Researching issues that several clients were having with slow Windows Roaming Profile logins and found that the common denominator was profiles being too large. Looked at Event Viewer and found nothing but Event ID 6005 – “The winlogon notification subscriber is taking long time to handle the notification event (Logon).” Looked at their Group Policy settings and found the folder that profiles were being saved in. Ran WinDirStat on the user.v6 folder and found some interesting details. It looks like downloads, Slack, Teams, and Zoom were taking up 13+GB of data that was then trying to be synced over the network. Looks like it is time to update the Group Policy to exclude some folders:If your company is looking to virtualize your servers or take them to the cloud, then contact us to setup migration evaluation.
GPO – Exclude directories in Roaming Profile
GPO exclusions slash roaming profile sync time from minutes to seconds
Open Group Policy Management
Edit the Roaming Profile policy
Open User Configuration > Policies > Administrative Templates > System > User Profiles
Enable – Exclude directories in roaming profiles
Add the following directories – Downloads;AppData\Roaming\Slack;AppData\Roaming\Microsoft\Teams;AppData\Roaming\Zoom
Ok your way out
Open Windows Explorer and navigate to the user.v6 folder and delete the following folders:
Downloads
AppData\Roaming\Slack
AppData\Roaming\Microsoft\Teams
AppData\Roaming\Zoom
Wait 15 minutes for changes to propagate then reboot the effected machines and login again.
If your company is using roaming profiles to keep employees agile in the office, then contact us to setup a group policy evaluation.
Got a email from one of our co-managed IT / Tier3 / managed RMM clients that was having issues with DNS resolution. The network consists of a Synology NAS acting as Domain Controller / DNS Server and a VM on the Synology that runs the clients main application. Several of the workstations were having an issue where they could not browse to the IP address (\\192.168.0.11\sharename)of the application server at one time and could not browse to the UNC path (\\servername\sharename) of the same server on another day. First tried setting the external forwarders to Google DNS and the Forward Policy to Forward First, but the problem resurfaced. So we dug deeper into the DNS settings and found the following:
Stale DNS records break Synology name resolution—simple record cleanup fixes it
If you look closely the IP address of the server is 192.168.0.11 and the records for DNS servers associated with the domain above and below it point to servers outside the subnet of the application server (10.0.0.2). Upon further investigation this DNS server address was blocked by the firewall because it was an old IP address scheme that was no longer in use. The current good DNS server IP addresses are 192.168.40.10 and 192.168.0.10.
Turns out the stale DNS records were the problem. Made the needed changes to the DNS records and things are working great.
If your company needs a little extra help running the IT department, then contact us to setup a co-managed IT evaluation.
When The Walsh Group—one of the largest construction contractors in the United States—moved to the cloud, it realized it needed better ways to manage who accesses its systems. The company set up identity as the control plane—with Microsoft Azure Active Directory at the center and a zero-trust security stance to better protect access to all its resources. Now, The Walsh Group CIO says the company leads the industry in securing access to its hybrid environment, giving it a competitive advantage. Read the article for more.
Single secure vault eliminates password sprawl across business apps
Whether you are buying something from an online store, reading your email in the browser, checking your account balances, or uploading photos / videos to social media, most websites require an individual username and password when accessing their services. This raises various problems.
What’s with ALL the Passwords?
Using the same password for all the websites you access is a bad idea and horribly insecure. If we run a quick check on the “Dark Web” for your email address, it would likely show that hackers already know the one password you have been using forever. So the only other option is multiple passwords, which can easily go beyond the limits of our feeble human brains to keep track of OR people start creating a list that is typically typed up and saved on the computer – if a hacker gets into the computer then all the passwords are theirs too. So then the option is to find a secure way of storing and backing up these passwords, not to mention trying to make them easy to use.
Rangle Them Passwords!
That is the job of Password Management done by a small piece of software known as a password manager. It takes the complexity down to remembering the one password to open the software, then it tracks the rest from there. The good ones have the ability to generate passwords for you, store them in connection with the website you are visiting, auto-filling the password fields on the websites when you visit them again, and backup your passwords to the cloud – all with strong security and encryption to keep the hackers out of your business.
