Microsoft Teams Phone for Melbourne Businesses: Replace Your Old PBX in 60 Days

If your Melbourne business is still running on a traditional PBX phone system — physical handsets cabled to a box in the comms cupboard — you’re paying more than you need to and your phones probably can’t do half of what your staff want them to. Microsoft Teams Phone is the cloud-based phone replacement that most Melbourne SMEs are now using. The migration takes about 60 days when scoped properly.

This post is for the office manager or IT-responsible person at a Melbourne business thinking about retiring the old PBX. We’ll cover what Teams Phone is, what the migration looks like in practice, what it costs, and when not to do it.

What Teams Phone actually is

Teams Phone turns Microsoft Teams into your business phone system. Each staff member gets a phone number. They make and receive calls through the Teams app on their laptop or mobile, or through a Teams-compatible desk phone if they want one. Calls can ring multiple devices simultaneously, transfer, hold, conference. Auto-attendants, hunt groups, call queues, voicemail-to-email all work the same way they did on the old PBX — usually better.

Teams Phone replaces the PBX. It doesn’t replace the phone numbers. You can port your existing numbers across; users keep their direct dial numbers; the main number, the toll-free number, the after-hours line all migrate.

Why Melbourne businesses are migrating in 2026

Three drivers, in roughly the order we hear them:

1. PBX hardware is at end-of-life. The Avaya, NEC, Mitel, or Cisco hardware in the comms cupboard was bought between 2014 and 2018. The vendor has been making “you should plan to upgrade” noises for two years. The replacement quote is $25,000-$60,000 for a like-for-like PBX. Teams Phone is cheaper to set up and significantly cheaper to run.

2. Hybrid and remote work has broken the office-phone paradigm. Half your staff work from home some days. The desk phone in the office only rings to a desk that’s empty Tuesdays and Thursdays. Calls go to voicemail, customers feel ignored, sales get missed. Teams Phone follows the user wherever they are.

3. The PBX has features nobody uses. Most PBXes were sold with elaborate feature sets — call recording, call accounting, music on hold, complex routing — that the business uses 10% of. Teams Phone covers the 10% that’s actually used, plus the integration with Teams chat, Teams meetings, Outlook calendar that the PBX never had.

Days 1-15: Discovery and design

The first two weeks aren’t about installing anything. They’re about understanding what the current phone system actually does — which is usually different from what the business thinks it does.

We map every number on the system: direct dials for staff, main numbers, after-hours numbers, fax numbers (yes, still), test numbers, that one number nobody’s sure what it does but everyone’s afraid to remove. We document every routing rule: who answers the main number first, what happens at lunch, what the after-hours pathway looks like, where IVRs branch.

Then we design the Teams Phone configuration: who gets a number, what the auto-attendants say, what the call queues look like, who can transfer to whom. We also confirm licensing: Teams Phone is an add-on to M365, currently around $13-$15 AUD per user per month for the basic plan, more for international calling bundles.

Days 16-30: Build and test

The middle two weeks are configuration in a parallel environment. We provision Teams Phone licenses for everyone, configure the auto-attendants, set up the call queues, test the routing. Users do nothing different — the existing PBX is still serving live calls.

This is also when we coordinate with the carrier. Number porting (moving the existing numbers to Microsoft) takes 5-15 business days for most carriers. We submit the port requests in week three for completion in week four or five. Direct routing or Operator Connect? We choose based on the existing carrier relationship and what’s more cost-effective for the business.

Days 31-45: Pilot and rollout

A pilot group — usually 10-15% of staff including someone from the leadership team and someone from reception — moves to Teams Phone first. Their numbers are already ported. They use Teams for calls for a fortnight and report back. We tune the configuration based on what they find.

Then everyone else moves in two waves over the following week. Reception goes last because their setup is the most complex (multiple lines, transfer relationships, the auto-attendant integration).

Days 46-60: Cutover, decommission, and tuning

Final port windows complete. The old PBX is taken offline (sometimes there’s a quiet 7-day overlap so anyone with the old DDI on a business card or Google profile gets a few days’ transition — but the system isn’t actually answering calls).

The PBX hardware is decommissioned. The comms-cupboard cables are tidied. The maintenance contract with the PBX vendor is cancelled. The handsets are recycled or repurposed (Teams-compatible models can keep running; older models go to e-waste).

The final two weeks are tuning. The auto-attendant prompts get edited based on real customer feedback. The hunt group ordering gets tweaked. The voicemail greetings get re-recorded. By day 60, the system is running cleanly and the staff barely remember the old PBX.

