Skip to content
ObieOnline

Field notes · 9 min read

7 IT Mistakes Small Businesses in KL Make (and the Cheap Fixes)

Two decades of telco + software work distilled into the seven traps I see most often in Kuala Lumpur and Selangor small businesses — and the simplest, cheapest way to fix each one. Most cost less than RM 200 to resolve. A couple cost nothing but an afternoon.

Published · by Obie

Most of the IT problems I get called about in KL aren't exotic. They're the same seven mistakes over and over, committed by reasonable people who were never told a better way. None of them are stupid in isolation. They become expensive only when something goes wrong — and the day something goes wrong, you find out which one you were making.

Here are the seven, in roughly the order they bite. For each one: what it actually looks like, the real-world story behind it, what to do about it cheaply, and when it's worth calling someone (us or anyone competent).

1. Using a consumer WiFi router for a business

The router your TM Unifi or Maxis Home Fibre plan ships with is built for a family of four watching Netflix. Plug 20 employees, an office printer, a CCTV system, and a POS terminal into it and you're asking it to do six different jobs poorly. Symptoms: WiFi that drops mid-Zoom, payment terminals that "freeze" once a week, video calls that stutter only on certain devices.

The cheap fix: a business-grade router runs RM 600-1,500 (TP-Link Omada, Ubiquiti UniFi, Mikrotik for the technical) and pays for itself in 1-2 incidents avoided. Importantly, separate your business WiFi from your guest WiFi at the network level — don't just give visitors the same password. Most of the "weird intermittent" issues we see are guest devices hammering business bandwidth.

When to call: if you have a POS, CCTV, VoIP phones, or more than ~10 connected devices. Network setup is one of the four services we focus on precisely because this one mistake creates so many false-positive "the WiFi is broken" calls.

2. Calling Google Drive (or OneDrive) a "backup"

Sync ≠ backup. They feel the same right up to the moment they don't. If you accidentally delete the master spreadsheet on your laptop, Google Drive obediently deletes it from the cloud too. If ransomware encrypts your files locally, it syncs the encrypted versions up to the cloud and overwrites the good ones. Sync mirrors your bad day perfectly.

What backup actually means: a separate copy that lives somewhere your daily work can't touch, kept for long enough that you can roll back to a point BEFORE the problem happened. The industry shorthand is "3-2-1": three copies, on two different media, with one off-site.

The cheap fix: for a small office, the practical answer is a simple combination — sync for convenience (the Google Drive / OneDrive you already have), PLUS one of these for actual backup:

  • A NAS like Synology DS220+ (≈ RM 1,200 incl. 2× 4TB drives) doing automated nightly snapshots, AND
  • A cloud backup service like Backblaze B2 or Wasabi (≈ RM 25/month per TB) so if the office burns down, you still have a copy.

Total: about RM 1,500 once + RM 30-50/month. That's the equivalent of about half a year of business interruption insurance, and dramatically more useful in practice.

3. Buying a server without sizing it (or buying one at all)

Either too small — "the accounting program is so slow!" — because someone repurposed an old desktop. Or too big — a RM 30,000 Dell tower running at 4% CPU because someone sold you a "future-proof" configuration. Both are common, both are expensive, both are avoidable.

The cheap fix: in 2026, most small businesses don't need a physical server at all. SQL Database, file storage, email, even accounting — all of it runs cheaper on a cloud-hosted machine you rent for RM 80-200/month. You scale up when you need to and don't pay for capacity you're not using.

If you genuinely need on-premises (industries with data residency rules, or buildings with terrible internet), buy based on what you'll use in 18-24 months, not 5 years. CPU and RAM you bought 5 years ago is half-obsolete today anyway.

When to call: before you buy anything more than RM 5,000. Right-sizing servers + cloud infrastructure is one of the most expensive places to be wrong, and a 30- minute conversation usually saves clients five-figure sums.

4. Letting Windows update on Friday afternoon

Windows wants to update every few weeks. Left to its own decisions, it'll often install on a Friday at 5 PM, reboot the machine an hour later, and present Monday-morning Adi with a frozen blue screen because some driver didn't survive the upgrade. We've ruined a lot of weekends rescuing Monday-morning offices.

