Every small business has one.
The person who swapped out the RAM a few years ago. Who set up the Wi-Fi. Who "handles the tech stuff." Who you call when something stops working.
They are not malicious. They are helpful, willing, and usually faster than anyone else on the team when it comes to clicking through a settings panel.
The problem is that they do not know what they do not know.
And the gap between what they confidently handle and what they actually understand is where businesses get hurt.
What this looks like in practice
Here are three scenarios we have seen play out more than once. Not edge cases. Common ones.
The domain that nobody controls anymore
Your tech-savvy employee bought the domain years ago. They used their personal Gmail account because it was the fastest path at the time. Nobody thought to document it.
Then they left.
You text them. They call back eventually. They lost access to that Gmail account months ago. The password manager they used was personal. The recovery phone number was their old cell. The backup email was something they do not remember.
You contact the registrar. The registrar does not care who your developer is. They do not care that you are the business owner. They care about the account holder — and that account holder is gone, locked out, and not very motivated to spend their weekend on this.
So now you have a domain that is technically yours in spirit and completely inaccessible in practice.
The registrar's "IT admin backup email" field exists but is largely cosmetic. It will not save you here.
At some point, you are having a conversation you never wanted to have: what alternative domain names might work for your business?
That is why you need someone in the beginning who sets this up the right way — under a company-owned account, with proper recovery options, documented and owned by the business.
The Microsoft 365 account nobody is reading
Your tech person set up the main company email. They used a distribution list as the Microsoft 365 admin contact. It made sense at the time.
The problem is they only added themselves to that distribution list. They were the only one getting billing notices, security alerts, and Microsoft communications.
They left. The mailbox got deleted or abandoned. Nobody noticed — because nothing seemed broken on the surface.
But for months, lead inquiries to that address have been bouncing silently, or landing in a dead inbox, or getting quietly discarded. You spent money on an SEO campaign. Leads came in. Nobody followed up because the inbox did not exist anymore.
You find out six months later when a prospective client calls instead of emailing and mentions they tried to reach you a few times.
You were losing business and had no way to know.
The domain expiration notice that turned out to be real
You received an email that looked like spam. It said your domain was about to expire forever — urgent action required. You ignored it because you get a dozen of these a month.
Then someone mentioned it again and you looked more carefully. The expiration date in the message matched your actual domain. You pulled up the registrar. The domain was expiring in less than 24 hours.
Now what?
You have no admin access. You are not qualified to navigate a domain rescue under time pressure. The registrar's support queue is not designed for this kind of urgency. Your website is about to go dark, and your email with it.
That is where we come in. But ideally, you never reach that point.
Why this keeps happening
None of these people did anything wrong, exactly.
They did what helpful, technically-inclined employees do. They solved the immediate problem with whatever was convenient. They did not think about transition planning, documentation, or account ownership because those are not the kinds of things someone learns from swapping RAM or clicking around in antivirus software.
Formal IT training covers this. Experience in environments where systems break and cause real consequences covers this. Helpful intuition does not.
The gap is not knowledge of computers. It is knowledge of what can go wrong — and what "correctly set up" actually means from a business continuity standpoint.
What correctly set up looks like
- Domain registered under a company-owned account, with recovery options tied to the business, not any individual
- Admin contacts pointing to active mailboxes the business actually controls
- Microsoft 365 or Google Workspace accounts owned at the business level, not personal accounts
- Distribution lists configured and tested, with more than one person receiving critical notices
- Renewals on auto-renew, with billing tied to a card the company controls
- Someone responsible for reviewing expiration dates and account access at least once a year
None of this is complicated. It is just not something most businesses think to do until something breaks.
What we do about it
We audit what you have, document who owns what, fix the access problems that can be fixed, and help you build the kind of setup that survives a person leaving.
That is not glamorous work. But it is the kind of thing that keeps you from losing a domain you built a business around.
If you recognize any of these scenarios, get in touch. We can tell you what we find before it becomes a crisis.