blog

M is for Mum: What a Catalytic Converter Theft Can Teach Us About Cybersecurity

peter.green@aztek-native.com (Peter Green) — Mon, 20 Apr 2026 08:00:00 GMT

What do catalytic converter thieves and cyber criminals have in common? They both bank on nobody watching.

Last week, two enterprising young men pulled up across the road from my house, took a long look at my Prius, and decided today was the day they were going to relieve me of my catalytic converter.

They had the gear: hydraulic lift, cutting tools, the lot. They had the target. What they didn't have (and what they really should have checked for) was my 73-year-old mum, who happened to be over for the day.

She spotted the car bouncing as they jacked it up, marched straight outside to confront them, and the two upstanding gents made a hasty exit. They'd managed to cut through the ties holding the heat shield in place before she intervened, but a quick and relatively cheap visit to my mechanic sorted that out; the converter itself is still attached, which was a massive relief!

I've been turning the incident over in my head since, and (amongst other choice expletives!) I keep landing on the same thought: this is exactly why I keep telling small business owners about MDR.

Stay with me here

I have a Nest doorbell; it's a good bit of kit. It picked up the entire incident in glorious high definition; the car pulling up, the gear coming out, the jack going under the Prius. If things had gone differently, I'd have had a lovely recording of my own catalytic converter being removed.

That's the thing about cameras, alarms, and most of the security tech that small businesses have in place: they genuinely do stop a lot of threats. Antivirus catches known malware, email filtering blocks obvious phishing, firewalls keep out traffic that shouldn't be there. These tools earn their keep every day, quietly, without you ever knowing.

The problem is that the smarter threat actors know this, and they've adapted. Rather than trying to sneak malware past your antivirus, they'll send a convincing email that persuades someone on your team to willingly install a legitimate remote access tool. That's not the sort of thing your antivirus is designed to catch, because on the surface it looks like normal activity.

This is where EDR (Endpoint Detection and Response) software comes in; good EDR will block known threats automatically, which is a significant step up from traditional antivirus. But for the more subtle intrusions, the ones that don't match a known pattern, you need that managed layer to investigate what's actually going on and remediate it before the damage spreads.

For that, you need someone to actually be there, watching, ready to act.

In my case, that someone was my mum.

So what's MDR?

MDR stands for Managed Detection and Response. The industry loves an acronym, and this one gets thrown around a lot, usually accompanied by some fairly apocalyptic marketing. Let me strip it back.

Detection is the doorbell camera. Something is sensing what's happening on your computers, your network, your email, and flagging when something looks off.
Response is what happens next: someone (or something) actually does something about it.
Managed is the bit that matters most, and it's the bit that's easiest to overlook. It means there's a team of people, available around the clock, whose job is to watch the alerts, make sense of them, and act on the ones that matter.

Plenty of small businesses have detection of some sort. Antivirus software detects things. Firewalls detect things. Microsoft Defender detects things. The alerts go somewhere (usually an inbox no-one reads, or a dashboard no-one logs into).

That's the equivalent of having a doorbell camera while you're at work. The footage exists. It just doesn't help you in the moment.

M is for Mum

The "M" in MDR is doing the heavy lifting. It's what turns "we'll know about it eventually" into "we stopped it before it became a problem."

In the catalytic converter incident, my mum was the managed bit. She was on-site, she was paying attention, and crucially, she was willing to walk out the front door and make the situation someone else's problem. The thieves didn't stick around to argue.

For a business, the equivalent looks like this: one of your team is working late, gets a convincing-looking email, clicks a link they really shouldn't have, and something nasty starts quietly installing itself on their laptop. Within minutes, someone notices the unusual behaviour, isolates that laptop from the rest of the network, kills the process, and lets you know in the morning. You wake up to an email explaining what happened and what's been done about it; not a ransom note, not a frantic call from a member of staff who can't access their files.

The laptop might still need re-imaging (in the same way my heat shield needed re-attaching; a quick, contained fix), but the damage stops there. It doesn't spread to the file server, it doesn't encrypt your shared drives, it doesn't become a company-wide incident. That containment is the whole game. A small, contained problem on a Tuesday morning is an inconvenience; an un-contained one is the sort of thing that ends small businesses.

