taking your first steps into the world of your shiny new Chromebook. Getting around Chrome OS is mostly self-evident — especially if you’re an experienced Windows user — but there are some initial steps you’ll want to take to get everything set up and configured the way you like it.

Without further ado, let the questions begin!

How do I get Android apps onto my Chromebook?

Installing Android apps on a Chromebook is essentially no different from installing Android apps on a phone: you start by clicking the Google Play Store icon, which should be present within your Chromebook’s app drawer (accessible by clicking the circular Launcher icon in the lower-left corner of the screen or by tapping the matching key on your keyboard).

Next, enter an app title in the search bar or browse the list of apps to find whatever strikes your fancy (see Figure 1).

Google Play App
Figure 1. The Google Play Store on a Chromebook.

And if you’re signed in to your Google account, you can even open up the Play Store website on another computer and send an app to your Chromebook from there. As long as both devices are using the same Google account, the Chromebook should show up as an available option.

What about regular Web apps? How do I find those?

Just open up the Apps section of the Chrome Web Store. (Note that the Apps section is available only on Chrome OS devices. If you try to access it from any other type of system, you’ll see only Extensions and Themes for the Chrome browser.)

Do I need to install an app for everything I might do on the Chromebook?

Nope! Not at all. You can run Web-based services such Gmail, Google Calendar, Google Drive, and so on — just as you do in Windows — entirely within your Web browser. For frequently used webapps, click the three-dot menu icon to the right of the address bar and select More tools followed by Create shortcut (see Figure 2).

TITLE
Figure 2. Shortcuts aren’t limited to webapps; you can turn any site into an app-like shortcut.

Shortcut webapps and sites can have any name you like. You can also have shortcuts open in separate windows — in other words, each will exist in its own box instead of looking like a browser tab. Once you finish the process, the shortcut will appear on the Chromebook’s shelf (the taskbar-like interface at the bottom of the screen).

So how do I customize the shelf?

Excellent question. For shortcuts that are already on the shelf, you can click their icons and then drag-and-drop them in either direction to change their placement. If you want to remove an item from the shelf completely, right-click it (or two-finger click it, on a trackpad) and then select “Unpin” from the menu that appears. (This should all sound familiar to Windows users.)

If you want to add an item to the shelf, click the Launcher and then select the up-arrow icon to open your entire list of available apps. Find the item you want, right-click it, and select “Pin to the shelf.”

Can I organize the app drawer as well?

You sure can! Just drag-and-drop any icon to a new position — or drag-and-drop one icon onto another icon to form a folder. Once a folder’s been formed, select it and then click its name (probably “Unnamed,” by default) to rename it.

The Chrome OS application drawer
Figure 3. You can easily reshuffle app icons in the Chrome OS app drawer to fit your preferences.

How do I uninstall apps entirely?

Just right-click the app’s icon — either in the app drawer or on the shelf (if it’s there) — and select Uninstall or Remove from Chrome in the popup menu.

What about Linux apps?

Put bluntly, installing Linux apps is a complicated can of worms, best left to advanced Chromebook owners. You have to navigate through a somewhat dense command-line jungle.

If you’re up for the challenge, I’ve posted a step-by-step guide to get you started.

How do I adjust my Chromebook’s settings?

For system-level settings, select the screen section that includes the clock (lower-right-hand corner of the screen) and then click the gear icon at the top of the window that comes up.

Chrome OS settings screen
Figure 4. The Chrome OS system settings can be a bit hard to find at first.

For browser-level settings — the same options you’d see within Chrome on Windows or any other supported desktop platform — open a browser window, click the three-dot menu icon to the right of the address bar, and select Settings from the menu that appears.

How do I make sure my Chromebook is ready for offline use?

With or without an active Internet connection, you’ll always be able to sign in to your Chromebook and use basic system tools. Beyond that, it’s mostly a matter of making sure each app you’ll need offline is prepared ahead of time.

With Gmail, for instance, you’ll want to head over to the regular Gmail website, click the gear icon in the upper-right corner, select Settings, and then select Offline from the menu at the top of the screen. Check the box next to Enable offline mail and follow the prompts to complete the process.

