What a Free IT Health Check Actually Looks Like

A free IT Health Check sounds vague. Free sets off most business owners' "what's the catch?" alarms, and health check could mean anything from a 30-second glance to a half-day audit. So before you decide whether it's worth your 45-60 minutes, here's the actual scope — the 12 things we look at, in the order we look at them, and the kind of recommendation each one produces.

First, two ground rules. It's free with no obligation — you don't have to sign up for anything afterwards. And it's a conversation, not a slide deck — in person if you're near Setapak, online otherwise. By the end you have a list of "definitely worth fixing," "fine for now," and "ignore — your money is better spent elsewhere."

1. Your current setup in one sentence

Five minutes of asking what you've got: how many people, how many computers, what software the business actually runs on, where files live, where customer data lives, whether anything is on-prem. We're building a mental model — not running a scan. Most owners can answer this in 30 seconds; the surprise is usually realising they don't quite know, which itself is useful information.

2. Your network gear (the box from your ISP)

What router are you using? Is it the consumer model TM Unifi or Maxis Home Fibre shipped, or have you upgraded? How many devices are connected, and is your guest WiFi properly separated from your business WiFi? Healthy signal: business-grade router (TP-Link Omada, UniFi, Mikrotik), separate guest network, fewer than ~80% of router's rated capacity in active devices. Common flag: consumer router doing too many jobs, guest WiFi sharing the same network as your POS.

3. Backup — actual, not sync

Are you backed up, or are you syncing? They feel the same until they don't. We ask three questions: (a) if you accidentally deleted your master sales spreadsheet right now, could you recover it from a state before the deletion? (b) if your laptop was stolen tonight, what would you lose? (c) if ransomware encrypted everything on every machine, what's untouchable? Healthy signal: a 3-2-1 strategy — three copies, two media types, one off-site. Common flag: "Google Drive is our backup" with no actual snapshot history.

4. Password hygiene + access management

How many shared accounts are in active use? Is there one Windows admin password every employee knows? Does your accounting software have proper per-user logins, or is everyone signing in as "admin"? Is two-factor authentication enabled on your main email account? Healthy signal: per-employee accounts, password manager in use, 2FA on email + accounting + cloud. Common flag: the password is on a sticky note and three former employees still know it.

5. Software + licensing state

What versions of Windows, Office, accounting software are you running? Are licences current? Anything bought once five years ago and never updated? This is where we often find the biggest immediate risks — a Windows 7 machine still on the network, or accounting software two major versions behind. Healthy signal: all machines on Windows 10/11, Office subscription current, accounting on a supported version. Common flag: one or two "we just leave it alone, it still works" machines running unsupported OS.

6. Server (if you have one)

If you have a physical server, we look at its age, current load, what it actually hosts, when it was last patched, and whether it's appropriately sized. About half the small servers we see are either grossly over-spec'd (RM 30,000 machine running at 5% CPU) or stretched past their useful life. Healthy signal: right-sized, patched, monitored, RAID configured properly. Common flag: "we're not sure when it was last rebooted" or "the IT guy who set it up left two years ago."

7. Security baseline

Defender (or whatever endpoint protection) — is it actually scanning, or has it been nagging for renewal for six months? Are admin accounts separated from daily-use accounts? Is the firewall actually configured, or is the router still on its default settings? Healthy signal: Defender or a real EDR product, separate admin accounts, firewall rules reviewed. Common flag: three different antivirus products installed and fighting each other.

8. Business email setup

Are you on Google Workspace, Microsoft 365, your hosting provider's email, or a free Gmail that everyone shares? Are SPF/DKIM/DMARC configured so your emails don't land in spam? Are aliases used appropriately? Healthy signal: proper paid email service, per-employee accounts, basic auth setup correct. Common flag: your business email is going to spam because your domain has no DKIM record — easy fix, huge impact.