The cheap fix (free): Windows Group Policy → Configure Automatic Updates → "Schedule the install time" → set to a Tuesday or Wednesday morning. If the update breaks something, you find out on a working day with a technician available, not on Sunday night.

For organisations with more than 5 machines, a centralised update server (WSUS or a managed equivalent) lets you test updates on one machine before rolling out to the rest. That's a 1-day setup that saves dozens of incidents per year.

5. The one password everyone knows

Most KL small offices have one Windows admin password shared across every machine. Some have one email password. Some have one master password that ALSO opens the office gate. When someone leaves the business — and someone always leaves — they take that password with them.

The cheap fix: three changes in roughly increasing order of effort.

  1. Stop using shared accounts. Each employee gets their own Windows user. Free. Takes 10 minutes per machine.
  2. Use a password manager. Bitwarden free tier covers everything most teams need. The owner stops rummaging for password sticky notes.
  3. Enable two-factor authentication on email, accounting, and any cloud service that has it. The single biggest security improvement most small businesses can make, and the only barrier is "we never got around to it."

Cost: RM 0 if you use the free tools, ~RM 15/month per user for premium Bitwarden if you want family/team sharing.

6. Free antivirus on Windows 7 (or other security theatre)

Running outdated Windows because "we have antivirus" is the small-business equivalent of locking the front door but leaving the windows open. Antivirus catches known threats. Old Windows is a known threat — Microsoft published the list of unpatched vulnerabilities for every attacker to download. The antivirus you bought doesn't fix the operating system underneath it.

Likewise: free antivirus that nags you weekly to upgrade usually means it's not actually scanning anything important.

The cheap fix: if you're on Windows 10 or 11, the built-in Microsoft Defender is genuinely good and already on. Don't install a second one. Make sure Windows Updates are current (see #4). If you're still on Windows 7 or 8, you're past the cheap-fix stage — that machine needs retiring or its OS rebuilt. Plan for it.

For more sophisticated needs (file servers, mail servers, accountancy firms with PDPA obligations), endpoint detection and response — Microsoft Defender for Business, Bitdefender GravityZone, etc. — costs RM 100-300/user/year and is the right move.

7. Doing IT yourself

The most expensive mistake on this list, and the hardest one to admit to. If you're the founder, you used to do everything yourself because nobody else would. That worked when the business was three people and one printer.

The thing nobody told you: IT problems compound. That hour you spent fixing Adi's laptop on Tuesday is an hour you didn't spend selling, or planning, or training someone. The Friday-afternoon Windows update wasn't free — it cost you a weekend. The "I'll just check the server myself" turned into a four-hour rabbit hole that should have been a 15-minute phone call to someone who'd seen the same issue last week.

The cheap fix: stop thinking about IT as a cost. Calculate the hourly value of your time, multiply by the hours you spent on IT last month, and compare that to RM 600/month for 5 hours of someone who already knows the answers (RM 480 if you're one of our first 10 founding clients). The math usually surprises owners.

Even if you don't outsource to us, outsource to someone. The first sign of a healthy small business is that the founder no longer rebuilds laptops.

If you only do three things this week

  1. Set up a real backup. Not Google Drive sync. A separate copy somewhere your daily work can't touch. (#2 above.)
  2. Enable two-factor authentication on email and the one most important cloud service you use. Free, 15 minutes, biggest security win available. (#5 above.)
  3. Schedule Windows updates for Tuesday morning. Group Policy → 10 minutes per machine. Saves at least one weekend per year. (#4 above.)

Want a second pair of eyes? Free IT Health Check.

We do a free IT Health Check for KL and Selangor small businesses — a 45-60 minute, no-jargon conversation (in person or online) where we look at the seven things above (and a few more), tell you which actually apply to you, and give you honest advice on what to fix yourself versus what's worth outsourcing.

No obligation, no upsell pressure. The worst outcome is you get a few hours of free advice. The best is you avoid the next expensive surprise.

Book a free IT Health Check See our services

About the author: Obie has 17 years across telco and software development. He runs ObieOnline, an outsourced IT consultancy serving small businesses in Kuala Lumpur and Selangor. More about Obie →