What it costs, in Melbourne, 2026

For a 30-user Melbourne business currently running a traditional PBX:

  • Migration project: $8,000-$18,000 fixed-fee depending on complexity (number of auto-attendants, call queues, integrations)
  • Teams Phone licensing: $13-$23 per user per month for domestic, more for international calling bundles, included in Microsoft 365 E5
  • Carrier costs: typically $20-$40 per number per month (mostly the same as your current PSTN line cost)
  • Hardware (optional): Teams-compatible desk phones if anyone wants them, $200-$400 each. Most users don’t need them — Teams on the laptop and mobile is enough.

Total monthly cost for a 30-user business: typically $1,200-$1,900 per month all-in. Compare to traditional PBX maintenance ($800-$1,500) plus PSTN lines ($600-$1,200) plus inevitable hardware refresh — and Teams Phone is usually 30-40% cheaper running cost.

When not to migrate

Teams Phone isn’t the right answer for everyone:

  • Contact centres with 50+ agents handling high call volumes. Teams Phone’s call queue and reporting capabilities are improving but a dedicated contact centre platform (Five9, Genesys, NICE) still beats it.
  • Highly bespoke IVR or call routing. If you’ve got 200 routing rules and a custom CRM integration that picks up call routing from a database, that’s a different conversation.
  • Patchy internet at the office. Teams Phone needs reliable internet. If your office is on flaky NBN with no failover, fix that before the phone migration.

For most Melbourne SMEs of 5-200 staff with general office work, Teams Phone is the right answer.

Reference points

Our Microsoft 365 support Melbourne service covers Teams Phone administration as part of the ongoing M365 support fee. The business phone systems page covers the broader phone-system options if Teams Phone isn’t right for your specific case.

What to do next

If your PBX is on borrowed time, get the discovery scoping done now — before the maintenance contract renews and you’re locked into another year. The discovery alone tells you whether Teams Phone is right for you, and if it is, the project pays for itself within about 12 months on running costs.

Book a 60-day cutover plan — we’ll walk through your current PBX in 90 minutes and send a written migration plan and quote within a week.

“Microsoft 365 Support” is sold by every MSP in Melbourne, and what you actually get differs wildly. Some MSPs include M365 administration in their flat monthly fee. Some bill it hourly. Some include “basic support” but charge separately for new account setup, mailbox migration, security configuration, or anything they categorise as “project work”. The lack of a standard makes comparison painful.

This post lays out what’s in our Microsoft 365 support service for Melbourne SMEs, what’s optional, and what we charge separately for. If you’re shortlisting MSPs, you can use it as a checklist to ask each provider the same question.

What’s always included

The flat monthly fee covers ongoing operations of your M365 tenant. Specifically:

  • User account management. New starter setup, leaver offboarding, name changes, password resets, MFA enrolment, license assignment
  • Helpdesk for M365 issues. Outlook acting up, Teams not connecting, OneDrive not syncing, “I can’t share this file with my client”, “this PDF won’t open” — answered during business hours, escalated to vendor where needed
  • Security operations. Conditional Access rule maintenance, MFA rollout to new users, security alerts triaged, suspicious sign-in investigations
  • Patch and update management. Office app updates, Windows updates on managed devices, Teams version control
  • License management. Right-sizing your licenses as headcount changes, alerting you before licenses run out, recommending licensing tier changes when business needs shift
  • Vendor escalation. When something is genuinely Microsoft’s problem and not yours, we open the support ticket with Microsoft and ride it. You don’t sit on hold to a Microsoft 365 helpdesk in Manila.
  • Quarterly tenant review. A 30-minute walk-through of your tenant settings, security posture, license utilisation, and recommendations for the next quarter

What’s optional and packaged at fixed fees

Some things sit outside ongoing operations because they’re either project-shaped or genuinely additional to the standard service:

  • Migration projects. Moving from on-premises Exchange, Google Workspace, or another M365 tenant. Fixed-fee scoped per environment
  • SharePoint information architecture redesign. If your SharePoint is a mess, fixing it is a one-time project, not ongoing operations
  • Power Platform development. Power Automate flows, Power Apps applications, Power BI reports — when these need to be built or significantly revised
  • Compliance evidence pack production. For tender responses, insurance renewals, or audits — fixed fee per pack, with annual refresh
  • End-user training programs. Beyond the standard induction we provide for new starters — workshops, lunch-and-learn sessions, recorded video content
  • Power BI dataset and dashboard development. When the request goes from “fix this report” to “build this department’s reporting suite from scratch”

