If you use Windows every day for work, I’ve got a question for you.

What’s the one app you couldn’t live without?

Microsoft’s latest marketing says the answer should be Microsoft Copilot. 

They’re calling it the number one productivity app in Windows 11, ahead of tools like File Explorer, Microsoft To Do and even the trusty Snipping Tool.

That’s quite a statement.

Now, I do understand why they’re saying it. 

There’s a big push around AI PCs at the moment, and Copilot is front and centre of that story. 

It sits on your desktop and promises to help you think, plan and get things done. You can ask it to summarise long emails, turn messy notes into a checklist, draft messages, or help you organise ideas for a project.

And yes, that can be genuinely helpful.

If you’ve ever opened your inbox to find a long, winding email thread, being able to pull out the key points quickly is a relief. 

If you’ve scribbled half-formed ideas into a document, having something help you structure them can save time.

But here’s where I struggle with the “number one” label.

When I look at how most businesses work, the heavy lifting is done by other tools. 

File Explorer is used constantly. It’s how you find client documents, move files, organise folders and keep everything in order. You don’t think about it much, but you rely on it all day.

The same goes for task apps like Microsoft To Do, or simple tools that let you grab screenshots and share information quickly. 

They’re not flashy. They don’t get keynote speeches. But they’re woven into the fabric of your working day.

Copilot feels different. It’s more like an assistant sitting alongside those tools. It helps you process information and draft content, but it doesn’t replace the core systems underneath.

I suspect this ranking says more about Microsoft’s strategy than about real-world usage. They want AI to be seen as the future of productivity, so it makes sense to position Copilot at the top of the list.

From a business owner’s perspective, though, the more useful question isn’t “What does Microsoft say is number one?” It’s “Where do we waste time?”

If your team spends hours writing, summarising or planning, Copilot could make a noticeable difference. 

If the real problem is disorganised files, unclear processes or too many manual steps, then no AI assistant is going to fix that on its own.

AI is becoming part of everyday work, and that’s not a bad thing. Just don’t let the marketing decide what productivity looks like in your business. 

The best tool is still the one that solves your biggest daily headache.

If you want to know which tools could help your business best, I can help. Get in touch.

The post Is this the top productivity app in Windows 11? appeared first on Antar Information Technology.

Let me start with a question: If you needed a strong password, would you ask AI to generate one for you?

It sounds reasonable enough. 

Tools like ChatGPT and Copilot can write reports, draft emails and even create bits of code. Asking them for a 16-character password packed with symbols and numbers feels like a smart shortcut.

But you might want to rethink that. 

Researchers recently tested AI tools by asking them to generate secure passwords. 

On the surface, the results looked great. Long strings of mixed-case letters, numbers and symbols. 

When checked using online password strength meters, they scored highly. Some tools even suggested it would take centuries to crack them.

But when those passwords were analysed properly, a different picture emerged.

AI systems are powered by something called a large language model, or LLM. That means they’re trained to predict what text should come next. They’re brilliant at producing text that looks natural and plausible.

What they are not designed to do is create true randomness.

And strong passwords rely on randomness.

When researchers examined dozens of AI-generated passwords, they found repeating patterns. Some passwords were duplicates. Many followed very similar structures. 

Interestingly, none of them contained repeating characters. 

That might sound like a good thing, but real randomness often includes repetition. The absence of it suggests the password is following learned rules rather than being generated unpredictably.

The researchers measured something called “entropy”, which is a technical way of describing how unpredictable something is. 

AI-generated passwords scored far lower than a genuinely random 16-character password should. 

That means they could be much easier to crack using a brute-force attack, where attackers try huge numbers of combinations very quickly.

Online password checkers don’t catch this because they only look at visible complexity. 

They see symbols and numbers and assume it’s secure. They don’t account for the hidden patterns created by AI.

Even newer models like Gemini 3 Pro have issued warnings when asked to generate passwords, advising people not to rely on chat-generated credentials for sensitive accounts. 

That should tell you something.

If you want properly secure passwords, use a password manager with a built-in generator. 

These use cryptographic randomness, in other words, mathematical processes specifically designed to create unpredictable results.