Without the "M," you've got a recording of the break-in. With it, you've got someone at the door.

What this means for you

If you run a small business, you almost certainly have some security in place. Microsoft Defender comes with Business Premium. Your laptops probably have antivirus. Your router has a firewall. These things are not nothing. They are, broadly, the doorbell camera.

The honest question to ask is: when someone catches up on emails over the weekend and clicks something they shouldn't, who's going to notice?

If the answer is "no-one until Monday morning," that's worth knowing. It might be an acceptable risk for your business; plenty of small operations run that way and never have a problem. But it should be a decision you've made deliberately, not an assumption you've drifted into.

For some businesses, the answer is that an MDR service makes sense. For others, it doesn't, and there are plenty of cheaper steps that help keep your business secure. Either way, the conversation is worth having before something happens, rather than after.

"... when someone catches up on emails over the weekend and clicks something they shouldn't, who's going to notice?"

A final thought

I'm well aware that "hire my mum" is not a scalable cybersecurity strategy. She has hobbies. She doesn't want to monitor your endpoints.

But the principle holds: detection without response is just an expensive way to find out what went wrong. If you'd like to talk through what your current setup actually does (and doesn't) when something goes sideways at an inconvenient hour, get in touch. I promise not to be apocalyptic about it.

Peter is the founder of Aztek Native, helping small businesses navigate technology with a bit less stress and a bit more sense. His mum is not available for hire.

Microsoft told it to save energy. It nearly cost a new laptop instead.

Aztek Native — Mon, 16 Mar 2026 14:56:32 GMT

A laptop started misbehaving a couple of months ago. Not dramatically; no smoke, no obvious error messages... Just slow. Frustratingly, inexplicably slow.

Switching between applications took two to five seconds. PowerPoint would freeze mid-edit. A Windows Defender scan started, ran for a while, and then just stopped. The machine was showing 90% CPU usage in Task Manager, while simultaneously running at 0.40 GHz. For context, the machine should be capable of 2.80 GHz at base, and considerably more under boost.

The device in question is a Lenovo ThinkPad T15 Gen 2 laptop. It's solid business hardware, however it's approaching its fifth birthday and the extended warranty expiry was on the horizon. The symptoms were exactly what you'd expect from a machine nearing the end of it's life. Except that this machine had been looked after by it's owner; something wasn't right.

The Investigation

A few things stood out early that pointed away from hardware failure. Temperatures were fine: CPU cores peaked at 64°C, well within limits, so no thermal throttling. RAM wasn't exhausted and disk I/O was minimal. The standard signs of a machine genuinely struggling weren't there.

The breakthrough came from HWInfo, a hardware monitoring tool that surfaces metrics Windows doesn't show you by default. It revealed the CPU package was being limited to 5 watts, for the entire processor including the integrated GPU, cache, and memory controller! The static firmware limit for this CPU is 64 watts. Something had overridden it at runtime, enforcing a ceiling so low the processor had nowhere to go but its minimum clock speed.

The Cause: Microsoft's Energy Recommendations

At some point during a Windows 11 update cycle, Microsoft had presented its Energy Recommendations feature; a clean, approachable interface that suggests power settings changes in the name of sustainability. And the owner had applied all of them.

That included setting Energy Saver to always on, and Power Mode to Best power efficiency for both plugged-in and battery profiles. The result was a machine that Windows reported as perfectly healthy, running at approximately one-thirteenth of its intended sustained CPU performance.

The fix took about two minutes: disabling the always-on Energy Saver in preference for it to kick in when the battery falls below 30% remaining capacity and Power Mode back to Best performance (while plugged in) and Balanced (while on battery). Dynamic power limits immediately recovered to 35 watts and above. Clock speeds returned to 3+ GHz. The machine was usable again!

The Sustainability Paradox

There's a genuine irony here worth sitting with:

Microsoft's Energy Recommendations exist, at least in part, to reduce carbon footprint; to make Windows devices more efficient and extend battery life. That's a reasonable goal, but the settings, applied without understanding their effect on business-class hardware, made this particular machine so slow it was a serious hardware replacement candidate.