What we charge for separately

A small number of things are billed at standard hourly project rates rather than included or fixed:

  • Bespoke automation development. Custom scripts, complex Power Automate flows, integrations with non-Microsoft systems — quoted per project
  • Major after-hours incident response. Standard incident response is included; multi-hour out-of-hours engagements (like a 6-hour ransomware investigation on a Saturday night) are separately billed at the after-hours rate disclosed in the contract
  • Migration of legacy archive data. Moving 10 years of PSTs into a new tenant is a project; the time-spent variance is too wide to flat-fee
  • Third-party tool selection and procurement. If you want us to evaluate and select a backup tool, a SharePoint migration tool, or a security add-on, that’s consulting work

What we don’t do (and where you should be careful)

A few things we explicitly don’t include in M365 support, and that we’d advise you to scrutinise carefully if other MSPs do:

“Unlimited training”. No reputable MSP offers unlimited training in a flat fee. The economics don’t work. If it’s promised, expect it to be poor quality.

“All projects included”. Same problem. Flat-fee models work for predictable operational work; they don’t work for unbounded project work.

“We’ll write your custom apps as part of the support fee”. Power Apps development isn’t ongoing support. If it’s promised at no extra cost, the support fee is funding development hours that should be quoted separately.

“24/7 support included”. Possible if the MSP has a real after-hours team or partners with a 24/7 SOC. Be specific about what 24/7 means: is it 30-minute response on critical incidents? Is it any-time helpdesk? Is it “we’ll get back to you Monday”?

What our Melbourne M365 support service costs

For a 50-staff Melbourne SME on M365 Business Premium licensing:

  • Standalone M365 support: approximately $35-$55 per user per month, with the lower end if you’re already on a hardened tenant and the higher end if we’re tuning up the security posture as part of onboarding
  • Bundled with managed IT: M365 support is included as part of our standard managed IT services Melbourne fee — no separate line item
  • Bundled with managed security: we add Defender for Office 365 advanced features, MDR, and email security tuning into the package

If you’re being quoted under that range, ask carefully what’s excluded. If above, ask what’s included that you might not need.

Common things Melbourne SMEs ask us to add

From conversations with Melbourne clients in 2025-2026:

  • Email signature management across the tenant (a tool that enforces a single corporate signature)
  • External-sender warning banners on inbound email
  • Banking-keyword alerts to catch supplier-fraud attempts
  • Defender for Office 365 attack simulator for phishing training
  • Power BI reporting on tenant adoption and security posture
  • Email retention policy aligned with Australian Privacy Act expectations

Each of these is a couple of hours of configuration work, not an ongoing extra cost. Most are included in our M365 support service.

How to compare Melbourne M365 support quotes apples-to-apples

Send each MSP the same email with the same questions. We’d suggest:

  • Per-user monthly fee at our headcount
  • What’s specifically included for that fee (use the list above as a baseline)
  • What’s excluded — give me the exclusion list in writing
  • What you charge for new starter setup, leaver offboarding, MFA reset
  • What you charge for after-hours emergency support
  • What’s the SLA for response and for resolution
  • What does your offboarding process look like if I switch providers

The MSPs that won’t answer those in writing are the ones to walk away from.

Reference points

For the broader managed IT context, our managed IT services Melbourne page covers what’s included end-to-end. For the security side, the Office 365 security hardening piece is the operational detail. Licensing tier comparison is in Microsoft 365 Business vs Enterprise.

What to do next

If you’re shortlisting M365 support providers, get the inclusion/exclusion list from each in writing before any sales call. The differences will be more telling than the headline price.

Ask for a no-spin support quote — we’ll send the same inclusion list, exclusion list, and SLA we’d put in a contract.

Microsoft 365 migration is the most-discussed and most-misunderstood IT project in Melbourne in 2026. Half the SMEs we talk to think they’ve migrated already (because they bought M365 licenses). Half think it’s harder than it is (because the project they did with their last MSP went sideways). Most are sitting somewhere in between: they have email and Teams in M365, but SharePoint is a mess, OneDrive isn’t really being used properly, and security configuration was never finished.

This is a step-by-step migration guide for a Melbourne SME of 20-200 staff in 2026. It assumes you’re either coming from on-premises Exchange and file shares, from Google Workspace, or from a partial M365 deployment that needs to be cleaned up.