AI is an excellent productivity tool. But when it comes to security essentials like passwords, it’s the wrong tool for the job.

If you’d like help choosing the right password manager for your business, get in touch. 

The post Don’t trust AI with this security essential appeared first on Antar Information Technology.

Are you still running Windows 10 because “it’s fine for now”?

I hear that a lot. 

And to be fair, if you signed up for Extended Security Updates (ESU) programme, Windows 10 probably does still feel fine. It turns on. It works. It gets security updates. No drama.

But that feeling of safety is temporary.

Windows 10 officially reached the end of standard support back in October 2025. ESU was always meant to be a short-term safety net, not a long-term strategy. 

And that net disappears in October 2026. After that point, Windows 10 stops receiving security updates altogether.

No patches. No fixes. No safety net.

What’s interesting is how many people are still putting this decision off. 

Data shows that millions of PCs are still running Windows 10. Even in regions where support deadlines are well known. 

Now, that data focuses on home users, but in my experience, many businesses are behaving the same way. They’re sticking with Windows 10 because it’s familiar and still technically supported.

And Microsoft hasn’t exactly made that decision feel urgent. 

The same screen that warns you about the end of support also makes it very easy to enrol in ESU. One click, accept the terms, and you can carry on. For a lot of people, that feels like the problem has been solved.

It hasn’t.

ESU only buys you time. Once October 2026 passes, staying on Windows 10 means running an operating system with known vulnerabilities and no protection against newly discovered threats. 

From a business point of view, that’s more than a technical risk. It’s a commercial one. 

Cyber insurance, compliance requirements, and supplier expectations increasingly assume supported software.

At that stage, you’re left with two options: Upgrade to Windows 11, or replace the device entirely.

This is where planning matters. Some older PCs simply won’t support Windows 11. Others will but may need configuration changes or performance checks. 

Leaving this until the last minute often leads to rushed purchases, unhappy staff, and unnecessary costs.

If you’re relying on extended support today, it should be part of a clear exit plan, not a holding pattern.

Because when ESU ends, Windows 10 drops off a cliff.

If you’re unsure whether your current PCs can upgrade or whether you’re heading for a last-minute hardware scramble, now’s a good time to review your options and plan the next step properly.

My team and I can help with that. Get in touch.

The post Relying on Windows 10 extended support? Time to upgrade appeared first on Antar Information Technology.

Have you noticed how many AI projects start with excitement… and then quietly go nowhere?

I’m seeing it a lot. 

A demo here, a pilot there, plenty of internal chatter, but very little that makes it into day-to-day use. 

And it’s not because AI doesn’t work or isn’t valuable.

In fact, a recent report suggests the opposite. 

Around half of AI initiatives are still stuck in proof-of-concept mode, even though most businesses fully expect to increase their AI budgets. 

Belief isn’t the problem. Momentum is.

What’s really holding things up is something far more familiar: Uncertainty.

Many businesses jump into AI with a vague sense that it’s important, but without a clear business problem they want it to solve. 

When that happens, projects drift. Teams experiment, but no one can quite say what success looks like, how it will be measured, or when it’s good enough to roll out properly.

Governance is another big blocker. 

Leaders worry about security, privacy, and compliance (and rightly so). But instead of putting simple guard rails in place, projects get paused while people wait for perfect answers. 

The result is often no progress at all.

There’s also a skills gap. 

AI sounds plug-and-play from the outside, but in practice it still needs people who understand how to manage it, monitor it, and step in when something looks wrong. 

Most organisations aren’t short on ambition; they’re short on confidence.

Interestingly, businesses already know that AI won’t be fully hands-off any time soon. 

Most AI decisions today are still checked by humans, and many leaders expect a long-term balance where people and AI share responsibility rather than one replacing the other. 

That’s a sensible starting point.

So how do you stop AI initiatives stalling?

The businesses making progress tend to do three things well. 

First, they tie AI to a specific, boring business outcome. Saving time in IT operations, improving system monitoring, speeding up reporting. 

Not grand transformation but measurable improvement.