9. Your website (if it generates leads)

Quick look at the public site — speed (you can test yourself at PageSpeed Insights), basic SEO (is it actually indexed by Google? does it have a sitemap?), mobile-friendliness, and whether visitors can actually contact you. We're not rebuilding your site — we're flagging whether it's currently doing its job. Healthy signal: loads in < 3 seconds, mobile-responsive, indexed, clear contact path. Common flag: 12- second mobile load time + a contact form nobody monitors.

10. Manual processes worth automating

What do you do every week that's repetitive, paper-based, or living only in someone's head? Quotations done by hand? Inventory tracked on a whiteboard? Customer enquiries answered manually one by one? We're not selling you a custom system — we're flagging the 1-2 things that are clearly costing you hours/week and have cheap fixes. Common flag: someone spends 4 hours a week typing out quotations that could be templated in 20 minutes.

11. Cloud vs on-premises fit

We look at where things currently live versus where they SHOULD live in 2026. Are you running on-prem because you need to, or because nobody ever moved you off it? Is your accounting software running on a desktop tower that you'd gladly retire if you could? Cloud isn't always cheaper, but it's almost always more available + less of a maintenance burden. Common recommendation: move file storage to cloud, keep the POS terminal local, replace the office server with a cheap NAS.

12. The "biggest risk in one line"

At the end, we summarise everything into one statement — the single biggest risk to your business right now. Not a list of 30 things. Just one, because that's the one you'll actually fix. For most small businesses in Malaysia, this is one of: "your backup isn't actually a backup," "the same password opens everything," or "the box doing six jobs in the corner is going to die this year."

What you walk away with

By the end of the conversation — typically 45-60 minutes — you have:

• A one-line summary of the biggest risk and the simplest fix.
• A short list of "definitely worth doing" — usually 3-5 things, with rough cost estimates.
• An honest "fine for now" list — things you don't need to spend on.
• One or two "ignore — your money is better spent elsewhere" items, which is often the most valuable bit of advice you'll get all year.

We don't send a glossy PDF afterwards (that's where consultants pad invoices). You get the advice during the conversation, in plain language, and you decide what to do with it.

Why is it free?

Three honest reasons:

1. It's the best way to meet potential clients. We've found that the businesses who say yes to a free Health Check are exactly the type of clients we want — curious, decisive, willing to act on good advice. The time we spend is genuinely useful marketing.
2. Most businesses don't need a full-time IT person. They need someone honest to look once, tell them what's important, and be reachable when things break. The Health Check is the way we demonstrate that without you having to sign anything.
3. The good outcomes happen even when you don't hire us. If you implement the advice yourself — great. We've added value to a KL small business, and you'll remember us when something bigger comes up. That's a long game we're happy to play.

We're not running a high-pressure pipeline. If we look at your setup and the honest answer is "you're fine, don't spend money," that's what we'll say. The wasted-hour scenario for us is a one-time cost. The wasted-credibility scenario is much worse.

When this isn't a fit

Worth being upfront. The Health Check is shaped for:

• Small businesses in KL or Selangor
• Roughly 2-30 people
• With some existing IT setup (computers, network, maybe a server)
• Whose owner can spare 45-60 minutes for a real conversation

It's not a fit if you're:

• A pure-online business with no on-prem at all (we'd be guessing about everything)
• Looking for a free IT support visit (we can do troubleshooting, but that's a different conversation — see our services page)
• A non-business asking for help with personal IT (we don't do home consults)
• Outside Malaysia (we'd happily chat but our recommendations would be too local)

Ready to book?

Two clicks — pick a time on our calendar (or message us on WhatsApp if you'd rather chat first):

Book the free IT Health Check See our services first

---

Reading this one and curious whether your chatbot is part of "what we look at"? Yes — if your website has an AI assistant or click-to-chat WhatsApp setup, we'll look at how it's configured and where it's leaking leads. Many KL businesses are running ones that don't ask for a phone number at all. (We make one called ObieChat; we also know the others.)