Replacing a four-and-a-half-year-old laptop because it appeared to be failing (sourcing new hardware, disposing of the old, the manufacturing footprint of a replacement device) would have been considerably less sustainable than leaving well alone.

The feature doesn't communicate the performance trade-off in any meaningful way. There's no warning that says: "on this hardware, with this Intel RAPL configuration, enabling Energy Saver permanently will reduce your CPU's dynamic power limit to 5 watts." It just offers you a list of things you can do to help the planet, and a button to apply them.

Why This Matters for Small Business Owners

Most small business owners and sole traders manage their own devices, at least some of the time. A Windows Update arrives, prompts appear, and the natural instinct is to click through (or ignore - you know who you are!), especially when the framing is around doing something positive.

Energy Recommendations looks legitimate because it is legitimate; it comes from Microsoft and it's embedded in the Windows 11 settings panels. It uses the language of responsibility and efficiency. In many scenarios, the settings it suggests are perfectly sensible. The problem is that without knowing how Windows power management interacts with your specific CPU architecture, you can't evaluate what you're agreeing to.

This is exactly the kind of thing that slips through the gap in small business IT. Not a cyberattack, not a hardware failure, just a configuration change that seemed reasonable at the time, that degraded performance gradually enough that it was attributed to age rather than settings.

By the time someone decides the machine is "just getting slow" and starts thinking about replacement, the actual cause has been forgotten entirely.

What Good IT Support Catches

Had this device been under a supported arrangement, the troubleshooting path would have been shorter. Not because the issue is obvious (it genuinely isn't without the right tools) but because:

Configuration changes would be reviewed before being applied, not after symptoms appear
Monitoring tools would flag anomalous CPU behaviour earlier
There would be no assumption that age equals decline

For sole traders and micro business owners, the cost of unplanned downtime and premature hardware replacement adds up faster than the cost of having someone knowledgeable in your corner before things go wrong.

If your machine has been "just a bit slow lately", it might be worth a look before you assume the worst.

Not sure if your devices are configured correctly? Let's have a conversation book a free 30-minute call and we'll take a look together.

Your AI is getting off the bench: meet Claude Cowork and Copilot Cowork

peter.green@aztek-native.com (Peter Green) — Mon, 16 Mar 2026 12:20:47 GMT

If you're paying for Microsoft 365 or Google Workspace on a business plan, AI has already been quietly showing up in your apps for a while. Copilot in Outlook can summarise email threads and draft replies. Gemini in Docs can help you write and refine content. These are genuinely useful features, but they're largely reactive; you ask, they respond, you do the rest.

With the advent of two new tools, that's about to change: Claude Cowork from Anthropic and Copilot Cowork from Microsoft. Rather than helping you with a task while you're in it, they can take the task off your hands (for the most part - I'll go into a bit more detail later on).

I've been experimenting with Claude Cowork the last week or so, and I wanted to share what I found; including some honest caveats about privacy that are worth knowing before you dive in.

So what is Cowork, exactly?

Both Claude Cowork and Copilot Cowork are what's called agentic AI; a tool that can take actions, not just give advice. Rather than answering questions and leaving the legwork to you, these tools can actually do things on your behalf, such as accessing your local files, your calendar, your email, and other applications or services you might use for your business.

Importantly, neither of them charges ahead without your approval. Both generate a plan first and show you what they intend to do before touching anything. You can review, adjust, or cancel. That "human-in-the-loop" design matters: there's a genuine fear that an AI acting without oversight could result in some unexpected behaviours.

As an aside, this kind of anxiety isn't new; as the "infrastructure as code" (IaC) paradigm started in the naughties, there was a running joke that automating things meant that mistakes could propagate much faster (including the destruction of your cloud-hosted infrastructure)! Despite this, the benefits of being able to create infrastructure to an exact specification in minutes outweighed the potential risk, and the industry evolved to create best practices and tooling that mitigated that risk. I think we are seeing that kind of maturity in the Cowork tools already.

My Initial Test Case

My downloads folder has, quite frankly, always been a mess. It accumulates cruft over months (years?) of documents, installers, scripts and ISO files being grabbed to support the various projects I've worked on. Sorting it out manually never quite makes it to the top of the to-do list, and so I pointed Claude Cowork at it and asked for help.