Setting up a local version of Google Drive has similar steps, but the process covers both Drive and its associated productivity services: Docs, Sheets, Slides, and so forth. You’ll also need to install the companion Google Docs Offline browser extension to ensure full functionality.

To create local copies of your Google-created files (Docs, Sheets, Slides, etc.) go to those respective services and right-click the files to select the “Available offline” toggle. (Only recently opened files are automatically stored on your Chromebook.)

For any other My Drive files that you want to make available offline — i.e., those that don’t relate to Google apps — open your Chromebook’s Files app, click the Google Drive section in the left-hand panel, then right-click a folder and select Available offline.

Other online services — for example, Google Keep and its offline-ready Chrome app — may have their own standalone, local apps . You can also browse through offline-capable apps on a Chrome Web Store page (again, it’s a link that’ll work only when opened from a Chromebook). And remember, too, that most Android apps are designed to work offline, without any extra effort.

Are there keyboard shortcuts I can use?

Of course! Lots of ’em, in fact. Press the key combination Ctrl + Alt + / to see a list of available commands.

How do I get to Google Assistant?

On most current Chromebooks, you can pull Assistant up by hitting the Launcher key and the a key together. The exceptions are Chromebooks made by Google, which have a dedicated Assistant key between Ctrl and Alt on the left side of the keyboard.

You can also set up Assistant for hands-free access via the “OK Google” or “Hey Google” hotwords; look for the “Google Assistant” option within the Search and Assistant section of the system settings.

I want to do more! Do you have tips and tricks for tapping into advanced features and options?

Do I ever! Mosey on over to my sprawling list of Chromebook tips or explore my recent collection of worthwhile Google Assistant commands.

I cover Chrome OS constantly in my newsletter. So if you want to get fresh Chrome OS info in your inbox every Friday, feel free to subscribe. It’s an excellent complement to everything you’re learning here in AskWoody Land — but with an exclusive focus on the Googled side of mobile computing.

Questions or comments? Feedback on this article is always welcome in the AskWoody Lounge!

Journalist JR Raphael has covered Android and Chrome OS since their earliest days. For even more next-level Google knowledge, check out his weekly Android Intelligence newsletter.


Best of the Lounge

Phishing with a browser’s security icon as bait

Is the lock icon in your browser’s address bar sufficient proof that the site you’re visiting is legitimate and safe?

Da Boss Kirsty shares Danny Palmer’s ZDNet article about how malicious websites are using the padlock icon — denoting a fully secure HTTPS connection — to fool visitors. The upshot: HTTPS defines the connection but not whether you’ve linked to a safe site. Join the discussion in the AskWoody Lounge.


Windows 10

Plus member Apparition wants to wipe the factory-installed Windows 10 Pro from a new computer and install Win10 Pro 1909 from an ISO. The goal is to eliminate bloatware added by the vendor. Apparition also has questions about using a local account with the MS store. Readers respond with the “how to.”


Apple iOS

Asking an age-old question, Plus member dmt_3904 wonders whether sandboxing means that iOS devices do not need added security software. Can AV apps dig deep enough into the OS to even detect malware? Not surprisingly, opinions on this topic abound.


Windows 10

Lounger WSharrylentil is stymied over a six-year-old Win10 computer’s slow boots. The question at hand is whether a new solid-state drive will alleviate this issue. Readers respond with suggestions on things to check.


Windows 10

After moving from Windows 7 to Win10, Lounger WSaltamirano noticed that fonts were less sharp. Fellow loungers suggested various fixes, but WSaltamirano came up with a solution — and it wasn’t updating the video drivers.


Windows 10

One of the first orders of business when setting up a new machine is moving user files from the old PC. Plus member BobStr wanted to know the easiest way to make that transition. There are, of course, numerous ways to skin that … task.


MacOS

When MVP Nathan Parker received a warning about MacOS malware called “Search Baron,” he asked the Lounge whether anyone knew of it. Although it remains a mystery, there’s an interesting discussion about AV software for Macs.


If you’re not already a Lounge member, use the quick registration form to sign up for free.


LANGALIST

New laptops prompt new concerns

Fred Langa

By Fred Langa

Newly purchased PCs are raising some interesting hardware and warranty questions among users.

Here are three examples from LangaList readers: two about battery care on new devices, and one about a new kind of extended warranty that includes anti-malware and driver-update services.