Second, they set clear boundaries. What can AI do on its own? What always needs a human check? 

That clarity reduces fear and speeds up decisions.

And finally, they scale slowly and deliberately. Instead of throwing money at multiple tools and hoping something sticks, they prove value in one area, learn from it, and then expand.

AI doesn’t usually fail because it’s too advanced. It fails because it’s too vague.

If your AI projects feel stuck, the answer is clearer goals, better guard rails, and a willingness to move forward imperfectly, with humans firmly in the loop.

If you’re exploring AI but struggling to move forward, my team and I can help. Get in touch.

The post How to stop AI projects stalling appeared first on Antar Information Technology.

When was the last time you replaced a perfectly usable work computer, simply because it had become slow or unreliable?

For a lot of businesses, that moment is coming sooner than it used to. 

Hardware prices have risen, upgrades cost more, and replacing machines that should have had a few good years left in them is now a painful expense rather than a routine decision.

The good news is that most computers don’t wear out suddenly. They slow down gradually, often because of small, fixable issues rather than failing hardware.

And with Windows 11, there are a few sensible habits that can extend the life of your devices.

One of the biggest drains on performance is software clutter. 

Over time, PCs collect apps that start automatically, run in the background, and use up memory and processing power. 

The computer feels old, but in reality, it’s overloaded. 

Keeping startup apps under control and removing software that’s no longer used helps your PC spend its energy on actual work, not housekeeping.

Updates also matter more than many people realise. 

They’re not only for new features or security warnings. Updates fix bugs that cause crashes, performance issues, and file corruption. 

Left unresolved, those problems can snowball into system failures that make a device feel beyond saving. 

Staying up to date can be the difference between a PC that lasts four years and one that lasts six.

Storage is another hidden pressure point. 

When a drive gets too full, everything slows down: Updates fail, apps struggle, and the system has less room to manage itself properly. 

Regularly clear out unused files and applications. That gives Windows space to breathe and reduces wear on modern solid-state drives (which are expensive to replace).

Security also plays a role in longevity. 

Malware doesn’t just steal data; it consumes resources, increases background activity, and can shorten the life of a system. 

Make sure you have the right security tools in place to keep your business protected. And keep your people up to date on cyber security best practice. 

For laptops, power habits matter too. Constant heat, full charging all the time, and deep battery drain all accelerate battery wear. 

Small changes in how devices are charged and used can delay the point where a laptop becomes desk-bound because the battery no longer holds up.

Finally, backups deserve a mention. 

When something does go wrong, businesses often replace machines in a rush because they’re worried about losing data. 

Reliable backups remove that panic. If data is safe, you can repair or recover a system instead of writing it off early.

None of this is dramatic. There’s no single magic tweak. But taken together, these small habits add up. 

With hardware costs rising, extending the working life of your Windows 11 PCs is a smart financial move, as well as good IT hygiene.

Want to see where a few small changes could save your PCs? Get in touch.

The post Small habits to make your Windows 11 PC last longer appeared first on Antar Information Technology.

If phishing scams are supposed to trick people, why do so many of them still feel clumsy?

For years, the answer was simple: Most scams were mass-produced. 

The same email, the same fake website, sent to thousands of people and hoping a few would fall for it. 

That approach is still around, but it’s starting to evolve.

When generative AI first appeared, there was a lot of talk about “dynamic websites”.

Instead of one fixed site for everyone, pages would be generated on the spot, shaped by who you are, where you are, and what device you’re using. 

That future never really arrived for everyday businesses. It was complex and rarely worth the effort.

Cyber criminals, however, don’t need perfect systems. 

They need something convincing.

Security researchers have shown how this idea could be used for phishing. While it’s still largely experimental, it gives a clear picture of the next generation of scams.

A victim clicks a link and lands on a webpage that looks harmless. There’s no obvious malicious code sitting on the page. 

Once it loads, the page asks a legitimate AI service to help generate content. 

That content is then assembled and run directly in the person’s browser.

The result is a phishing page that’s created especially for that visitor. 

The wording, layout and code can all be different every time. There’s no single fake website for security systems to spot and block, because the scam doesn’t fully exist until someone opens it.

