Index of articles

by | Nov 3, 2025

Support Articles - Microsoft and Microsoft 365

Our articles address the most commonly asked Microsoft 365 questions we are asked about . Different Microsoft 365 licences (e.g. Family vs Business vs Enterprise) affect how Microsoft 365 Admin Center operates, so there may be some variation in workflows depending on the licenses you use. Be aware that implementing un-tested procedures especially when your IT is “in production” can affect performance and operability, and therefore you should contact us for professional guidance If you are unsure about what you aim to do.

Microsoft Windows 11

  1. Windows 11 Setup Guide: 1. How to Configure Your PC Securely with Microsoft Accounts
  2. Windows 11: Why One Microsoft Account Isn’t Enough for Home and Small Business Users
  3. Windows 11 Setup for Privacy-Focused Users: Why Microsoft 365 Business Matters
  4. How to Set Up a New Windows PC to Sign In Directly with a Microsoft 365 Work Account

Microsoft 365 setup, licensing and user management

  1. How to Set Up Microsoft 365 for a Small Business
  2. How to Set Up a New Windows PC to Sign In Directly with a Microsoft 365 Work Account
  3. How to add a new employee with Microsoft 365 User Onboarding
  4. How to Set Up Microsoft Authenticator MFA for 365
  5. How to Back Up MFA Credentials with Microsoft Authenticator Backup
  6. Locked Out of Your Microsoft 365 Account? Here’s What to Do When MFA Recovery Fails
  7. What Is a Shared Mailbox in Microsoft 365 and Why Your Business Should Use One
  8. Change Microsoft 365/email password
  9. Change Office 365 credit/debit card information
  10. Why Switching PC Users to Microsoft 365 Sign-In Matters for Small Businesses
  11. How to Transition PC Users to Microsoft 365 Sign-In and Entra ID
  12. How to Use Microsoft 365 MailTips to Improve Email Performance

Microsoft 365, Exchange Online and Outlook

  1. Microsoft 365: Outlook Categories
  2. How to Manage Microsoft 365 Email Signatures
  3. About Microsoft 365 Outlook templates
  4. What Is a Shared Mailbox in Microsoft 365 and Why Your Business Should Use One
  5. How to Use Microsoft 365 MailTips to Improve Email Performance
  6. How to Use Outlook Sweep to Declutter Your Outlook Inbox
  7. Email migration from cPanel to Microsoft 365
  8. How to Use Microsoft 365 Inline Email Archiving
  9. Create a Microsoft 365 Exchange Online connector
  10. 2025 Email Security Guide for Business Owners: Avoiding Scams and Attacks

 Microsoft 365 configuration and user tips and tricks

  1. How to Use Folder Color Coding in Microsoft 365 to Boost Productivity
  2. How to Set Up a Microsoft 365 SharePoint Site for a Small Business
  3. Create a Microsoft 365 Exchange Online connector
  4. Configure SPF, rDNS, DKIM, and DMARC for email

The following articles can be found using <Search> or scrolling through our list of articles. Procedures may have changed since and therefore this content is either being eidted or deprecated. So, although we are editing this content, you might still find useful information to help with issues.

 

  1. – Exchange Online – room and equipment resources
  2. – Reset Office 365 password expiration policy
  3. – Exchange Email – EOP antivirus/spam
  4. – Exchange Online Protection – EOP
  5. – Microsoft 365 Exchange Email – data leakage & loss protection
  6. – Microsoft ActiveSync
Support Articles - cPanel | web server | DNS
  1. What Is cPanel BoxTrapper And Why Email Users Should Care
  2. Email Management in cPanel: Save Space, Cut Costs, and Go Green
  3. 2025 Email Security Guide for Business Owners: Avoiding Scams and Attacks
  4. Safeguard your .uk domain names – Nominet
  5. Email migration from cPanel to Microsoft 365
  6. How to manage a web site contact form
  7. How to configure DNS for a contact form
  8. Configure SPF, rDNS, DKIM, and DMARC for email
  9. Create a new email address with cPanel
  10. How to use cPanel Web Disk
  11. How to back up your web server with cPanel
  12. Add SPF to your DNS zone record
  13. Configure DMARC using cPanel
  14. Configure DKIM in cPanel
  15. Configure Reverse DNS (RDNS)
  16. cPanel email account considerations
  17. Why Authoritative Nameservers Matter for Your Web Hosting Setup
Support Articles - Sitejet web design software
  1. How to back up your web server with cPanel
  2. Move a Sitejet website from a subdirectory to the root in cPanel
  3. Adding background images with Sitejet
  4. Schedule your social media posts with Social Bee
  5. 5 Best Calendar Booking Widgets for Sitejet Websites in 2025