Phase 0 (week 0): Honest discovery

Before you migrate anything, you map what exists. Every email account, every shared mailbox, every file share, every line-of-business app integration with email or files, every recurring meeting, every distribution list, every M365 license you’re already paying for. Most Melbourne SMEs are surprised at how much shadow IT and unused licensing turns up.

Output: a discovery document covering source environment (Exchange version, file server topology, current backup), target M365 tenant (existing or new), licensing plan (right-sized for the headcount, not over-bought), and risk register.

Phase 1 (weeks 1-2): Tenant setup and identity

Stand up the M365 tenant or clean up the existing one. Configure DNS, MX records, SPF, DKIM, DMARC. Set up Azure AD Connect (or Entra ID Connect, current branding) if you’re syncing from on-premises Active Directory. Create accounts for everyone, with named admin accounts separate from day-to-day accounts.

This is also where you set up the security baseline. Conditional Access policies. MFA enrolment for everyone (admins first, then staff in a planned rollout). Defender for Business or Defender for Office 365 enabled. Audit logging on. Don’t migrate any data into a tenant without these in place — you’ll be moving data into an unhardened environment.

The detailed configuration is what our Office 365 security hardening piece covers.

Phase 2 (weeks 3-4): Email migration

Most migrations move email first because it’s the most user-visible and the most complex. Two main approaches: cutover migration (everyone moves on a single weekend) for organisations under ~30 mailboxes, or staged migration (mailbox-by-mailbox over weeks) for larger organisations.

Things that go wrong:

  • Shared mailboxes that someone uses but nobody owns. Discover them in Phase 0.
  • Old archive PSTs that need to come into the new mailbox. Plan for the import time.
  • Mobile devices reauthenticating with old credentials. Send the comms in advance with screenshots for both iOS and Android.
  • The marketing automation tool that uses an alias that didn’t make the migration list. List every system that sends or receives email and check each one.

For more detail on this phase, see our 5 essential steps for Office 365 migration piece.

Phase 3 (weeks 5-7): SharePoint and OneDrive

File migration is where most Melbourne M365 projects under-deliver. The temptation is to lift-and-shift the existing file share structure into SharePoint. Don’t. The result is a SharePoint that’s hard to navigate, hard to govern, and stops being adopted within months.

The right approach: design the SharePoint information architecture from the business workflow up. Sites for departments. Channels in Teams for projects. OneDrive for individual work. A retention policy. A sharing policy (especially around external sharing — by default, M365 lets users share files with anyone; lock that down before migration, not after).

Then migrate file-share data into the new structure, with archiving for data older than 12 months that nobody can prove is needed. Most file shares we’ve migrated were 60-80% archived material that never needed to be in the active workspace.

Phase 4 (weeks 8-9): Teams, governance, and adoption

Teams adoption is the difference between a successful M365 deployment and a “we paid for licenses but nobody uses them” deployment. Pick three to five business processes (project communication, approvals, leave requests, customer onboarding) and design the Teams workflows for them. Train people on those specific workflows. Don’t try to teach Teams as a whole platform — teach it as the tool for the specific things they’re already doing.

Governance matters too. Who can create new Teams? Who approves external sharing? What happens to a Team when its project ends? Document these in a one-page governance model and put it somewhere people will find it.

Phase 5 (week 10): Project sign-off and ongoing operations

Before you call the project done: confirm every account has MFA enrolled and is logging in successfully. Confirm Conditional Access policies are blocking what they should and not blocking what they shouldn’t. Confirm backups are running on the new M365 environment (M365’s native retention isn’t a backup — get a third-party backup tool). Confirm the user adoption metrics in M365 admin centre look right (low Teams usage at the end of week 10 is a sign training didn’t land).

Then transition the environment to ongoing managed support. The post-migration tuning over the next 90 days catches the issues users found but didn’t report.

Common mistakes Melbourne SMEs make

From the migration projects we’ve recovered for other people:

  • Migrating before security hardening. The first phishing email after migration finds an unprotected tenant.
  • Choosing the wrong license tier. M365 Business Standard for 50 staff at a regulated business is the wrong call. Microsoft 365 Business vs Enterprise covers the trade-offs.
  • Not turning off the old environment. Old Exchange server still receiving email two months after migration because nobody updated the MX. Or worse, on the same internal IP causing routing weirdness.
  • Skipping training. Teams sits unused, OneDrive isn’t synced, file share habits never break.
  • No backup of the new environment. “But Microsoft has 99.9% uptime!” — uptime isn’t backup. Ransomware can encrypt OneDrive content too.

