Backing up data is important—but without **backup testing and validation**, you don’t really know if your backups will work when you need them most. Business owners must not only implement backups but also verify that data is intact, systems restore correctly, and staff can execute recovery under pressure.

What’s At Stake

Imagine a ransomware attack or system failure—you press “restore” and… nothing. That’s what happens when backups exist but cannot be used effectively. Organizations often discover this too late, leading to extended downtime, data loss, compliance violations, and financial damage.

Why Backup Testing and Validation Matters

• Ensures data integrity: Testing confirms that backups are complete and usable.
• Reveals configuration issues: Detection of misconfigurations or corrupt backups prevents surprises during real recovery.
• Supports compliance: Many regulations require restore testing—HIPAA, PCI‑DSS, GDPR, and specific frameworks like DORA or NYDFS.
• Builds organizational confidence: Teams feel ready to act when systems fail, reducing downtime.

Common Testing Methods

There are three widely accepted ways to validate backups:

• Checksums: Compare hash values to ensure data hasn’t changed.
• Partial restores: Regularly restore sample files or workloads.
• Full restore drills: Establish a recovery environment and simulate full-system restore—ideally quarterly or annually.

Best Practices for Business Leaders

1. Create a Backup Testing Plan

Document who will test, how often, and what steps are involved. Include clear restoration goals (RTOs/RPOs) and test runs to meet business needs.

2. Define Your Restore Environment

Use a sandbox or cloud test environment. Don’t wait for a disaster—proactively rehearse routine and emergency restores.

3. Schedule Regular Testing

Test system restores monthly or quarterly, and full-scale restores at least annually. Record results—who, what, when, and status.

4. Automate and Track Results

Tools like AWS Backup now support automated restore testing. Regular reports help your leadership show proof of readiness to auditors and insurers.

5. Review Failures & Adapt

If a restore fails, don’t ignore it. Investigate root causes—hardware issues, configuration errors, compatibility problems—and fix them quickly.

Helpful Resource

Read more about best practices and strategies from Acronis:
Best Practices for Verifying and Validating Your Backups

Where Cost+ Can Help

Through our Security+ and Recovery+ services, Cost+ helps companies design backup testing plans, deploy automated restore drills, and train staff—so you can be certain your systems are recoverable.

Bottom Line

Backup testing and validation is the only way to guarantee your backup strategy holds up when you need it most. Without proof through testing, you risk data loss, compliance failure, and lengthy downtime. A few proactive tests today can save thousands tomorrow.

By Thomas McDonald
Vice President

Microsoft recently acknowledged a new issue affecting Windows 11 version 24H2, where users see unexpected notifications about a firewall configuration problem. The alert, identified as the Windows Firewall config error KB5060829, has left many IT teams and end users questioning whether their systems are at risk. In this post, we’ll explain what this error means, why Microsoft advises you to ignore it for now, and how your IT operations can respond effectively without overreacting.

For the official Microsoft update on this issue, you can visit their release health page here.

What Is the Windows Firewall Config Error KB5060829?

After installing the optional June 2024 preview update for Windows 11 (KB5039302), some devices running version 24H2 began showing a warning that “Microsoft Defender Firewall is not using the recommended settings.”

This warning appears as a yellow triangle in the Windows Security app, creating the impression that firewall protections are misconfigured or disabled.

However, according to Microsoft, this is a false positive. Despite the notification, the firewall continues to enforce the expected rules and your device remains protected. In other words, the error does not indicate that your network or endpoints are exposed — it’s simply an incorrect status report generated by a bug in the latest update.

Microsoft has formally identified the bug under KB5060829 and is actively working on a fix.

Why You Shouldn’t Panic

It’s natural to assume that any firewall-related alert is cause for concern. After all, the firewall is a critical part of your system’s security posture. But in this case, Microsoft has confirmed that no action is required on your part:

“We recommend that you ignore the warning notification while we work on a resolution. The device firewall is working as expected and devices remain protected.”

This guidance is important for IT administrators and security teams to note. Attempting to manually reset firewall rules, uninstall updates, or roll back configurations may not only be unnecessary but could also lead to unintended consequences in a production environment.