Before you panic, this method isn’t widespread yet. But the building blocks are in use. 

AI is being used to write malicious code, malware is increasingly assembled as it runs, and AI-assisted scams are becoming more common.

For you, this changes the rules slightly. 

Phishing is no longer just about spotting bad spelling or sloppy design. Future scams may look even more polished, personalised and completely legitimate.

That’s why modern protection focuses less on “don’t ever click the wrong thing” and more on limiting the damage if someone does. 

Tools like multi-factor authentication, secure browsers and email filtering still work, even when a fake page looks convincing.

Remember this: Phishing isn’t going away. It’s getting smarter. 

To stay protected now you must assume the next scam will look professional and make sure your defences don’t rely on people spotting obvious mistakes.

Want to check how exposed your business is? Get in touch.

The post Beware the next generation of phishing attacks appeared first on Antar Information Technology.

Let me ask you a slightly uncomfortable question.

Do you know which AI tools your team is using at work… and what they’re putting into them?

Most business owners I speak to think they do. And then we dig a little deeper.

Generative AI tools like ChatGPT and Gemini have slipped into everyday work incredibly fast. They’re great for productivity. Drafting emails. Summarising documents. Brainstorming ideas. Solving problems faster.

The trouble is, they’ve arrived so quickly that governance hasn’t kept up.

A recent report looked at how businesses are using GenAI, and the findings are eye-opening. 

AI usage in organisations has surged. The number of users tripled in just a year. 

People aren’t just trying it out either. They’re relying on it. Prompt usage has exploded, with some organisations sending tens of thousands of prompts every month.

At the very top end, usage runs into the millions.

On the surface, that sounds like efficiency. 

Underneath, it’s something else entirely.

Nearly half of people using AI tools at work are doing so through personal accounts or unsanctioned apps. 

This is called “shadow AI”. It means staff are uploading text, files, and data into systems the business doesn’t control, can’t see, and can’t audit.

That’s where the risk creeps in.

When someone pastes information into an AI tool, they’re not only asking a question. They’re sharing data. 

Sometimes that data includes customer details, internal documents, pricing information, intellectual property, or even login credentials. Often without you realising it.

According to the report, incidents involving sensitive data being sent to AI tools have doubled in the last year. The average organisation now sees hundreds of these incidents every single month.

And because personal AI apps sit outside company controls, they’ve become a significant insider risk. Not malicious insiders, necessarily. Well-meaning people trying to get their job done faster.

This is where many businesses get caught out. They assume AI risk looks like hacking from the outside. 

It can look like an employee copying and pasting the wrong thing into the wrong box, at the wrong time.

There’s also a compliance angle here. 

If you operate in a regulated environment, or handle sensitive customer data, uncontrolled AI use can put you in breach of your own policies, or someone else’s regulations, without anyone noticing until it’s too late.

The warning is blunt: As sensitive information flows freely into unapproved AI ecosystems, data governance becomes harder and harder to maintain. 

At the same time, attackers are getting smarter, using AI themselves to analyse leaked data and tailor more convincing attacks.

So what’s the answer?

It’s not banning AI. That ship has sailed. And it’s not pretending it’s harmless either.

The real answer is governance.

That means deciding which AI tools are approved for work use. Being clear about what can and cannot be shared with them. Putting visibility and controls in place so data doesn’t quietly drift where it shouldn’t. And making sure your team understands the risks, not in a scary way, but in a practical, grown-up one.

AI is already part of how work gets done. Ignoring it doesn’t make it safer. Governing it does.

We can help you put the right policies in place and educate your team on the risks of AI. Get in touch.

The post It’s time to govern your team’s AI use appeared first on Antar Information Technology.

When you open a browser on your phone, what do you think it knows about you?

The websites you visit? Maybe your location? Possibly what you’ve searched for?

The reality is, for many popular mobile browsers, it’s a lot more than that.

A recent analysis looked at how popular mobile browsers handle user data, based on the privacy information they publish in app stores. 

And what it found should make you pause for thought.