What this should cost in Melbourne, 2026

For a 50-staff Melbourne SME with email-only currently in M365 and on-premises file shares:

  • Migration project: $18,000-$35,000 fixed price across the 10 weeks, depending on file volume and complexity
  • Licensing: Microsoft 365 Business Premium is $33 per user per month (AUD, ex GST, 2026 pricing)
  • Backup tooling for M365: $5-$8 per user per month
  • Ongoing managed IT post-migration: standard managed IT pricing, since the M365 environment becomes part of the regular operations

If you’re being quoted significantly under that, look at what’s excluded. Significantly over, look at the actual scope.

Reference points

For the Australia-wide context, our Microsoft 365 migration guide for Australia covers regional considerations. For Melbourne-specific support after migration, our Microsoft 365 support Melbourne page is the entry point.

What to do next

If you’re planning a M365 migration in the next six months, start with the Phase 0 discovery. The discovery alone tells you more about your current IT environment than most SME owners realise. We’ll do it as a fixed-fee engagement and the report is yours regardless of whether you engage us for the migration.

Book a migration scoping call — we’ll send a sample discovery output and rough quote within 48 hours.

Teams Is More Than Chat

Most businesses use Microsoft Teams for messaging and video calls. But Teams is designed to be the central hub for all workplace collaboration — replacing scattered emails, file shares, and disconnected tools with a single platform. If your team is only using chat, you are leaving most of the value on the table.

This guide covers the practical steps to get more from Teams without overcomplicating things.

Organise Teams and Channels Properly

The most common mistake is creating too many teams or not enough structure within them. A practical approach for SMEs is to create teams based on departments or functions (Operations, Finance, Sales), use channels within each team for specific topics or projects, and keep the General channel for announcements only — not daily conversation.

For project-based work, create a dedicated team or channel with the relevant people. When the project ends, archive it. This keeps the workspace tidy and makes historical information findable.

File Management in Teams

Every Teams channel has a built-in SharePoint document library. Use it instead of emailing attachments or saving files locally. Files shared in a channel are accessible to everyone in that channel, version history is automatic — you can roll back accidental changes, co-authoring lets multiple people edit simultaneously, and files are searchable across Teams.

Establish a consistent folder structure within channels. If every team organises files differently, staff waste time hunting for documents.

Meetings That Work

Teams meetings are more productive with a few settings. Always include an agenda in the meeting invite — it sets expectations and keeps discussions focused. Use the lobby feature to prevent attendees from joining before the organiser. Record meetings for absent team members (recordings are stored in SharePoint with automatic transcription). Use breakout rooms for workshops or training sessions with smaller group discussions.

For recurring meetings like weekly standups, create a channel and post the meeting there. Notes, recordings, and follow-up tasks all stay in context.

Integrate Your Tools

Teams integrates with hundreds of business applications. Practical integrations for SMEs include Planner or To Do for task management within channels, Forms for quick polls and surveys, Power Automate for workflow automation (e.g., notify a channel when a new invoice arrives), and third-party apps like Xero, Trello, or Jira through the Teams app store.

Start with one or two integrations. Adding too many at once overwhelms staff.

Communication Norms

Without clear norms, Teams becomes noisy and overwhelming. Establish guidelines covering when to use chat versus email versus a call, expected response times for messages (e.g., same business day for chat, within the hour for urgent), use of @mentions to direct messages to specific people (avoid @channel for non-urgent matters), and status indicators — encourage staff to set their status (Available, Busy, Do Not Disturb) accurately.

Security and Governance

Teams needs governance, especially as your business grows. Key settings include guest access policies (control whether external users can be added to teams), data retention policies aligned with your compliance requirements, sensitivity labels for teams containing confidential information, and regular reviews of team membership — remove former staff and inactive members.

Microsoft 365 admin centre provides controls for all of these. Set them up before the platform grows organically into an unmanageable sprawl.

Mobile Teams

The Teams mobile app is essential for field-based staff. Construction workers, tradespeople, and remote employees can access chats, files, and meetings from their phone. Ensure MDM policies are applied to mobile devices accessing Teams, and train field staff on the mobile app — it has a different interface from the desktop version.

Getting Help

If your Teams deployment feels messy or underutilised, a structured cleanup and training session can transform how your team works. Contact TechAssist to optimise your Microsoft Teams environment.

What Is an MSP? Managed Service Providers Explained

You’ve probably heard the term “MSP” thrown around in business IT circles, but what does it actually mean? And more importantly, is a managed service provider the right choice for your business?

The simplest definition: an MSP is a company that manages your IT systems proactively instead of waiting for things to break. But there’s much more to understand about how they operate and whether they make financial sense for your situation.