If your company is still typing passwords into a list, or worse have a paper list, then contact us for assistance migrating to a password manager.
Convert PPP payroll protection into permanent IT infrastructure gains
A bill in Congress has been brewing since October 2020 and finally passed in December 2020. Representative David Scott introduced H.R.8620 which is stated to:
“To permit payments for certain business software or cloud computing services as allowable uses of a loan made under the Paycheck Protection Program of the Small Business Administration.”
What PPP can do for you
This bill was an amendment to the Small Business Act that changes the definition of how PPP loan moneys can be used. The changes are as follows:
“the term ‘covered operations expenditure’ means a payment for any business software or cloud computing service that facilitates business operations, product or service delivery, the processing, payment, or tracking of payroll expenses, human resources, sales and billing functions, or accounting or tracking of supplies, inventory, records and expenses”
So what does this mean for your business? That you can apply for the PPP funds then use them to upgrade your out-of-date software that runs your company or use the funds to move your business into the cloud. There has never been a better time or excuse to discuss the possibilities of moving your business to the cloud and implementing those upgrades that have waited so long. By doing so you will position your company better for the Work From Home trend and be prepared for business expansion once the pandemic is over.
A small business owner leveraging modern cybersecurity tools—firewalls, multi‑factor authentication, and backups—to protect their company’s network and sensitive client data from cyber threats.
You may think cyberattacks are a “big‑company problem.” In 2026, that assumption is one of the most dangerous blind spots you can have. Cybercriminals increasingly target SMBs precisely because budgets are tighter, security is lighter, and breaches in small environments can be just as costly as in large enterprises. The question is no longer if a threat will hit your business, but when—and whether your people, data, and reputation are ready.
For a business‑owner audience, this post breaks down what “good cybersecurity” actually looks like in practice, gives you concrete steps your team can take, answers common client‑facing concerns, and shows how Farmhouse Networking can help you implement and maintain these protections without overhauling your operations.
Why SMBs Are Prime Targets
Cybercriminals are opportunistic: they look for the path of least resistance. SMBs often have limited IT staff, minimal security budgets, and patchy policies around email, passwords, and backups. That combination makes them ideal targets for ransomware, phishing, and data‑theft campaigns that can cripple operations and destroy customer trust in a matter of hours.
Regulatory scrutiny is also tightening. Even if you’re not a multinational, you may still face fines or contractual penalties if client or partner data is lost in a breach. Investing in cybersecurity is no longer “optional overhead”—it’s a core cost of doing business in 2026.
Practical Cybersecurity Steps for Business Owners
You don’t need a Fortune‑500‑level security team, but you do need structure. Here are the key areas every small or mid‑size business should address, along with specific actions your owner and IT team can immediately act on.
1. Lock Down Access with Strong Authentication
Require multi‑factor authentication (MFA) for all accounts that hold customer data, email, banking, or cloud services.
Prefer authenticator apps or hardware keys over SMS‑based codes to reduce phishing and SIM‑swapping risk.
Enforce strong password policies and provide a company‑approved password manager so teams don’t reuse passwords across personal and business services.
2. Patch Systems and Secure Endpoints
Turn on automatic updates for operating systems, browsers, and core business software (accounting, CRM, practice management).
Deploy next‑generation antivirus or EDR tools that monitor unusual behavior, not just known malware signatures.
Ensure every device that touches business data has disk encryption, screen‑lock timing, and basic firewall rules enabled.
3. Protect Networks and Wi‑Fi
Use business‑grade firewalls with default‑deny rules and logging, and avoid exposing unnecessary ports to the internet.
Configure Wi‑Fi networks with WPA3 encryption (or WPA2‑Enterprise), and keep guest Wi‑Fi on a separate, isolated segment.
Segment your network so that high‑value systems (financial and HR data, servers) sit on a separate, more tightly controlled segment.
4. Back Up Data and Plan for Incidents
Define what data is critical (client records, financials, contracts) and back it up regularly to an encrypted, cloud‑ or off‑site‑based solution.
Store multiple recovery points and test restorations periodically to ensure backups actually work.