If you’re using Google Chrome or Microsoft Edge on your phone or tablet, you’re using two of the most data-hungry browsers around. 

That doesn’t mean they’re unsafe, or that you need to abandon them tomorrow. 

But it does mean you should be paying attention to what they collect, and how you protect yourself.

According to the research, these browsers gather a surprisingly wide range of information. Not just browsing history, but things like location data, payment details, saved files, and even media such as photos or audio in some cases. 

The stated reason is usually sensible enough: Making the app work properly, syncing accounts, preventing fraud, or personalising the experience.

And to be fair, some data collection is unavoidable. A browser can’t function at all without knowing something about what it’s doing.

The concern is how much data is collected, how long it sticks around, and who it may be shared with. 

Some browsers confirm that parts of this information can be passed on to third parties. In the best case, that means advertising profiles and targeted offers. In the worst case, it means valuable identifiers floating around that could be exposed in a breach.

This matters more than many people realise, because browsing history tells a story. 

Over time, it can reveal business interests, financial activity, health concerns, legal worries, and personal habits. It’s not just “websites you like”. It’s a digital trail of who you are and what you’re dealing with.

What surprised researchers most was how few people really think about this anymore. Only a small minority still describe themselves as privacy conscious. Most of us just tap “accept”, install the app, and move on with our day.

That’s understandable. You’re busy running a business. But the risk isn’t theoretical.

When companies are breached, customer identification data is often what leaks first.

Browser data and identifiers are increasingly valuable targets because they help attackers link activity back to real people and real organisations.

So what should you do?

You don’t need to ditch your browser of choice. Chrome and Edge are popular for good reasons, especially in business environments. 

The key is reducing how much unnecessary data you give away and adding a few sensible layers of protection.

Start by checking your browser’s app permissions on your phone. 

Does it really need access to location all the time? Does it need access to files, photos, or media when you’re just browsing? Most people are surprised by how much they’ve allowed without realising.

And be mindful of how you log into websites. 

Using a proper password manager means your browser doesn’t need to remember everything for you, and it reduces the damage if one account is ever compromised. This also makes it far easier to use strong, unique passwords without having to remember them.

None of this requires changing how you work day to day. You still open the same browser. You still visit the same sites. You’re just being more deliberate about what information leaks out in the background.

Your browser is one of the most used tools in your business. It’s also one of the most overlooked when it comes to privacy.

If we can help you keep your data better protected, get in touch.

The post Don’t forget to protect your browsing privacy appeared first on Antar Information Technology.

Here’s a question I suspect most business owners haven’t thought about yet.

If one of your team buys something inside an AI chat window… is that okay with you?

Because that’s exactly where things are heading.

You’re probably already familiar with tools like Microsoft Copilot and ChatGPT helping people write emails, summarise documents, or answer questions. 

The next step is much more practical. And potentially much more sensitive.

Buying stuff.

Last year, ChatGPT quietly introduced a feature called Instant Checkout. In simple terms, if you ask a shopping-related question, you can be shown products and complete the purchase without ever leaving the chat.

Now Microsoft is rolling out something very similar: Copilot Checkout.

If someone asks Copilot for recommendations, say software, equipment, subscriptions, or services, Copilot can show relevant products. 

If the seller supports Copilot Checkout, the user can click “Buy”, confirm delivery and payment details, and complete the purchase right there inside Copilot.

No jumping to a website. No checkout page in a browser. No familiar “are you sure?” pause.

From Microsoft’s point of view, this is powerful. 

Its data suggests people are far more likely to complete purchases when Copilot is involved, and they do it faster too. 

That’s why this feature won’t just live in one place. It’s expected to appear across Copilot, Bing, Edge, MSN, and more.

For consumers, this feels convenient.

But for businesses, it raises a different set of questions.

The first one is simple: Do you want your team buying things this way?

In many businesses, purchasing is deliberately slow. There are approval steps. Budgets. Supplier lists. Controls. Someone checks what’s being bought, why, and by whom.

Copilot Checkout has the potential to quietly bypass some of that, especially if it’s used casually or without guidance.

Then there’s the data side.