What impressed me wasn't just that it tidied things up, but how it went about it. Before moving a single file, it identified files that were already present in my Documents directory structure and suggested their deletion from the Downloads directory. For everything else, it categorised the files, giving me suggested actions for each. It flagged things I'd forgotten were there such as documents that probably needed attention rather than deletion. Once I'd reviewed the suggestions and approved, it moved important files sensibly into my existing Documents directory structure and put together a script to clean up what was left.

It was genuinely useful: this is the sort of task that would have taken me the best part of an hour to do myself, requiring tedious clicking, reviewing and moving. There's a good chance if I had decided to do this myself, I would have eventually just deleted all the contents of the Downloads directory! It took Claude a few minutes, handling common office formats (Word documents, spreadsheets, PDFs, presentations without any issues. Most importantly, I could just leave it running during that initial phase of discovery and get on with other work.

You can also schedule tasks to run automatically; daily, weekly, monthly. For things like generating a weekly summary from project files or keeping a folder tidy, that's where it starts to feel less like a tool and more like genuine assistance.

Other tasks I'll be trying over the coming weeks:

Inbox processing on a schedule: every morning, review emails, flag anything needing urgent attention, draft replies for your approval, and archive newsletters.
New client onboarding file prep: given a new contact name, pull together everything across your email history and Drive related to that person or company, create a structured briefing document, and save it in Notion.
Pre-meeting context pack: detect an upcoming meeting in your calendar, search email threads involving the same attendees, pull any relevant documents from Drive, and drop a one-page brief into Notion before the meeting starts.

Finally, Anthropic have started publishing plugins, which can provide specific context/skills to Claude; it's all very exciting and could provide business owner with a tonne of value.

Claude Cowork vs. Copilot Cowork: which is for you?

There are two separate products here, and it's worth being clear about the difference.

Claude Cowork (Anthropic)

Claude Cowork lives inside the Claude desktop app, which runs on Mac and Windows (there's also an unofficial Linux desktop client). It works across your local files and folders, and connects to third-party tools via a growing library of integrations; Google Drive, Gmail, Google Calendar, DocuSign, and others. It can also link Excel and PowerPoint workflows together, so data can flow between them without you manually copying anything across.

One notable point: conversation history is stored locally on your device, not on Anthropic's servers. That's a reasonable privacy protection for the chat log, but it doesn't mean your data stays on your machine during use. More on that below.

Claude Cowork is available on paid Claude plans (Pro, Max, Team, Enterprise). It's currently in research preview, meaning it's functional and worth trying, but expect continued development.

If you're already using Claude, run Linux or macOS, or your business isn't heavily embedded in Microsoft 365, Claude Cowork is the natural starting point.

Copilot Cowork (Microsoft)

Copilot Cowork is Microsoft's equivalent, built directly into Microsoft 365. It can take action across Outlook, Teams, Excel, Word, PowerPoint and SharePoint; all the tools that many businesses already live inside every day.

A note on plans: to get Copilot embedded in the Microsoft 365 desktop apps (Word, Outlook, Excel and so on), you need a qualifying Microsoft 365 Business subscription plus the Microsoft 365 Copilot add-on, which runs to around £20 per user per month on top of your existing licence. It's not included in the base plans (the Basic, Standard or Premium tiers, for example). Similarly, for Google Workspace users, Gemini features in Gmail, Docs and Sheets are included in Business Standard and above; but the more advanced capabilities require the AI Expanded Access add-on from March 2026. The point being: if you're already using these platforms and wondering why you don't see AI features, it's likely a plan/licencing question worth checking.

Interestingly, Microsoft has integrated the technology behind Claude into Copilot; so the two products aren't entirely separate under the hood.

⚠️ Worth Knowing

At the time of writing, Copilot Cowork is not yet generally available. It's in research preview with a limited set of customers, with broader rollout through Microsoft's Frontier programme expected in late March 2026. If you're a Microsoft 365 shop, it's very much one to watch; but you can't go and try it today the way you can with Claude Cowork.