Windows 11 Setup for Privacy-Focused Users: Why Microsoft 365 Business Matters

by | Nov 2, 2025

Why Windows 11 Setup Matters for Privacy-Conscious Users

Setting up Windows 11 is not just about a sleek interface—it is about securing your digital environment from day one. For privacy-conscious users, your initial configuration is critical. Default settings often prioritize convenience over security, leaving sensitive data exposed. By taking control during Windows 11 setup, you can ensure your system aligns with your privacy and compliance goals.

Click open the headers below to learn more about how Microsoft’s security operates in Windows 11. Support options are available for professional assistance.

The Role of Microsoft 365 Business in Secure Configuration

Microsoft 365 Business is a security backbone. When integrated during Windows 11 setup, Microsoft 365 Business adds enterprise-grade protections like conditional access, multi-factor authentication, and data loss prevention. These features safeguard your files, emails, and identity against breaches. Microsoft 365 Personal or Family subscriptions do not offer this level of security. For users handling confidential data or operating in regulated industries, combining Windows 11 and Microsoft 365 Business is more than a convenience—it’s a necessity.

Steps to Combine Windows 11 Setup with Microsoft 365 Business

1. Start with a Clean Install

  • Ensure your Windows 11 installation is fresh and free from legacy vulnerabilities.

2. Link Your Microsoft 365 Business Account Early

  • During setup, sign in with your Microsoft 365 Business credentials to enable policy enforcement.

3. Enable Security Defaults

  • Activate features like BitLocker encryption and Defender for Endpoint for layered protection.

4. Configure Compliance Policies

  • Use Microsoft 365 Business admin tools to enforce password complexity, device compliance, and secure sharing.
Final Thoughts: Privacy and Professionalism in the Modern Workspace

Windows 11 setup is your first line of defense. Pairing it with Microsoft 365 Business transforms your device into a secure, professional-grade workstation. For users who value privacy and data integrity, this approach is a stategic implementation to avoid unauthorised breaches and data theft.

Windows 11: Why One Microsoft Account Isn’t Enough for Home and Small Business Users

by | Nov 2, 2025

Introduction

Microsoft markets Windows 11 as simple: “Anyone can use it off the shelf.” But marketing oversimplifies, reality complicates. Most users—and even small businesses—set up their computers with a single Microsoft account. It feels convenient, but convenience poses serious security risks. This guide explains why and what you can do to protect yourself.

Click open the headers below to learn more about how Microsoft’s security operates in Windows 11. Support options are available for professional assistance.

1. Why Microsoft’s Windows 11 Consumer Model Creates Risk

Microsoft assumes home users want simplicity. One account controls email, OneDrive, Office apps, and device recovery. But attackers don’t care if you’re “personal” or “business”—the same phishing and credential theft tactics apply whether you are a personal user or a business user.

Small businesses are especially vulnerable:

Home users and small businesses tend to rely on consumer practices to manage their business IT. These introduce vulnerabilities:

  • They often use consumer-grade setups to save costs.
  • They handle financial transactions without enterprise protections.
  • They lack dedicated IT security.

The result means a single compromised account can mean total loss of control—your files, your device, your office network, and your money.

2. Email Exposure and Admin Account Compromise

Your Microsoft account is the “master key” for your PC. If you use it for daily email, it is exposed to phishing and malware. This matters because:

  • If an attacker steals your Admin account credentials, they gain full control of your device.
  • Attackers can access BitLocker recovery keys, OneDrive files, and even your Microsoft 365 subscription.

Hot Tip: Keep subscription credentials secure and separate from daily email exposure.

Best practice:

  • Use a Standard account for aily work and email.
  • Keep the Admin account for system control only.
  • Enable Multi-Factor Authentication (MFA) on the Admin account.
3. Microsoft 365 Subscription Implications

Your Microsoft 365 Personal or Family subscription is tied to your primary Microsoft account (usually the Admin account).

What this means:

  • You can sign into Office apps with the Admin account while using a Standard Windows profile.
  • OneDrive can sync under either account—but storage is linked to the Admin account.

