--- id: 3057 slug: the-old-pc-in-the-corner-why-small-businesses-are-still-running-their-files-on-ageing-office-hardware type: post title: "The Old PC in the Corner: Why Small Businesses Are Still Running Their Files on Ageing Office Hardware" summary: "There’s a quiet pattern we see again and again across UK small businesses. An old desktop PC, sitting under a desk or on a shelf in the corner of an office. It hosts the shared files. It may even run…" problem: "" solution: "" tools_used: - n/a pricing_range: "" timeline: "" compliance_framework: "" contact_endpoint: "" author: "whitearrowtechnology.com" last_updated: "2026-06-11" compliance_tags: - none canonical_url: "https://whitearrowtechnology.co.uk/the-old-pc-in-the-corner-why-small-businesses-are-still-running-their-files-on-ageing-office-hardware/" api_url: "https://whitearrowtechnology.co.uk/wp-json/wa/v1/content/the-old-pc-in-the-corner-why-small-businesses-are-still-running-their-files-on-ageing-office-hardware" content_hash: "sha256:74013730cbf24fbb0d9aa4829683f46eb08634fcdab57f71f05ba248bbf0d675" updated_at: "2026-06-11T20:26:18+00:00" schema_type: "Article" --- # The Old PC in the Corner: Why Small Businesses Are Still Running Their Files on Ageing Office Hardware There’s a quiet pattern we see again and again across UK small businesses. An old desktop PC, sitting under a desk or on a shelf in the corner of an office. It hosts the shared files. It may even run a piece of business-critical software. It has a folder mapped on every laptop in the company. And — quietly, for years — it has been the centre of gravity for everything the business does. It works. Mostly. Until one day it doesn’t. If you recognise this picture, this article is for you. We see this setup constantly across small businesses, and the journey from “it’s been fine so far” to “we need to do something about this” tells a story every small business owner should understand. How the office server happens No one designs a small business around an old desktop PC. It evolves. Maybe it started when the business had two people and they wanted to share a folder. A friend suggested putting a PC in the corner with mapped network drives. Maybe the company grew, and the same PC just kept being used because it still worked. A remote-access tool got bolted on so the owner could reach files from home. An external hard drive was plugged in for “backups,” which got done manually whenever someone remembered. The setup grew with the business — not because anyone planned it, but because nothing ever broke badly enough to force a change. The problem is that nothing ever has to break for this kind of setup to be quietly failing you. The four hidden risks no one talks about 1. The hardware is the single point of failure for your whole business That PC isn’t enterprise hardware. It’s a regular desktop machine. It has one consumer-grade drive. One power supply. One cooling fan. It sits in a room that wasn’t designed for IT equipment. Power cuts, heat, a knocked cable, a failing drive — any of these takes the entire business offline until it’s recovered. And if the drive itself fails, the recovery isn’t “switch to the backup,” it’s “let’s hope the external drive has a recent copy.” We’ve seen firms lose three or four working days to a single dead drive. For a professional services business billing at £150–£250 per hour, that’s not a minor inconvenience — it’s tens of thousands of pounds of lost work. 2. Backups that exist on paper, not in reality Almost every small business we talk to has “a backup” — usually an external drive that someone is supposed to plug in once a week. Almost none of them have tested whether that backup actually works. The honest truth most owners admit when pressed: the backups have become irregular. Maybe it was weekly six months ago. Now it’s “when I remember.” Some have stopped entirely. And no one has tried to actually restore a file from those backups to confirm they’re not corrupted. A backup you’ve never tested is not a backup. It’s an assumption. 3. Sensitive data sitting on an unmanaged device If your business handles client identity documents, compliance records, financial information, or any personal data, you have specific obligations under UK GDPR and your sector regulations. The Information Commissioner’s Office doesn’t look kindly on “the data was on a PC in the corner of the office.” If that PC is lost, stolen, taken home by the wrong person, or compromised by ransomware, you have: A potential reportable data breach No way to remotely lock or wipe the device No log of who accessed what A very uncomfortable conversation with your regulator This isn’t theoretical. The ICO issues fines for exactly this kind of incident regularly. Small businesses are not exempt — they’re disproportionately likely to be targeted precisely because their security tends to be weaker. 4. The setup doesn’t scale, and you’ll notice exactly when it matters most The moment the business grows, the old PC setup starts to creak. Mapped drives that worked for two people start producing permission errors. Files get edited on local copies and never sync back. Two people open the same file and the “second copy” version appears. Onboarding a new starter becomes a half-day project of configuring drives, installing remote-access clients, and explaining workarounds. The infrastructure starts holding the business back at exactly the moment you’re trying to grow. What modernising actually looks like The good news is that the alternative isn’t complicated, and it isn’t enterprise-grade or expensive. It’s the standard way small businesses now run their files: properly architected Microsoft 365 with SharePoint, OneDrive, and a layer of independent backup. In plain English, here’s what that means in practice: Your files live in the cloud, but feel local. Every laptop in the business shows the company’s shared folders inside the normal Windows File Explorer. Staff open files the same way they always did. No new app to learn. No new place to look. The difference is that