Before you try it: a word on privacy

This is the bit people tend to skip (or simply not be aware of), and it's worth a few minutes of your time.

Your Data Leaves Your Device During Inference

When Claude Cowork accesses a file and reasons about it, the content of that file is sent to Anthropic's servers to be processed by the model. That happens regardless of any other privacy settings. The 'stored locally' feature refers to your conversation history; not to whether your file contents are transmitted. These are two separate things, and it's important not to conflate them.

This doesn't mean you shouldn't use it; but it does mean you should be thoughtful about what you point it at, particularly if you're handling client data or anything commercially sensitive.

Model Training, and How to Turn it Off

If you're using a personal Claude plan (Free, Pro, or Max), Anthropic may use your conversations to improve future versions of the model, unless you opt out. The good news is that opting out is straightforward:

Go to "Settings"
In the left navigation menu, click "Privacy"
Turn off "Improve Claude for others"

For an extra layer of protection, use incognito mode for any session involving sensitive material; incognito chats are never used for training, regardless of your account settings

⚠️ Worth Knowing

Opting out stops future use of your data, but it won't undo anything already included in a training run that's in progress. It's prospective, not retroactive.

For Business and Regulated-Sector Use

Claude Team and Enterprise plans operate under commercial terms, which means your data is not used for model training at all. If you're planning to use Cowork regularly with business data, or if you operate in a regulated sector (financial services, legal, healthcare), a Team or Enterprise plan is the right starting point, not an upgrade to consider later.

On data residency, this is an area where the current answer is limited. Anthropic does offer a Zero Data Retention option for enterprise deployments, and data residency controls are available when Claude is accessed via AWS Bedrock or Google Vertex AI. Unfortunately for standard Claude users, there are no granular data residency controls. If your industry requires data to remain within specific geographic boundaries, this is a conversation to have before adopting the tool, not after.

Worth Trying? My Honest Take

Yes: with sensible expectations.

These tools are genuinely useful, and the best use cases right now are the things you find yourself putting off: the messy folder you haven't touched in six months, the meeting you always walk into underprepared, the weekly roundup you mean to send but never quite get around to.

They're not magic, and they're not finished products. Both are in research preview, which means they're capable but still evolving. The right approach is to start with low-stakes tasks using non-sensitive data, build a feel for how they work, and expand from there.

As a rough guide:

If you're already in Claude, or you're not a Microsoft 365 shop: start with Claude Cowork. It's available now and works well.
If your business runs on Microsoft 365: Copilot Cowork is the more natural fit once it's broadly available. Keep an eye on the Frontier programme rollout.
If you handle sensitive client data or operate in a regulated sector: speak to someone before connecting these tools to your business files. It doesn't mean don't do it, it means do it properly.

The direction of travel is clear. AI is moving out of the chat window and into the workflow. For small businesses, that's a genuine opportunity to get time back on the kind of tasks that eat your day without adding much to your bottom line.

Want help figuring out if this is right for your business?

This is exactly the kind of thing we help businesses think through; whether a tool is appropriate, how to trial it safely, and how to make it part of a sensible workflow rather than just another thing to manage. If you'd like to have that conversation, book a call. No obligation, just a practical chat.

The AI Extension Trap: What Small Businesses Need to Know About Malicious Browser Extensions

peter.green@aztek-native.com (Peter Green) — Tue, 03 Mar 2026 11:37:55 GMT

Your staff just installed an AI assistant in their browser. You didn't approve it. You don't know what it's doing. And thanks to a gap in how Windows handles browser installations, you may not even know it's there.

The Threat

A New Wave of Malicious Browser Extensions

Researchers at LayerX discovered 30 malicious browser extensions disguising themselves as AI productivity tools; AI helpers, ChatGPT sidebar assistants, AI writing tools, and more. They appear in the official Chrome Web Store, often with convincing descriptions and positive-looking reviews. They passed Google's own review process before being flagged and removed, but not before being downloaded over 260,000 times. Some of the extensions were even granted a "Featured" badge, which really adds to their apparent legitimacy!

This isn't an entirely new category of threat, but the AI angle is new and it's working because everyone is excited about AI right now. People are far more likely to install these tools without thinking twice. The question "is this legitimate?" gets skipped in the enthusiasm to try the new shiny thing.