MSP vs Traditional Break-Fix Support

To understand what an MSP does, it helps to compare it with the traditional alternative: break-fix IT support.

Break-fix support works like this: your system fails, you call an IT company, they send someone (eventually) to fix it, you pay them per hour or per incident. You’re only paying when something’s broken. There’s no ongoing relationship, no proactive maintenance, no planning.

The problem with break-fix is obvious: you’re dealing with constant emergencies. A critical system goes down on Friday at 4pm. Now you’re waiting for a technician to show up, paying premium rates for emergency callout, and your business is offline in the meantime. The cost per incident is unpredictable. Some months you spend nothing; other months you’re thousands of dollars in the red.

Managed services flips this model entirely. An MSP monitors your systems 24/7, patches them automatically, backs up your data continuously, and contacts you proactively when they spot potential problems. You pay a fixed monthly fee, you know exactly what you’re getting, and you rarely face emergencies because problems are caught before they become critical.

It’s the difference between hiring a security guard to patrol your office building (MSP) versus calling police after someone’s already broken in (break-fix).

What Does an MSP Actually Manage?

Modern MSPs typically manage a comprehensive suite of services, though the exact list depends on your contract. Common services include:

Network and infrastructure monitoring. Your MSP monitors your servers, switches, firewalls, and desktops in real-time. If something uses too much processing power, if a hard drive is failing, if a connection goes down, they see it immediately. Most issues are caught and fixed before you experience downtime.

User devices and software. They deploy updates to all your computers remotely, manage software licenses, install applications, and monitor device health. No more employees dealing with update notifications or waiting for IT to install software.

Data backups and disaster recovery. Your MSP maintains automated backups of critical data, typically using both local storage and cloud-based redundancy. If you suffer a data loss incident—hard drive failure, ransomware attack, accidental deletion—your data can be restored quickly.

Security monitoring and threat detection. They watch for suspicious activity, patch security vulnerabilities as they’re discovered, maintain firewalls and anti-malware systems, and often provide email security and data loss prevention. This is crucial for protecting against the ransomware and cyber threats facing Australian businesses.

Help desk support. When your team needs help with their laptop, needs a password reset, has software issues, or wants to know how to use a feature, they contact the MSP’s help desk. Response times are typically much faster than internal IT staff could provide.

Strategic planning. Beyond just keeping systems running, a good MSP helps you plan technology investments, upgrade infrastructure before it becomes critical, and align your IT with your business goals. They might recommend migrating to cloud solutions, upgrading your network, or consolidating software licenses to reduce costs.

MSP vs Internal IT Staff

Another common comparison: hiring your own IT person versus using an MSP.

A full-time IT staff member costs you approximately AUD $65,000–$95,000 annually in salary, plus payroll tax, superannuation, benefits, and hardware. But there’s a bigger problem: one person has limited expertise and can only handle one issue at a time. When that person goes on holiday, you have no IT support. They might be excellent at user support but weak on security, or great with servers but unable to manage your cloud infrastructure.

An MSP gives you access to a team of specialists—network engineers, security experts, help desk staff, and strategic consultants—for less than the cost of a single employee. You get round-the-clock monitoring (often 24/7), specialised expertise you couldn’t afford to hire directly, and scalability: as your business grows, the MSP scales up support without hiring more permanent staff.

That said, some larger businesses run a hybrid model: they have one or two internal IT staff who manage local projects and relationships, while an MSP handles infrastructure, monitoring, and after-hours support. This can work well if structured properly.

How MSP Pricing Works

Unlike break-fix (which charges per incident), MSPs typically charge fixed monthly fees based on what’s included in your agreement. The pricing model is usually one of these:

Per-seat pricing. The MSP charges based on the number of devices or users they’re managing. A typical model might be $100–$150 per user per month, including device monitoring, help desk support, and core services like backups and patching. If you have 20 employees, you’d pay roughly $2,000–$3,000 monthly. As you hire new staff, the cost increases proportionally.

Tiered packages. Providers offer different service tiers—basic (monitoring and help desk), standard (with advanced security and disaster recovery), and premium (full service with strategic planning). You pick the tier that suits your needs.

Hybrid models. Some MSPs charge a base fee for core services, then add per-device costs, or charge different rates for different services. For example, you might pay a base fee of $1,000/month plus $80 per device per month for advanced security monitoring.

The key advantage of fixed pricing is budgeting certainty. You know what you’re spending each month. No surprise emergency bills. No wondering if you can afford to patch that server.