This still means that your admin account is still processing ptoentially compromised email which could cause security breaches. Instead of using a Microsoft 365 Personal or Family subscription, consider subscribing to Microsoft 365 Business services instead. If security is crucial, the minor difference in costs is inconsequential.

Hot Tip: Keep subscription credentials secure and separate from daily email exposure.

4. BitLocker and Recovery Key Management

BitLocker protects your data by encrypting your drive. The recovery key is stored in the Microsoft account that enabled BitLocker—usually the Admin account. If you lose access to that account:

  • You cannot unlock your device after major updates or hardware changes.

Action steps:

  • Save the recovery key offline (print or store in a password manager).
  • Verify that it is listed in your admin Onedrive account at: https://account.microsoft.com/devices/recoverykey
  • You can manually record Bitlocker keys in a .txt file for secondary storage
5. Small Business Risk Profile

Real-world example: A client recently stopped nearly £100K in fraudulent attempts after a breach. Small businesses are prime targets because attackers know consumer setups lack enterprise safeguards.

If you run a business on a “home” configuration:

  • Treat your Admin account like a global admin in enterprise IT—never expose it to email.
  • Consider upgrading to Microsoft 365 Business for stronger security controls.
6. Practical Mitigation Steps
  • Enable MFA on all Microsoft accounts.
  • Use a password manager for secure credential storage.
  • Log into the Admin account periodically to prevent inactivity closure.
  • Create a recovery drive and store it safely.
  • Decide if two accounts make sense for you:
    • One account = convenience, higher risk.
    • Two accounts = complexity, stronger security.
    • upgrading to Micrsoft 365 Business may be a more desirable alternative.
For nerds: Why Windows isn't like Linux

So, why isn’t Windows such a seeminlgy awkward proposition for security by comparison to Unix/Linux?

Unix/Linux systems were designed from the ground up for multi-user environments. They enforce granular file and folder permissions and separate local privilege (root) from user identity. This means:

  • Admin tasks are isolated using sudo or root access.
  • Daily work happens under a non-privileged account without needing separate cloud identities.

Windows, by contrast, was intended to cater for individual or personal use. So, its architecture is different. Today, Windows merges local admin privileges with cloud identity for licensing, recovery, and sync using a Microsoft account as its building block. This hybrid model creates complexity: to maintain security, Microsoft recommends two accounts—but most users never hear why this has come to be. This causes problems for personal or home office situations. However, Microsoft windows works well at scale in some of the largest enterprises. This is because Microsoft 365 for Business is more forensically tuned for enhanced security at scale.

Summary

Folder colour coding is a small but powerful feature in Microsoft 365 that enhances file organization and team collaboration. While OneDrive for Business is best suited for personal work-in-progress, SharePoint and Teams are ideal for shared group resources, especially when managed by global administrators.

This feature is another example of how Microsoft 365 continues to evolve beyond traditional desktop capabilities, offering smarter tools for modern work environments.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including website design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Windows 11 Setup Guide: 1. How to Configure Your PC Securely with Microsoft Accounts

by | Oct 31, 2025

Introduction

Most Microsoft Windows 11 users—and even many small businesses—manage their Windows 11 setup with a single Microsoft account because it seems like the natural things to do. This simplicity can create serious security gaps, though. This article decribes how Microsoft recommends your workstation should be set up conventionally using two Microsoft accounts using an administrator account and a standard users account.

Why two accounts?

If your admin account is exposed through daily email use, a single phishing attack could give an attacker full control of your computer, your files, and even your Microsoft 365 subscription. In our companion article, we explain why this risk exists, how Microsoft’s design choices contribute to it, and what practical steps you can take to protect yourself—whether you’re a home user or running a small business.

For more about why Microsoft recommends two accounts for securing Windows 11, see this article:

Windows 11: Why One Microsoft Account Isn’t Enough for Home and Small Business Users

Click open the headers below to learn more about how Microsoft Windows setup. Support options are available for professional assistance.

Preparation - document what you do

Your Microsoft account controls everything—your files, apps, and even your ability to unlock your laptop. If you lose access access you could lose everything tied to that account. So, the first thing to do is to make sure your credentials are documented, including secondary email address and your mobile phone number. If you are going to create a new Microsoft account, write down your user name and password first to be sure you enter credentials accurately.

Hot Tip: Keep accurate records of usernames, passwords, and recovery keys. Use a secure password manager or store a printed copy in a safe place. Review your account credentials periodically.