Once installed, these extensions were observed to do the following:

Extracting the full text content of every page you visit, including internal systems, authenticated portals, and sensitive business applications, and sending it to a third-party server
Recording voice input via the browser's speech recognition API and returning transcripts to the remote server
Tracking install and uninstall events via embedded analytics, likely for monetisation or campaign refinement purposes

⚠ Worth knowing

Browser extensions run inside the browser; the same environment where you access your bank, your Microsoft 365, your accounting software, your CRM. They don't need to break through your firewall. They're already inside the perimeter.

Why It's Harder to Stop Than You'd Think

The Shadow IT Problem You Didn't Know You Had

Most business owners assume that if their staff don't have admin privileges on their computers, they can't install unauthorised software. For the most part, that's true. For Google Chrome (and its extensions) it isn't.

Chrome is deliberately designed to be able to install into a user's own profile folder (rather than the system-wide Program Files directory). This means no admin password is required; a standard user on a locked-down Windows machine can still install Chrome in under two minutes, and then install whatever extensions they like.

This is a classic shadow IT problem: tools your staff are using that your or your IT team doesn't know about, hasn't assessed, and has no visibility into. The risk isn't just malicious intent; even a well-meaning employee who installs a dodgy "free AI assistant" extension is unknowingly opening the door.

It's also worth noting that Microsoft Edge, the browser built into Windows, is also Chromium-based and can install extensions from the Chrome Web Store. So the attack surface isn't limited to Chrome users.

“The risk isn't just malicious intent; even a well-meaning employee who installs a dodgy "free AI assistant" extension is unknowingly opening the door.”

This is also a GDPR Problem

The Legal Risk Your Staff Don't Know They're Creating

This creates more than a security issue for your business. If your staff handle any personal data in the course of their work (client emails, invoices, contact records, HR correspondence, etc.) and a malicious extension is silently exfiltrating that content to a third-party server, you almost certainly have a personal data breach on your hands under UK GDPR law.

The extension doesn't discriminate; it scrapes what's on screen. If that happens to include a client's name, email address, or any other personally identifiable information, it has left your control and gone somewhere you didn't authorise.

The legal implications are significant:

Mandatory breach reporting: under UK GDPR, if a breach is likely to result in a risk to the rights and freedoms of individuals, you have 72 hours to report it to the Information Commissioner's Office (ICO). The uncomfortable reality here is that most businesses won't know the exfiltration happened; the staff member installed what looked like a helpful AI tool. You can't report a breach you don't know about, and you can't remediate one you can't trace.

Liability sits with the business, not the employee: the employee who installed the extension almost certainly did so in good faith. That doesn't matter under data protection law. Your business is the data controller. If client data was scraped and ends up misused or disclosed, the ICO will look at the controls your business had in place... Or didn't. "We didn't know a member of staff installed it" is not a defence; it's an admission that appropriate technical measures weren't in place.

The ICO does act against small businesses: enforcement isn't reserved for large organisations. The reputational damage of having to notify clients that their data may have been compromised is often more painful for a small business than any regulatory fine.

The silver lining: the practical controls described in Section 4 of this article (particularly the browser extension allow-list) are exactly the kind of "appropriate technical and organisational measures" that Article 32 of UK GDPR requires you to implement. Having a documented policy controlling which extensions are permitted on company devices is demonstrable evidence of compliance. It's not just good IT practice; it's part of your legal obligation as a data controller

⚠ Disclaimer

This is a general, educational example of how your business may be exposed to data protection enforcement, and does not constitute legal advice. If you're unsure about your obligations, we'd recommend reading the ICO's own guidance and speaking to a qualified data protection professional to ensure you're meeting the standards required by current legislation.

 What Enterprise Organisations Do

The Full-Fat Solution (And Why It's Not For Everyone)

Large enterprises tackle this with what's called application control; a security model where only pre-approved software is allowed to run. Nothing else executes, full stop. Microsoft's own tool for this is called App Control for Business (previously known as Windows Defender Application Control, or WDAC), and third-party platforms like ThreatLocker take a similar default-deny approach with a more managed service wrapper around it.