the files are now stored centrally in Microsoft’s data centres, with automatic version history, no risk of “I edited the wrong copy,” and access from any device anywhere. Each person has their own identity and their own access. Instead of one shared login on the office PC, every member of staff has their own account. You decide who sees what — confidential management files, restricted HR and payroll, general team resources, client folders accessible only to the people working on that client. When someone leaves, you switch off their account in 30 seconds and their access disappears. The hardware question goes away. No more old PC in the corner. No more single point of failure. If a laptop dies tomorrow, you buy a new one, sign in, and within an hour you’re working again with all your files intact. If the office burns down (it has happened to businesses we’ve spoken to), the data is unaffected. Backups become real, not theoretical. A proper third-party backup service runs automatically every day, keeps multiple versions of every file, and is independent of Microsoft. If a file is accidentally deleted, encrypted by ransomware, or overwritten — you restore it in minutes, from any point in the last several years. You don’t have to remember to plug in a drive. You don’t have to wonder if it’s working. Security catches up to the threat level. Two-factor authentication on every account. Devices that can be remotely wiped if lost. Suspicious sign-in attempts from unusual locations get blocked automatically. Email gets scanned for phishing and malware before it lands in anyone’s inbox. None of this requires you to become a security expert — it runs in the background. What modernising doesn’t look like It isn’t a six-month enterprise IT project with project managers, change advisory boards, and seven-figure invoices. For a small business, this is typically a four-week implementation followed by a brief settling-in period. Most staff notice almost nothing different about their day-to-day work, except that things stop occasionally breaking. It also isn’t a forced step into “the cloud” where you lose control of your data. You keep ownership of everything. You can export it all at any time. If you ever want to switch providers, you can. There’s no lock-in beyond the natural fact that you’ll have learned how to use it. And it isn’t a luxury or a nice-to-have. For any business handling client data, it’s increasingly the baseline expectation from regulators, insurers, and the clients themselves. Cyber insurance premiums for businesses without proper security controls are climbing sharply, and many insurers are refusing cover altogether without basic measures in place. What it actually costs For most UK small businesses, the picture looks roughly like this: A one-off project cost to design, build, migrate, and roll out the new setup. The specific figure depends on data volume, number of users, and complexity — but for a typical small professional services firm, it’s a few thousand pounds, not tens of thousands. Spread that across the lifetime of the setup and it’s a fraction of what the business would lose to a single significant incident. An ongoing monthly cost per user, covering the Microsoft 365 licences, security tools, and backup. For most firms this lands in the region of a good lunch out per person per month. There are also savings that often go unnoticed: the existing PC’s electricity, the cost of replacing it when it eventually dies, the cost of staff time lost to outages and workarounds, the cost of separate Office licences or personal subscriptions that get replaced by what’s already included. When the project is positioned against the cost of a single data breach, a single ransomware incident, or a single week of downtime, the maths usually changes the question from “can we afford to do this?” to “can we afford not to?” The case for doing it sooner rather than later The most common reason small businesses delay this kind of project is that nothing is on fire. The old PC still works. The backups have always been “good enough.” There hasn’t been an incident yet. The flaw in that reasoning is the word yet. Every business owner who has gone through a data incident says the same thing afterwards: they wish they’d modernised before it happened, not after. After is too late. After means data loss, lost clients, regulatory conversations, reputation damage, sleepless nights, and the same modernisation project anyway — only now done in panic mode at higher cost. The firms who modernise calmly and in advance get the cheap, low-stress version of the project. The firms who wait until something goes wrong get the expensive, high-stress version, with damage already done. A practical first step If any of this is recognisable, the most useful thing you can do is not to commit to a project — it’s to get an honest, unhurried assessment of where you actually stand. That means looking at what hardware your business genuinely depends on, what would happen tomorrow if it failed, what your actual data retention and security obligations are under your sector regulations, and what the real cost (in time, money, and risk) of your current setup is. It’s not a sales conversation. It’s a diagnostic one. The output is a clear picture of your current position and what would need to change — even if you decide not to do anything about it for another six months. Knowing is the point. We do this kind of assessment regularly for UK small businesses. It typically takes around an hour, can be done remotely, and produces a written summary you can keep regardless of what you decide to do next. If you’d like to have that conversation, get in touch. And if you’d rather just keep thinking about it for now, that’s fine too — the article was meant to be useful, not to push. White Arrow Technology helps UK small businesses move away from ageing local infrastructure to properly architected, secure cloud setups. We work with professional services firms where data security is a baseline requirement, not an optional extra.