Is keeping a laptop plugged in harmful?

Subscriber J.S. writes:

  • “Will it hurt my new laptop’s battery if I keep my power supply connected at all times?”

Hurt it? Not exactly. But it won’t help it.

Lithium-ion batteries give their longest service life when you keep their charge state somewhere between 80 percent and 20 percent.

Surprisingly, a disproportionate amount of battery wear occurs when charging these batteries to levels above about 80 percent — or discharging them below about 20 percent.

If you leave your laptop permanently plugged in, you’ll be charging the battery to 100 percent and then keeping it there.

A good charging circuit will stop actively charging when the battery initially reaches full charge. But it’ll then kick back on when the battery voltage drops a bit. That periodic “topping off” is more taxing on battery chemistry than if you stopped the charging process sooner. Over time, this extra wear causes battery capacity to drop more than it would have otherwise, delivering lower battery run times per charge.

If you replace your devices or batteries every year or two, the lost capacity might not be noticeable — nor significantly impact the use of the device when on battery power. But a quick trade-in cycle is an expensive way to beat battery issues.

On the other hand, if you hold on to your devices or batteries for more than a couple of years, the best practice is to generally keep their charge states within that optimal range (about 80 to 20 percent) — and use the top and bottom 20 percent charge only when you must. In the long run, it’ll pay off in longer and better battery life and performance.

What’s a good initial battery charge for portables?

J. Fisch asks:

  • “For a new laptop, is there a suggested way to perform its first charge that will ensure battery health?”

Sure! In general, unless the manufacturer’s instructions state otherwise, a lithium-ion device’s first charge should be to 100 percent — and it should be completed before the first power-on.

This might seem contradictory to my advice in the item above, but a device’s first charge is different: an initial full charge lets you see that a new device’s charging system (transformer, cable, electronics, battery, etc.) will work across its entire range. It also lets the device’s charging circuit properly calibrate itself.

After that first charge, the 80/20 percent rule kicks in for maintaining optimum battery life. So whenever you can, stop charging the device when the battery is around 80 percent full. Plug it back in when the battery drops to around 20 percent.

Is an ‘enhanced’ PC warranty worthwhile?

Subscriber G. Burks wonders whether an unusual kind of warranty is a good deal.

  • “Is it worth purchasing an extended warranty for a new PC that also includes malware scans and driver updates?”

No. In fact most extended warranties are not a good investment. (I’ll come back to this in a moment.) Those “extra” PC services you cite really add nothing of value — they’re already available elsewhere for free!

For example, the anti-malware/security suite built into every copy of Windows 10 (Windows Defender et al.) is ranked among the best-available offerings — free or paid. And there are dozens and dozens of other free third-party AV options, as this Google search for free+malware+scanner illustrates.

It’s basically the same story for driver maintenance: top-quality driver support is readily available — and 100 percent free.

I’m not talking about those third-party driver-update sites; they’re notoriously unreliable and often simply go by “highest build number” when recommending drivers. (Newer drivers aren’t always better, especially as equipment ages.)

Rather, every major PC manufacturer and component maker has its own support site offering free tools and/or instructions for helping customers find and install exact-match drivers for specific brands and models.

Why pay extra to duplicate those already-free services?

As for the extended warranties, they’re typically unnecessary and might even overlap coverage you already have (but were perhaps unaware of)!

For example, if you paid for your PC with a bank card (credit or debit), there’s a good chance you automatically received free, extended warranty coverage for your purchase. (This extra coverage is often offered as an inducement to use that card.) The specific benefits vary from card to card and bank to bank, but they typically add one to three more years of repair or replacement coverage after the manufacturer’s warranty ends.

Here’s an example (with no endorsement implied — all the major cards offer similar benefits) from Capital One Visa’s guide to benefits (PDF):

  • “Extended Warranty Protection doubles the time period of the original manufacturer’s written U.S. repair warranty up to one (1) additional year on eligible warranties of three (3) years or less for items purchased entirely with your eligible Visa card. This benefit is limited to no more than the original price of the purchased item (as shown on your Visa card receipt), less shipping and handling fees, up to a maximum of ten thousand dollars ($10,000.00) per claim and fifty thousand dollars ($50,000.00) per cardholder.”