What’s Actually Included? The Scope Question

This is critical: not all MSPs include the same services. Some include everything; others a la carte. Common distinctions:

What’s typically included: Device monitoring, patch management, basic help desk, antivirus/anti-malware, remote support, automated backups.

What might cost extra: Advanced security services (email filtering, vulnerability scanning), disaster recovery to cloud, business continuity planning, on-site support (many offer remote-only as standard), compliance consulting, strategic planning time.

Before signing an MSP contract, get a detailed scope document that explicitly lists what’s covered and what’s not. Ask about response times, availability, escalation procedures, and what happens if you have a problem that exceeds the agreed scope.

When Does an MSP Make Sense?

MSPs aren’t right for every business, but they’re ideal if:

You have more than 5–10 employees. Below that threshold, your IT needs are typically simpler, and per-seat pricing might feel expensive. Above it, you need enough complexity that hiring staff or using break-fix becomes unreliable.

Your business depends on systems being available. If you can’t afford downtime—a law firm where clients can’t reach you, a medical practice where appointments are disrupted, a manufacturing operation where an offline system halts production—an MSP’s proactive approach makes financial sense.

You’re concerned about security and compliance. If you handle sensitive customer data, need to meet privacy regulations, or want to implement security frameworks like Essential Eight, an MSP with security expertise is far more cost-effective than trying to build that in-house.

You want to focus on your business, not IT. Most business owners didn’t get into their industry to manage IT. Using an MSP lets you delegate that entirely, so you can focus on what you do best.

You’re growing and IT needs are expanding. An MSP scales with you without requiring permanent hiring decisions.

Questions to Ask When Considering an MSP

Not all MSPs are created equal. When evaluating providers, ask:

  • What’s included in the monthly fee, and what costs extra?
  • What’s your guaranteed response time for critical issues?
  • How do you monitor our systems? What tools do you use?
  • Can you explain your approach to cybersecurity and compliance?
  • What happens when I need on-site support?
  • How do you handle disasters like ransomware or data loss?
  • Can I see a sample service agreement and SLA?
  • Do you have experience with my industry? Can you provide references?
  • How often do we review services and costs?

If a provider can’t answer these clearly or tries to dodge them, keep looking.

Making the Transition

Moving from break-fix or internal IT to an MSP requires planning. A good MSP will:

Conduct a comprehensive assessment of your current systems before starting. Document what you have, what’s working, what needs attention. This becomes the baseline for monitoring going forward.

Create a migration plan that moves systems to managed status gradually, reducing disruption to your business. They’ll set up monitoring, implement backups, patch vulnerabilities, and establish baselines for normal operation.

Provide training and clear communication so your team understands how to request support and what to expect.

Establish regular review meetings to discuss system health, address concerns, and plan for future needs.

The Bottom Line

An MSP is fundamentally about shifting IT from reactive (fixing emergencies) to proactive (preventing problems). For most growing Australian businesses, this shift is both more affordable and more reliable than alternatives. The exact fit depends on your size, industry, risk profile, and how much IT complexity you want to manage in-house.

The best MSP partnership is one where you trust the provider to understand your business, communicate clearly, and treat your problems like their own. If you’re considering whether an MSP makes sense for your business, we’re happy to discuss your situation with no obligation. Call us on 1300 028 324 or get in touch online to explore whether managed services are right for you.

Office 365 Security Best Practices: Hardening Your Microsoft Tenant

Office 365 is secure by default. But “by default” isn’t the same as “secure for your business”. Out of the box, you can log in with just a password. Users can forward emails anywhere. Anyone can install third-party apps. Deleted files are gone forever.Most Australian SMBs inherit these defaults and never change them. Then they’re surprised when someone’s password gets compromised and the attacker reads three years of confidential emails.The good news: hardening Office 365 is straightforward and mostly free (or included in your license). It’s a checklist, not a technical transformation.

Start with Microsoft Secure Score

Before you make any changes, look at your Secure Score. It’s a dashboard in the Microsoft 365 admin centre that rates your tenant security on a scale of 0–100 and recommends improvements.You’ll find it under Security > Secure Score in the admin centre. It shows your current score, your comparison to similar organisations, and a prioritised list of improvements.The improvements are ranked by impact. The ones at the top prevent the most common attacks. Focus on those first.Secure Score is the fastest way to identify your biggest gaps. Don’t skip this step.