How This Bug Could Affect Your Operations

Although this bug does not compromise security, it may still create operational noise and confusion:

• Help desk tickets: Users who notice the warning icon may open support requests, adding to your team’s workload.
• Monitoring alerts: Automated endpoint monitoring tools may report these warnings, cluttering dashboards and potentially masking real issues.
• Compliance reporting: If your organization performs regular security checks, this false positive could result in inaccurate audit findings.

To mitigate these effects, communicate proactively with your teams and users. Let them know about the issue and explain that the firewall remains active and secure despite the notification.

Best Practices While Waiting for the Fix

Until Microsoft issues a formal resolution, here are a few best practices for managing the situation:

1. Stay Current on Microsoft Updates

Continue applying security and feature updates as recommended, and monitor Microsoft’s official release health page for progress on KB5060829. You can follow updates here.

2. Avoid Unnecessary Changes

Do not disable, reconfigure, or uninstall the firewall unless you have a separate business reason to do so. The firewall is still functioning and protecting your endpoints.

3. Communicate with Stakeholders

Inform end users and relevant business units that the warning can be safely ignored. This reduces unnecessary concern and support requests.

4. Monitor Your Own Security Posture

Continue monitoring network traffic and endpoint health through your existing security tools to ensure there are no unrelated incidents.

When Will It Be Fixed?

Microsoft is currently investigating and developing a resolution for the Windows Firewall config error KB5060829. At the time of writing, they have not announced a specific timeline for the fix but are expected to include it in a future cumulative update.

In the meantime, the key takeaway is that the firewall remains fully operational and no additional mitigation steps are required by IT or end users.

Lessons for IT Operations Teams

This issue is another reminder of why IT operations teams need clear processes for managing software bugs, false positives, and user communications. Here are a few lessons to take away:

• Verify alerts against authoritative vendor documentation before taking corrective action.
• Have a communication plan ready for end users when a widespread false positive appears.
• Maintain a change control process to prevent unnecessary configuration changes in response to non-critical alerts.
• Continue to prioritize patch management and avoid skipping updates out of fear of new bugs.

Proactive management and clear messaging can help maintain user trust and operational stability even when vendor bugs create temporary confusion.

Looking Ahead

The Windows Firewall config error KB5060829 is not the first — nor will it be the last — example of an unexpected software bug creating noise in your operations. But by staying informed and resisting the urge to overreact, you can protect your organization’s security posture and avoid unnecessary disruption.

We recommend bookmarking Microsoft’s release health page and monitoring it regularly for updates on this and other known issues.

For IT leaders, this is an opportunity to reinforce good practices around patching, user communication, and incident triage.

The June 2025 Windows security delay has raised serious concerns among IT departments and cybersecurity professionals. Microsoft confirmed that several critical security updates originally scheduled for release on June 11 were delayed due to an unexpected metadata issue. The delay was caused by an incorrect timestamp that prevented updates from being properly recognized or installed on Windows systems. As a result, organizations relying on timely patch deployment have faced heightened security risks and operational uncertainty.

What Happened: Metadata Timestamp Issues

Microsoft’s official explanation points to a publishing error involving the metadata timestamp embedded within the June 2025 cumulative update package. This flaw disrupted the normal detection and delivery of the update via Windows Server Update Services (WSUS), Microsoft Endpoint Configuration Manager, and Windows Update for Business. The impacted update, identified as KB5060842, targets Windows 11 version 24H2.

Administrators began reporting issues almost immediately after the scheduled release date, noting that the update was either not being offered at all or was incorrectly flagged as already installed. Microsoft has since acknowledged the delay and is actively working on a corrected version of the update to be republished for proper detection and deployment across enterprise environments.

Why the June 2025 Delay Matters

Security updates are often the first and last line of defense against newly disclosed vulnerabilities. When these updates fail to deploy on schedule, threat actors gain an advantage. In this case, the delay was not caused by a known exploit, but by an infrastructure-level publishing error. That makes it harder to mitigate, because administrators expecting automatic deployment may falsely assume systems are up to date.

In the context of today’s evolving threat landscape, even a 24-hour delay can be significant. Microsoft’s own telemetry frequently shows exploit attempts within days—sometimes hours—of patch disclosures. With the June 2025 Windows security delay, the exposure window widened unexpectedly for tens of thousands of endpoints.