Some homeowner/renter insurance policies also include warranty-extension provisions.

So you probably don’t need to buy an extended warranty at all!

Consumer Reports agrees, stating: “In nearly every case, [extended warranties aren’t] worth the extra money when buying electronics and appliances.” See the related Consumer Reports articles:

Send your questions and topic suggestions to Fred at fred@askwoody.com. Feedback on this article is always welcome in the AskWoody Lounge!

Fred Langa has been writing about tech — and, specifically, about personal computing — for as long as there have been PCs. And he is one of the founding members of the original Windows Secrets newsletter. Check out Langa.com for all Fred’s current projects.


PATCH WATCH

Closing out the patching year …

Susan BradleyBy Susan Bradley

This is a busy time for Windows upgrading.

Win10 1803 officially fell into the bit bucket this past November; Windows 7 and Server 2008 R2 will suffer the same fate this coming January.

Upgrading to a newer version of Windows 10 should be relatively painless. But the shift will be far more difficult and consequential for the mass of PC users still running Win7.

Security is obviously a concern for Win7 users, but Microsoft has stated that Security Essentials updates will also end in January. However, it’s likely that third-party browsers and anti-malware apps will continue to get updates for some unknown period of time. Based on the XP experience, it could be months or years.

Many Win7 users are banking on vendors such as 0Patch to offer future security updates at little or no cost. We’ll have to see whether that pans out. In truth, businesses should be well into their plans for moving to Windows 10 as soon as possible.

Microsoft hopes to wean businesses off the expiring OS by offering security patches through January 2023 — for a modest, but escalating, fee (see “Microsoft wants to sell you security patches for Win7,” Issue 16.38.0, 2019-10-21).

The catch: The updates will available through the company’s Extended Security Updates (ESU) program and must be purchased from a participating Microsoft Cloud Service Provider (CSP; more info).

At this point, purchasing an ESU license isn’t easy. Microsoft recommends searching for a CSP through its online database. But most of those vendors are probably not interested in handling one or a few Win7 ESU purchases. They’re typically geared toward large businesses.

For example, the local CSP I use currently doesn’t offer any licenses. The closest vendors I could find were six hours away. Amy Babinchak and I are looking for the best way for small businesses and individuals to obtain an ESU license. We’ll tell you about the process once we figure it out.

Moreover, since our report in late October, the Win7 ESU offer has already had a few changes. The cost per machine was originally rumored to be U.S. $50 for the first year. (Again, the fee will increase each succeeding year — Microsoft’s carrot-and-stick approach to moving businesses off its obsolete OS.) New information now has an ESU license costing $61 per PC for the first year.

Based on a Microsoft Windows IT Pro Blog post, it appears that the ESU program will be offered only for Pro and Enterprise editions — Win7 Ultimate users might be out of luck. I’ll let you know when Microsoft releases more details.

(For more information on Win7’s end of life, see the MS Windows Support post “ITPro FAQ about the end of support for Windows 7.”)

Also keep this in mind: If you have Office 365 ProPlus installed on a Win7 system, the suite will lose support after January (more info) — even if you’ve purchased a Win7 ESU license.

Coping with an upgrade scold: No surprise: December’s Win7 patches include another Microsoft nag … ah, alert. But it should show up only on consumer systems — not on machines attached to domains. If you’re comfortable working in the Windows registry, you can make the nag disappear with the following registry key (also see this ghacks.net post).

  • Navigate to:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\EOSNotify.
  • Add the key EOSNotify.
  • Select or create the DWORD DiscontinueEOS and set its value data field to 00000001 (see Figure 1).

    Registry change
    Figure 1. The registry change to block Win7-upgrade notifications should look like this.

Microsoft isn’t alone in warning Win7 users. I’m already seeing third-party software vendors adding their own alerts. For example, upon sign-in, a line-of-business application we use in my office now displays a notice of Win7’s EoL — plus how to plan for the day the app will no longer be supported on Win7.

Other business platforms are arriving, or have already arrived, at their demise:

  • Windows Server 2008 and 2008 R2 support ends in January 2020.
  • SQL Server 2008 support ended in July 2019.

SQL, in particular, typically needs an expert to manage upgrading to local or cloud-based Azure versions. You’ll want to contact your line-of-business app vendors to help you through the process.