Microsoft describes App Control for Business as "one of the most effective ways to prevent unwanted code from running in your environment"; and that's not marketing hyperbole. A properly configured policy can prevent Chrome from launching even if a user manages to install it into their profile. It can enforce the same rules across an entire fleet of devices, deployed centrally through Intune.

But Microsoft's own documentation is unusually candid about the complexity involved. Their design guide opens with the acknowledgement that "many people consider App Control 'too hard'", and notes that "issues that lead to failure with App Control often arise from business issues rather than technology challenges." In plain terms, it requires careful planning, thorough testing, and ongoing governance. A misconfigured policy can prevent legitimate software from running, and rolling back changes isn't always straightforward. Microsoft also notes that they don't yet offer a single unified management interface for App Control; administrators typically need to combine multiple tools to cover the full deployment lifecycle.

Third-party platforms like ThreatLocker aim to simplify this with a more managed, GUI-driven approach — but carry per-device monthly subscription costs that accumulate quickly for small teams, and still require someone capable of administering the allow-listing decisions on an ongoing basis.

This doesn't mean small businesses can't do anything. It means the solution needs to be proportionate.

What Small Businesses Can and Should Do

Practical, Proportionate Controls That Actually Work

For a Microsoft-stack small business, the typical scenario for most of our clients, there's a realistic set of controls that provide meaningful protection without requiring enterprise licencing or a full-time IT team.

Standardise on Microsoft Edge - Edge is the browser built into Windows and comes with far better built-in management controls than Chrome. Microsoft's Intune device management platform has native, granular policy controls for Edge that don't require importing third-party configuration templates. If you're a Microsoft 365 Business Premium customer, you already have the tools to enforce Edge as your standard browser.
Lock Down Browser Extensions with an Allow-list - Both Edge and Chrome support extension management policies that can be pushed through Intune. The approach is simple: block all extensions by default (using a wildcard block-list), then explicitly allow only the extensions your business has reviewed and approved. For most small businesses, that list is short; typically a password manager, and perhaps one or two business-specific tools. Everything else is blocked. Users see a clear "blocked by admin" message if they try to install anything outside the list.
Know What's Already Installed - Before locking things down, it's worth auditing what's already there. Microsoft Defender for Endpoint (included in Business Premium) has browser extension inventory capabilities that can show you exactly what extensions are installed across your entire fleet. You may be surprised. This is also useful for identifying any immediate risks that need addressing before you implement the allow-list policy.
Detect and Remove Unapproved Browsers via Intune - Intune supports PowerShell-based remediation scripts that can detect whether an unapproved browser has been installed and remove it. This isn't as seamless as a full application control solution, but it's achievable within the Business Premium licence and provides a meaningful ongoing check. Scripts can be scheduled to run regularly, catching reinstalls as well as initial installations.
Educate Your Staff. Genuinely - Policy and technical controls are more effective when people understand why they exist. A short internal note explaining that fake AI extensions are a real and growing threat, and that the extension controls are there to protect both the business and individual staff members, goes a long way. People are much less likely to try to work around controls they understand and agree with.

The Bigger Picture

This Is a Shadow IT Problem as Much as a Security Problem

Browser extensions sit in an awkward gap: they're not full applications (so traditional software controls often miss them), they don't require admin rights to install, and they run with surprisingly broad permissions inside the most sensitive environment on a work computer; the browser itself.

The AI extension wave is making this worse. When an extension promises to make you more productive with AI, the instinct to just try it is understandable. But "I got it from the Chrome Web Store" is not a security guarantee. Extensions on the Chrome Web Store have been compromised, have contained malware from the start, and have been used in sophisticated attacks against organisations of all sizes.

The good news is that for small businesses, the right controls are achievable. A properly managed Edge deployment with an extension allowlist, backed by Defender for Endpoint visibility, gives you a robust baseline — without the complexity and cost of enterprise application control.

If you're not sure what's running in your team's browsers right now, that's the first thing to find out.

Not Sure Where to Start?

We help small businesses implement practical, proportionate security controls - without the enterprise price tag or complexity. Arrange a free consultation today.

BOOK A MEETING