To make checkout work, payment details, shipping information, and account data need to be involved. 

Copilot Checkout launches with platforms like PayPal, Stripe, and Shopify. These are reputable systems, but the question isn’t whether they’re trustworthy. It’s whether your policies account for this new way of buying.

If an employee is signed into Copilot with a work account, whose payment method is being used? 

What information is Copilot allowed to see or reuse?


Are purchases logged somewhere central, or do they disappear into the noise?

And then there’s behaviour.

When buying becomes frictionless, people buy more. Microsoft openly says journeys involving Copilot are far more likely to end in a purchase. That’s great for sellers, but it can quietly inflate costs if nobody’s watching.

None of this means Copilot Checkout is “bad”. But it does mean it’s something you should decide on deliberately, rather than discovering it accidentally after the fact.

If you do want your team to use it, there are a few sensible considerations:

• Clear rules around who can buy
• What they can buy
• Which accounts or payment methods are allowed 
• Visibility into purchases made through AI tools
• Guidance for staff so they understand that convenience doesn’t remove responsibility

If you don’t want it used, that decision also needs to be clear. Because if it’s not written down, explained, and enforced, people will assume it’s fine.

This is a recurring theme with AI features.

They don’t arrive with a big announcement saying, “You should update your policies now.”
They just… appear.

The real question isn’t whether your team can use it. It’s whether you’ve decided if they should.

My team and I can help you decide what’s best for your business. Get in touch.

The post Do you really want your team to use this? appeared first on Antar Information Technology.

What would happen if someone got hold of one of your employees’ passwords from years ago?

Not a password they’re using today.

Not one they even remember.

Just an old one that never got changed.

Because that’s exactly how a recent, large-scale data-theft campaign worked.

A recent investigation by a cyber security firm uncovered a new hacking campaign. Sensitive business data from dozens of organisations around the world was quietly collected and later put up for sale on the dark web.

Different industries. Different countries. Different sizes of business.

But one thing kept coming up again and again.

Every affected organisation had allowed staff to log into important cloud systems using nothing more than a username and password. No second step. No extra check. Just type your password and you’re in.

This is where MFA comes in.

Multi-factor authentication simply means using more than one piece of evidence to prove it’s really you. Usually that’s your password plus something else, like a code on your phone, a notification you approve, or a fingerprint. 

So even if someone steals your password, they still can’t get in.

In these cases, MFA wasn’t enforced.

So how did the attackers get hold of the passwords in the first place?

They relied on something called infostealing malware. That’s a type of malicious software that can end up on a computer without the person using it realising. 

Once it’s there, it quietly collects saved passwords, login details, and other sensitive information, and sends it back to criminals.

This doesn’t only happen on office computers. It can happen on home devices, personal laptops, or any machine that’s ever been used to log into work systems.

When those details are stolen, they don’t always get used straight away. And this is the part that really matters.

Some of the passwords used in this campaign were years old.

That tells us two important things:

• Passwords weren’t being changed often enough
• Old logins were still being trusted long after they should have been invalidated

In other words, a device infected a long time ago could suddenly become a serious problem today.

This has been described as a “latency” issue. The threat sits quietly in the background, waiting. An old mistake doesn’t disappear just because time has passed.

The attackers would have been stopped if MFA had been switched on.

They had the passwords. But they didn’t have the second factor. No phone. No app. No approval tap. That one extra step would have turned a successful break-in into a dead end.

This is why security professionals (like me) keep saying the same thing, repeatedly: Passwords on their own are no longer enough.

I know one of the most common reactions to MFA is, “But it’s annoying”. And yes, it does add an extra moment to the login process. 

But compare that to what happens when a password nobody remembers is still valid years later. When confidential files can be copied, sold, or quietly taken without anyone noticing until it’s too late.

MFA turns a stolen password into a useless piece of information. And that’s why enforcing MFA isn’t overkill anymore, it’s sensible.

If there’s one lesson here, it’s a simple one: Old passwords don’t expire on their own. One extra lock on the door makes all the difference.

Need help getting set up? Get in touch.

The post Another good reason to enforce MFA appeared first on Antar Information Technology.