Put a simple incident response plan in place: who gets notified, who talks to clients, and how you’ll isolate affected systems during a breach.
5. Train Your Team and Manage Email Risk
Conduct regular, short security training focused on phishing, password hygiene, and safe handling of sensitive data.
Deploy an email security gateway that scans attachments, rewrites malicious URLs, and quarantines suspicious messages before they reach inboxes.
Establish clear rules for sharing sensitive data via email (e.g., no client SSNs or insurance numbers in plain text) and enforce them.
Common Client Questions (and How to Answer Them)
When you talk to clients about cybersecurity, they’ll naturally ask around cost, risk, and responsibility. Framing these clearly builds trust and positions your business as a professional partner, not just a vendor.
“Won’t this slow down our operations?”
Answer: Modern security tools are designed to run quietly in the background. Properly configured firewalls, MFA, and endpoint protection add minimal friction while stopping the vast majority of automated attacks. Think of it like seat belts and airbags: you don’t feel them every day, but they’re critical when something goes wrong.
“We’re a small business; do we really need this much protection?”
Answer: Cybercriminals are increasingly using AI‑driven tools to probe and exploit small businesses precisely because defenses are weaker. A single breach can mean downtime, legal fees, and reputational damage that can take years to recover from. Basic, layered security is now table stakes for reputable SMBs.
“How do you know if our network is secure enough?”
Answer: There’s no “perfectly secure” state, but there are measurable baselines:
Are critical systems encrypted and backed up?
Is MFA enforced on all key accounts?
Are software and firmware updated regularly?
Are there clear policies and training for staff? A third‑party security audit or network assessment can map these gaps and prioritize where to invest next.
How Farmhouse Networking Can Help
Farmhouse Networking is built to help small and mid‑size businesses implement, manage, and maintain these cybersecurity measures without the overhead of a full‑time, in‑house security team. We focus on practical, cost‑effective solutions that fit your budget and workflow.
Here’s how we support your cybersecurity efforts:
Network and firewall configuration: We design and harden your network so that only necessary services are exposed, and sensitive systems are segmented and monitored.
Endpoint protection and patch management: We deploy and manage modern antivirus/EDR tools, ensure automatic updates, and enforce device‑level security policies across laptops, desktops, and mobile devices.
MFA, password policy, and access controls: We help you implement MFA everywhere it matters and set up role‑based access so employees only see the data they need.
Backup and incident readiness: We design a backup strategy tailored to your business‑critical data and help you define a simple incident response playbook so you know what to do if something goes wrong.
Ongoing monitoring and training support: We can monitor key security events and provide guidance on regular, brief security training sessions so your team stays alert without disrupting daily operations.
Take the Next Step Today
If you’re a small or mid‑size business owner, now is the time to treat cybersecurity as a core business function, not an afterthought. Simple, layered defenses—strong authentication, regular patching, secure networks, and reliable backups—can dramatically reduce your risk and keep your operations running even when threats emerge.
If you’d like to see how Farmhouse Networking can help you implement these steps with minimal disruption to your team, email us atsupport@farmhousenetworking.comfor a consultation. We’ll review your current setup, identify your top risks, and build a tailored plan that keeps your data, customers, and reputation safe in 2026 and beyond.
ProTips for successful Windows Server 2012 backup restoration
Here are some lessons learned from a recent recovery of a server with the following error:
Lesson #1 – Blinking Hard Drives
So when I got to the customer site the Dell server had blinking hard drive lights on two of the drives. Based on the support article about it the lights meant -“Identifying drive or preparing for removal.” and digging into the RAID controller I found the worst possible scenario for a RAID-5 array – two dead hard drives. I removed the two dead drives, cleared the configuration on the RAID controller, built a new RAID-5 array out of the remaining drives (4 out of 6), and did a fast initialize.
Lesson #2 – Drive letters on Windows Server Backup
Not sure if anyone else has noticed, but when Windows Server Backup is setup to use an external drive it likes to hide the drive by not assigning it a drive letter. This caused a few issues with the restore done from Windows Server 2012 R2 USB boot media as it couldn’t find the drive. I had to connect the external drive to my laptop then give it a drive letter. Plugged it back into the server and rebooted.