Recommended Actions for IT Teams

While Microsoft continues remediation efforts, IT leaders and administrators should take immediate steps to assess exposure and manually enforce compliance where necessary:

• Manually verify that update KB5060842 is properly installed across all relevant Windows 11 24H2 systems.
• If not installed, monitor for re-release and consider manual deployment via standalone installer.
• Update your asset inventory to reflect known affected machines and prioritize them for audit.
• Coordinate with your Support+ provider to perform a fast vulnerability review and ensure critical systems are not at risk.

Organizations using Microsoft Endpoint Configuration Manager should also validate their sync processes and distribution point health to ensure that once the revised update is published, it can be delivered without delay or rollback issues.

Proactive Defense Through Layered Security

This delay highlights the importance of layered defense strategies beyond just patch management. Even when updates are delayed or flawed, a properly configured security stack can still provide meaningful protection. At Security+, we advocate for endpoint protection, threat detection, and segmentation strategies that reduce the blast radius of a missed patch.

Administrators should also consider deploying real-time alerting tools that can flag when scheduled updates fail, or when system patch status does not match the organization’s baseline configuration.

Communication and Risk Transparency

One of the most overlooked aspects of incidents like this is internal communication. IT teams should proactively inform business stakeholders and compliance leads about the nature of the delay and what steps are being taken to address it. Transparency not only builds trust but ensures that executive teams don’t mistake a vendor delay for an internal failure.

We recommend documenting this delay as part of your monthly risk register or change log, noting any compensating controls put in place during the patch window. This is especially critical in regulated industries where patch timelines are auditable under frameworks such as HIPAA, PCI-DSS, or SOX.

What to Expect Next from Microsoft

Microsoft has stated that a corrected version of the June 2025 update will be republished once the metadata issue is resolved. However, no specific timeline has been given for that release. The company’s update center is still listing KB5060842 as active, but with known issues. You can follow the latest official status directly from Microsoft here.

Once the revised package is available, organizations should prioritize deployment, particularly on systems exposed to the public internet or used in sensitive operations. Delays like this underscore the importance of combining automation with human oversight in all patching and update workflows.

Closing Thoughts

The June 2025 Windows security delay is a timely reminder that even highly automated update systems are not immune to human error or metadata corruption. IT and security leaders should treat this as an opportunity to audit internal assumptions, test their fallback plans, and reinforce the principles of layered defense. At Cost+, we work with clients every day to ensure that when vendors slip, their protection doesn’t.

Need help validating patch status, mitigating short-term risks, or automating your endpoint coverage? Schedule a call with our team and we’ll help you stay ahead of vulnerabilities—even when the update doesn’t arrive on time.

By Thomas McDonald
Vice President

As the Windows 10 end-of-support date approaches in October 2025, Microsoft is rolling out a temporary solution for users who aren’t ready—or able—to upgrade to Windows 11. Known as Extended Security Updates (ESUs), this program gives users another year of critical protection, but it comes with important caveats.

Understanding the October 2025 Deadline

Microsoft plans to end official support for Windows 10 on October 14, 2025. That means no more regular security patches, bug fixes, or technical support. While this doesn’t render your PC useless overnight, it does leave it increasingly vulnerable to cyberattacks over time.

What Are Extended Security Updates (ESUs)?

To ease the transition, Microsoft is offering one additional year of security-only updates through its ESU program. These updates will run from October 2025 through October 2026, and they’re available in several ways:

• Free via Microsoft Rewards: Redeem 1,000 points to enroll.
• Free via Windows Backup: Opt into automatic cloud backup using OneDrive.
• One-time payment: Pay $30 for a full year of updates.

It’s worth noting that these updates won’t include new features or performance improvements—just essential security patches designed to keep your system protected.

Why Some Users Can’t Upgrade to Windows 11

Many PCs running Windows 10 don’t meet Windows 11’s stricter hardware requirements, such as TPM 2.0 and newer processors. Upgrading often means buying a new device, which isn’t always practical for small businesses or individuals trying to control costs. For these users, ESUs are a stopgap that offers time to plan.

What This Means for Business Owners

If your business is still relying on Windows 10 workstations, you need a short- and long-term strategy. While the ESU program provides some breathing room, the end goal remains the same: migrating to a secure, supported platform. Cost+ can help with that. Our Support+ team handles system upgrades, while Cloud+ and Recovery+ ensure business continuity during transitions.