December’s patch summary

Good news! The Access bug introduced in the November updates is fixed in this month’s Office security releases.

That said, it’s early days (as we say immediately after every Patch Tuesday). Woody is tracking reports of problems with mapping drives, along with servicing-stack issues. There are also reports of a possible reboot-loop problem that might be related to Microsoft’s Malicious Software Removal Tool.

- What to do: Ensure that Windows is set to defer or block December’s updates — and keep an eye on askwoody.com for new developments.

Windows 10

If you’re still on Win10 1803 … bad dog! Not ready for Windows 10 1903 or 1909? Our own PKCano has posted the skinny on how bump up to Version 1809.

Another reminder: Before moving up to a new feature release, make sure you check for any BIOS and driver updates — especially video-card drivers.

Cumulative updates

  • 4530684 for Versions 1903 and 1909
  • 4530715 for Version 1809 and Server 2019
  • 4530717 for Version 1803 (Enterprise and Education editions only)
  • 4530714 for Version 1709 (Enterprise and Education editions only)
  • 4530711 for Version 1703 (Enterprise and Education editions only)
  • 4530689 for Version 1607 (Long-Term Servicing Channels; LTSC) and Server 2016

Win10 .NET Framework updates

Once again, the latest .NET releases do not include any new security patches. And the three “fixes” are rather esoteric. Nevertheless, Microsoft is apparently pushing out the updates to systems not connected to domains (such as home PCs and many small-business machines). On domain-connected systems, the updates will show up in the “Update” category, not in “Security.”

Note that Win10 1809 gets three .NET updates. December’s .NET Framework updates include:

  • 4533002 for Versions 1903 and 1909 (.NET 3.5 and 4.8)
  • 4533001 for Version 1809 and Server 2019 (.NET 3.5 and 4.7.2)
  • 4533013 for Version 1809 and Server 2019 for 4.7.2
  • 4533094 for Version 1809 and Server 2019 (.NET 3.5, 4.7.2, and 4.8)
  • 4533000 for Version 1803 (.Net 4.8; Enterprise and Education editions only)
  • 4532999 for Version 1709 (.NET 4.8; Enterprise and Education editions only)
  • 4532998 for Version 1703 (.NET 4.8; Enterprise and Education editions only)
  • 4532997 for Version 1607 (.NET 4.8; LTSC only) and Server 2016
Windows 8.1/Server 2012 R2

Note that two of the .NET Framework updates for Win8.1 have a fix for an elevation-of-privilege threat.

  • 4530702 – Monthly rollup
  • 4530730 – Security-only
  • 4530677 – Internet Explorer 11 (install with the security-only update)
  • 4514367 – .NET 4.5.2 (includes security fix)
  • 4514371 – .NET Framework 3.5 (re-released September update; includes security fix)
  • 4533004 – .NET Framework 4.8
  • 4533011 – .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2
Windows 7/Server 2008 R2 SP1

You have an extra incentive to defer these updates — a time-to-update nag message. I recommend taking a few moments to put in registry keys that will block the warning.

  • 4531786 – Servicing-stack update
  • 4530734 – Monthly rollup
  • 4530692 – Security-only
  • 4530677 – Internet Explorer 11 (install with the security-only patch)
  • 4507001 – .NET 4.5.2 (three security fixes)
  • 4507004 – .NET 3.5 (three security fixes)
  • 4533005 – .NET Framework 4.8
  • 4533012 – .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2
Server 2012

These updates still have the Cluster Shared Volume flaw.

  • 4532920 – Servicing-stack update
  • 4530691 – Monthly rollup
  • 4530698 – Security-only
  • 4530677 – Internet Explorer 11 (install with the security-only patch)
  • 4514368 – .NET 4.5.2 (elevation-of-privilege fix)
  • 4514370 – .NET 3.5 (elevation-of-privilege fix)
  • 4533003 – .NET Framework 4.8
  • 4533010 – .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2
Windows Server 2008 SP2
  • 4531787 – Servicing-stack update
  • 4530695 – Monthly rollup
  • 4530719 – Security-only
  • 4530677 – Internet Explorer 11 (install with the security-only patch)
  • 4507001 – .NET 4.5.2 (three security fixes)
  • 4507003 – .NET 2.0 and 3.0 (three security fixes)
  • 4533012 – .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2
Office security and non-security updates

December’s security patches include the fix for November’s Access bug. They also fix information-disclosure, remote-code-execution, and denial-of-services vulnerabilities.