Lesson #3 – Patience is a virtue in Scanning for System Image Disks
Following the basic instructions for doing a Windows Server Backup 2012 Restore via Windows Server 2012 R2 USB boot media it came to the point where it does the scanning for System Image Disks. Turns out this can take hours depending on the speed of the drive plus the size and quantity of restores you have on the external drive. Just wait for the process to complete.
Lesson #4 – UEFI or Legacy BIOS matters
So you waited all that time for the Scanning for System Image Disks to complete and now that precious moment arrives when you realize that the Windows Server 2012 R2 USB boot media that you created was UEFI instead of legacy BIOS and the restore fails telling you so. Make sure that when you create the Windows Server 2012 R2 USB boot media that you change the settings to match the system that you are trying to restore.
Hope that these lessons help a few other Windows Server admins, who are trying to do a Windows Server Backup 2012 Restore, save some time and frustration. If you are looking for a better way to do backup and restore then contact us for details.
Farmhouse Networking continues to make strides in providing our customers with the best, most cost effective, and environmentally friendly computing experience possible. Part of that process is what has come to be known as Lifecycle Management. Each piece of hardware has an expected amount of time in which it is cost effective to use and support it. Once this time frame has been exceeded the cost of supporting the device becomes greater than the cost as shown in the following graph:
Turn retired IT assets into profit through strategic lifecycle management
FHN Lifecycle Management
So the question remains what to do with the old computers when the time comes to replace them. Previously here in Grants Pass, OR we could support a local charity by taking them to Southern Oregon Aspire to have the computers dismantled and hard drives shredded. Now that their doors are closed we are stuck with dropping them off at the local dump, but what if you could make money while being responsible with the environment?
Farmhouse Networking is now partnering with a company called Arcoa, who do just that. Here is what they do in their R2 rated responsible recycling facility:
“We help you recover value from retired electronic equipment through responsible methods of reuse and recycling. Resale offers the best potential for value recovery, but the fast pace of innovations in technology and short product life cycles can limit equipment’s potential for reuse. From there, the best option may be to recycle the items in an environmentally friendly manner. We’ve built a robust de-manufacturing process to offer additional options for asset value recovery by disassembling equipment for commodity grade materials, which can be diverted from landfills and be used to create new materials.”
Hard drives will be electronically wiped, magnetically degaussed, or shredded based on need. The rest of the parts will be dismantled and sold with part of the profit returning to your company to help offset the cost of buying new computers. What could be better than making money on the buy?
If your company is heading towards a hardware refresh, then make the environmentally sound choice by contacting us for assistance.
There has been information released by a security research firm called Eclypsium that there is a vulnerability dubbed Boothole in Unified Extensible Firmware Interface (UEFI) Secure Boot that would allow an attacker to completely take over a workstation, laptop, or server and be nearly undetectable. All hardware vendors will have to send out updates in the near future to patch the UEFI code to secure it against this “BootHole” vulnerability. Due to the difficulty in designing and testing these types of updates it will be some time before they are released. We will keep you posted as to the release of these updates as they become available.
If your company is concerned about security, then contact us for assistance.
Registry key excluding sync folders resolves Windows roaming profile errors
Had a client receive the message “There was a problem with your roaming profile…” after logging into another computer on the domain. Research and found that a simple registry fix was available, but most fixes wanted admins to export a key from another working profile then import it into the broken one. Here is the actual registry key that was used to fix the profile:
Registry Fix for roaming profile was not completely synchronized
Open Registry Editor as the broken user and NOT administrator
Navigate to HKCU > SOFTWARE > Microsoft > Windows NT > CurrentVersion > Winlogon
Right click and choose New > String Value and give it the name ExcludeProfileDirs
Enter the following – AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders
And God will generously provide all you need. Then you will always have everything you need and plenty left over to share with others. As the Scriptures say,
“They share freely and give generously to the poor. Their good deeds will be remembered forever.”
For God is the one who provides seed for the farmer and then bread to eat. In the same way, he will provide and increase your resources and then produce a great harvest of generosity in you. - 2 Corinthians 9:8-10
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