Recommendations for Windows 10 Users

Here’s what we recommend if you or your business is still running Windows 10:

• Check your hardware: Determine if your PC qualifies for Windows 11.
• Choose an ESU path: Free enrollment or a $30 fee buys you time.
• Don’t delay planning: Start evaluating replacement devices or cloud alternatives now.
• Secure your endpoints: Even with ESUs, don’t skip antivirus and patch management.
• Get expert help: Cost+ can advise on upgrades, virtual machines, and long-term infrastructure planning.

The Bigger Picture: A Shift Toward the Cloud

Microsoft continues to push toward a cloud-first model. Businesses using Windows 365 Cloud PCs will get ESUs automatically, which further signals that traditional desktops are becoming less central. Companies that embrace this shift will gain long-term flexibility and security—two priorities in today’s IT landscape.

Final Thoughts

Microsoft’s Extended Security Updates offer a practical bridge for Windows 10 users who need more time. But it’s not a permanent solution. Now is the time to assess your systems and create a migration plan that fits your budget and risk tolerance.

If you’re unsure what to do next, we can help. Contact Cost+ for guidance that keeps your business running smoothly, securely, and without unnecessary expenses.

Schedule Your Free Consultation Today

Ready to plan your Windows 11 migration or secure your Windows 10 systems? Reach out to the Cost+ team for a free consultation.

By Thomas McDonald
Vice President

AI is no longer a futuristic concept—it’s quietly reshaping everyday business tools. In particular, ai tools in business email are changing how organizations write, respond, and manage communication. Microsoft’s Copilot and Google’s Gemini are leading the charge, embedding generative AI directly into Outlook and Gmail to boost productivity, reduce repetitive work, and help teams write more effectively.

Why This Shift Matters to Business Leaders

Unlike past tech waves, this one doesn’t require a full platform switch or custom development. If your company uses Microsoft 365 or Google Workspace, AI features are either already live or arriving soon. That means changes to email workflow are happening by default—and companies need to understand the benefits, risks, and costs.

What Microsoft Copilot Does in Outlook

Copilot uses large language models to summarize emails, draft responses, suggest rewrites, and extract action items from threads. It can even pull context from Word or Excel documents linked in a conversation. Microsoft’s goal is to reduce time spent reading, writing, and following up on email. You can learn more from the official Microsoft page here:
Microsoft Copilot for Microsoft 365.

What Google Gemini Adds to Gmail

Gemini offers similar features: drafting replies, summarizing long email chains, generating templates, and adjusting tone. It also connects with Google Docs, Sheets, and Meet to bring AI into broader workstreams. Google’s approach emphasizes helpful suggestions, not automation that replaces human oversight.

Business Use Cases for AI in Email

• Customer Service: Drafting faster, more consistent responses to inquiries
• Sales: Personalizing outreach emails using CRM data and suggested follow-ups
• Internal Collaboration: Reducing back-and-forth by summarizing long threads
• Project Management: Extracting tasks and commitments from emails automatically

What Business Leaders Should Watch

1. Licensing Costs

These tools aren’t free. Microsoft charges $30 per user/month for Copilot, which can be a significant line item depending on team size. Google’s Gemini for Workspace tiers vary depending on the plan. It’s important to evaluate which users truly benefit before scaling licenses.

2. Data Privacy and Security

When AI models process email content, where does that data go? Microsoft and Google both state that your content is not used to train public models—but companies should validate data handling practices, especially in regulated industries.

3. Productivity vs. Accuracy

AI-generated content can accelerate tasks but should still be reviewed. Inaccurate summaries or misleading tone could cause confusion or reputational harm. Training staff on appropriate usage is essential.

4. Impact on Communication Style

One subtle risk is tone uniformity. As more employees use the same AI tools, responses may start sounding robotic or generic. Encourage teams to personalize content when needed to preserve client relationships.

Preparing Your Organization

If you plan to adopt AI tools in business email, start with a pilot group. Monitor productivity, review sample outputs, and gather user feedback. From there, build an internal policy that defines acceptable use, disclosure requirements, and oversight.

Where Cost+ Can Help

Cost+ provides strategic IT guidance through our Support+ and Security+ services. We help organizations evaluate emerging tools, manage vendor licenses, and protect sensitive data in the age of AI.

The Bottom Line

AI tools in business email are here—and they’re evolving fast. Whether you adopt Microsoft Copilot or Google Gemini, understanding their capabilities and limits is essential for leadership teams navigating modern communication workflows.

By Thomas McDonald
Vice President