Office 2016

Office 2013 SP1

Office 2010 SP2

The following Office non-security enhancements and fixes were released December 3.

Office 2016

  • 4484133 – Skype for Business 2016; stability and performance
  • 4484170 – Project; server-protocol error message
  • 4484172 – Outlook; time-zone settings overriding

Office 2013 and 2010

There are no new non-security updates for Office 2013 and Office 2010.

Refresher: Patch Watch rules for updating

It’s a new month of patching. Once again, here are our current recommendations for patching Windows and Office. They may change as Microsoft evolves its updating process.

  • Monthly security patches ship on the second Tuesday of each month (Patch Tuesday). For all versions of Windows, defer this month’s updates for at least 15 days. (Windows 10 will still wait for 15 days if you click “Check for updates.”)
  • Microsoft sends out preview updates, typically on the third Tuesday of each month. They are completely optional and should be skipped on any system not used exclusively for testing. I list the previews in our Master Patch List spreadsheets so you can look up their KB numbers and see whether they’re available. Again, we strongly recommend you don’t install them on production systems.

    Keep this in mind: On older platforms, it’s clearly stated that the optional updates are previews. But Windows 10 doesn’t make that distinction. You know they are previews only because they’re often released a week or two after Patch Tuesday. Also remember that they don’t necessarily get released on a Tuesday. (Yes, it’s annoying and confusing for WSUS admins.)

  • Remember: Updates can be deferred on Windows 10 Pro and above. If you’re running Win10 Home Version 1903, you can pause patching in seven-day increments; for earlier versions, we recommend upgrading to Win10 Pro.
  • Ensure that Windows 7 is set to download or check for updates, but don’t automatically install them. It’s your best defense against problematic patches.

Stay safe out there.

Questions or comments? Feedback on this article is always welcome in the AskWoody Lounge!

In real life, Susan Bradley is a Microsoft Security MVP and IT wrangler at a California accounting firm, where she manages a fleet of servers, virtual machines, workstations, iPhones, and other digital devices. She also does forensic investigations of computer systems for the firm.


CLOUD SERVICES

When moving to the cloud goes really bad

Amy Babinchak

By Amy Babinchak

Cloud computing is revolutionizing IT for small businesses, but there are still many skeptics.

That surprises me as an IT consultant and provider. A well-implemented cloud environment can provide highly productive computing solutions, detailed security, and a boost to a company’s bottom line.

Unfortunately, cloud services are not immune from botched installations. Recently, I was called in to investigate and repair a shockingly shoddy cloud implementation — easily the worst I’d ever seen.

After recovering from my initial horror, I concluded that nothing had really changed: there are still IT “experts” out there causing more harm than good. In my circles, we refer to these folks as “insultants,” a term coined many years ago to describe the people who created extremely flawed on-premises solutions — back when local IT setups were the only option. I thought those people had faded away with the arrival of the “cloud.” Obviously, I was wrong.

Here’s a cautionary tale of how some “insultants” nearly drove a small business to extinction — and I’m not indulging in hyperbole. More frighteningly, this was probably far from an isolated case.

A call for help

This story is about a small, family-owned construction company that builds apartment complexes. Construction pays the bills, but it’s not the endgame. The family dreams of eventually owning one or more of the complexes, providing a reliable and steady rental income.

But there was a hitch in that long-term plan. The company called us, stating they were interested in changing IT firms. Their computing setup had problems that their current IT firm couldn’t resolve — and those issues were hurting the business.

We met with the family and listened to their dreams and concerns. Surprisingly, what they described didn’t seem so unusual — at first. By coincidence, I already had a client who was nearing the end stage of a similar plan. I was excited to come across a business that was starting down a similar path.

The cloud just wasn’t working

The new clients reeled off the following litany of problems:

  • “After migrating to Gmail, we can’t find all our mail — even though the other firms say it’s there.
  • “We have trouble printing from the cloud.
  • “Accessing QuickBooks requires signing in via remote access.
  • “When everything was moved to the cloud, we thought we’d be able to get rid of our local server. But we can’t because some of our files still live on it.”