Why Two Separate Microsoft Accounts Are Recommended

Windows 11 does not allow the same Microsoft account for two different user profiles on the same machine. So, to secure your computer properly, you need:

  • One Microsoft account for the Administrator profile
  • A second Microsoft account for the Standard User profile

For a simpler approach to security, consider using a Microsoft 365 Business subscription rather than a Microsoft 365 Personal or Family subscription which operates in a less disciplined environment. Microsoft 365 Business requires a domain name, and its architecture segregates email and files from the less rigorously secured personal security provided by Microsoft’s consumer-oriented services.

Why Microsoft Designed It This Way

When Windows 11 is configured for consumer use:

  • Each Microsoft account manages its own identity and cloud encryption (e.g., OneDrive), but the device-level BitLocker key is tied to the Administrator account.
  • Sharing one account across profiles would break security boundaries—making administrator rights meaningless.

This feels complex, but Microsoft’s purpose is designed to provide strong security and identity separation.

Step-by-Step: Setting Up Two Accounts
  1. Create the Administrator Account
    1. During initial setup, sign in with your primary Microsoft account.
    2. Always use a Microsoft account—not a local account—for better recovery options.
  2. Create the Standard User Account
    1. Go to Settings > Accounts > Family & other users.
    2. Click Add account and sign in with a different Microsoft account (create a free Outlook.com account if needed).
    3. Set this account as Standard, not Administrator.

Use the Standard account for daily work. This reduces risk and keeps your system secure.

! Keep Your Admin Account active

Microsoft may close accounts that appear inactive for two years. If your Administrator account is rarely used for email or OneDrive, it could be flagged as inactive.

When Microsoft terminates a Microsoft account:

  • You lose access to the Administrator profile.
  • BitLocker recovery keys stored in that account become inaccessible.
  • Device management and recovery options break.

How to keep a Microsoft account active after Wondows 11 setup:

  • Sign in to your Microsoft Account for your administrator profile periodically via a browser.
  • Link the account to your device.
  • Enable a minimal service (OneDrive sync or Microsoft Authenticator).
  • Keep your account credentials updated:
    • secondary email address
    • mobile phone number
Create a Windows 11 recovery drive

A recovery drive is your safety net if Windows won’t start or something goes wrong. After Windows 11 setup is and Microsoft has had a chance to update your computer’s Windows version from the original mirror installed during assembly:

How to create a recovery drive

  • Allow about a week to allow for cumulative updates.
  • Plug in a USB drive (at least 32GB).
  • Search for Create a recovery drive in Windows Start menu.
  • Follow the instructions (check “Back up system files”).

Store your recovery drive in a safe place. Often, professionals tether the USB stick to the computer’s power lead. The recovery drive is valuable. It is necessary to repair or re-install Windows in case of a catastrophic failure. If you lose your recovery drive, you may have to replace a damaged computer.

Schedule periodic recovery drive replacement

Windows is constantly upgraded with patches and fixes. No less that annually, recompile your recovery drive. 

Understand BitLocker and Recovery Keys

BitLocker encrypts your data, protecting it if your laptop is lost or stolen.

If BitLocker is enabled, you will get a recovery key—a long code that unlocks your laptop if something goes wrong.

Where to find it:

  • Saved to your Microsoft account online:
    • https://account.microsoft.com/devices/recoverykey

You can also create a manual copy of your Bitlocker key which can be saved in a .txt file. This is a worthwhile additional method. In Wondows Start/Search, search for “Manage Bitlocker”. Professional guidance is recommended.

Summary: Why is Windows 11 setup so complicated?

:Many users find Microsoft’s guidance for Windows 11 setup frustrating—and rightly so. But Microsoft enforces this for good reasons:

  • Stronger security boundaries
  • Better integration with cloud services
  • Easier recovery options

Another reason for this complexity is often that users are hoiping to achieve commercial levels of security using consumer grade solutions, and this means we have to make Windows bend to keep up with more robust disciplines which are already available in Microsoft 365 Business.

Still, this complexity does not help Microsoft’s cause when users compare it to Linux, which is free and simpler. However, Windows remains the dominant choice for compatibility with mainstream apps and small-office tools. Yo better understand the real-world security implications of conventional Windows 11 setup for consumer equipment, read our companion article:

Windows 11 Why One Account Isn’t Enough for Home and Small Business Users