When we’ve encountered those types of migration problems, it’s usually been an issue with training and communication. Our first thought was that things weren’t buttoned up as they should have been. But we soon discovered that the problems ran far deeper. It was when we watched them trying to work that the magnitude of the problem really hit us.

  • They were all using Chromeboxes — along with some older PCs.
  • Some files resided in the cloud; others were still located on a local server.
  • Only this year’s email (six months’ worth) had been moved to the cloud .
  • None of their printers was accessible from the Chromeboxes.
  • Nor could they access QuickBooks via the Chromeboxes.
  • Everyone was using Google apps, but the company has extensive and complex Excel workbooks with custom features that Google Sheets doesn’t support.

In short, it was a real mess. To make matters even worse, the previous IT firm had tried to mitigate these limitations by setting up a single virtual PC on the local server — plus Remote Desktop Protocol (RDP) connections to the virtual desktop. The work process of these poor people looked like this:

  • The primary accounting person had to access QuickBooks via an old PC sitting next to their new Chromebox.
  • The company’s project managers and cost estimators (among others) relied extensively on spreadsheets. They had to open those files with Google Sheets running on Chromeboxes — unless they required a specialized feature Sheets does not support. In that case they’d have to open an RDP session to the VirtualBox VPC on the server, browse to the cloud, download the file, open it in Excel, do their work, then upload it back into the cloud when done so it would be accessible once more via Sheets.
  • None of the printers in the office supported cloud printing. So to print a file of any kind, they would save it, open an RDP session to the one office VPC — after checking that no one else in the office was using it — download the file to be printed from the cloud, open it in Office, and then (finally!) print it. That person would then have to remember to sign out of the VPC because someone else was by then probably waiting to print something. (Yikes!)
  • Anyone looking for a file older than six months would have to go to the server, find it in the archives, and then upload it to the cloud.
  • Anyone looking for an email older than six months would need to open Outlook on the server via remote access. (The consultants had attached everyone’s old PST files to Outlook.) If found, the email could only be printed — nothing else.

Imagine trying to navigate through this mess every day if you’re a project manager, cost estimator, bookkeeper, or business owner.

Unwinding the mayhem

It did not take long to get to the root of this company’s miseries: it was the old “If you have a hammer, everything looks like a nail” problem. In this case, the cloud is the hammer and the business is the nail. Essentially, the previous “consultants” tried to fit everything into Chromebooks and online services. Moreover, they appear to have spent little or no effort to understand the company’s workflow and future needs.

They also seem to have ignored — or not grasped — the limitations of the cloud and cloud-based apps. As much as other Office suites want to be Excel, when it comes to highly complex calculations, there’s no Excel but Excel. And requiring RDP for something as basic as printing makes absolutely no sense. The same is true for not having enough cloud storage for all company files and emails.

As I said earlier, this was the worst cloud-solution implementation I’ve ever seen — and I’m a cloud fan! The cost and time needed to solve the mess — at a time when the company was hemorrhaging money due to lost productivity — nearly broke the business.

With that in mind, we set about getting the company office back up to full efficiency as quickly as possible. We migrated them to the correct cloud solutions for their particular needs, had them purchase new hardware, and set up an infrastructure that fit their workflow. (I could give the specifics, but the “solution” for one company will be different for another.)

What’s the lesson from this painful experience? Before hiring an IT firm, ask others in your industry whom they recommend. Use an IT firm with a solid reputation and a long history of successful computing migrations. And make sure you understand the fine points of any cloud solutions before you green-light the changes. It will save you money — and may even save your business.

Questions or comments? Feedback on this article is also always welcome in the AskWoody Lounge!

Amy Babinchak is the owner of three IT-related businesses: Harbor Computer Services, Third Tier, and Sell My MSP. She has been working in the IT field with small and medium businesses for more than 20 years. She’s also a Microsoft MVP and has received numerous leadership awards.


Publisher: AskWoody LLC (woody@askwoody.com); editor: Tracey Capen (editor@askwoody.com).

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody, Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody LLC. All other marks are the trademarks or service marks of their respective owners.

Your email subscription:


Copyright © 2019 AskWoody LLC, All rights reserved.