Multi-Factor Authentication: Non-Negotiable

A password alone isn’t enough anymore. Attackers can buy stolen passwords cheaply online. Multi-factor authentication (MFA) makes accounts dramatically harder to compromise because an attacker needs both your password and your phone (or security key).What you should do:Enable MFA for all cloud accounts, especially admin accounts. Start with admins—the damage from a compromised admin account is far greater.In the admin centre: Users > Active users, select a user, then Edit > Require multi-factor authentication. Do this for all admins first, then roll out to all users.What type of MFA? The Microsoft Authenticator app is best (it can approve requests with a single tap), SMS is acceptable (though less secure), and authenticator hardware keys are hardest to compromise but expensive. For SMBs, the Authenticator app covers most needs.Key setting: In Azure Active Directory > Security > MFA > Additional cloud-based MFA settings, enable “block legacy authentication”. This prevents old email clients that don’t support MFA from connecting. It sounds disruptive (you’ll have one or two users with old software), but it closes a huge attack vector.If you get complaints about MFA being inconvenient: MFA is inconvenient for legitimate users approximately once per device. It’s inconvenient for attackers 100% of the time.

Conditional Access Policies: Automation for Security

Conditional access lets you set rules like “require MFA if the user is logging in from an unknown location” or “block access if the device looks compromised”.You set these policies in Azure Active Directory > Security > Conditional Access. They’re powerful but can be confusing to set up. Start with the simplest ones:Policy 1: Require MFA for risky sign-ins. Azure detects when a sign-in looks unusual. Automatically require MFA for these sign-ins. Legitimate users get a prompt; attackers usually can’t provide it.Policy 2: Block legacy authentication. Old email clients don’t support modern security protocols. Block them entirely. You’ll lose maybe one or two users with very old setups, but you prevent a common attack vector.Implementing these hardening measures across your entire tenant takes expertise. Our Microsoft 365 security solutions include full tenant configuration, conditional access policies, and ongoing monitoring.Related reading: plan your M365 deployment | secure migrationPolicy 3: Require compliant devices. If a device is enrolled in Intune, require it to be compliant (updated patches, antivirus running, encryption enabled) before allowing access.Conditional access is initially overwhelming, but these three policies cover most of your security needs. Start there and expand later if needed.

Email Authentication: Prevent Spoofing

Email spoofing means attackers send emails pretending to be you. Stop this with three technical controls: SPF, DKIM, and DMARC. These don’t require new technology—they’re just DNS configuration. Set them up once and they work forever. They’re one of the highest-ROI security changes you can make.

Data Loss Prevention (DLP): Stop Secrets Leaking

DLP prevents people from accidentally (or intentionally) emailing confidential information. You define what’s confidential (customer lists, financial data, personal information, API keys, etc), and Office 365 blocks emails containing it.

Sensitivity Labels: Protect Files from Inside

Sensitivity labels let you mark files as “Confidential”, “Internal”, or “Public”. When you label a file, Office 365 applies protections automatically. For SMBs, a simple three-level labeling system works well: Public, Internal, and Confidential.

Defender for Office 365: Threat Prevention at Scale

Defender for Office 365 is an add-on that provides advanced threat protection. It includes Safe Attachments, Safe Links, anti-phishing, and impersonation protection. For SMBs handling sensitive data or receiving many phishing attempts, it’s worth the investment.

Admin Roles and Privileged Access

Admin accounts are high-value targets. First, identify who actually needs admin access. Second, create separate admin accounts. Third, enforce MFA on all admin accounts. Fourth, limit admin role scope. Fifth, monitor admin activity. Sixth, consider Privileged Access Management for critical operations.

Putting It All Together: The Checklist

Here’s the order to implement these controls:
  1. Check your Secure Score and read the recommendations
  2. Enable MFA for all admin accounts
  3. Enable MFA for all users
  4. Set up SPF, DKIM, DMARC in your DNS
  5. Create a simple DLP policy for financial data
  6. Set up Conditional Access policies
  7. Create Sensitivity Labels
  8. Consider Defender for Office 365
  9. Audit admin roles and remove unnecessary access
  10. Monitor your Secure Score monthly
Office 365 is secure software. But you have to actively configure it to take advantage of that security.

Related — Hardening Office 365 properly is one piece of the cyber posture puzzle. For the full picture — Essential Eight uplift, EDR, immutable backups, IR plan and ongoing managed cyber — see our managed cybersecurity services for Melbourne SMEs.

Microsoft 365 Business vs Enterprise: Which Plan Does Your Business Need?

Microsoft 365 has a lot of plans. Business Basic, Business Standard, Business Premium, E3, E5. For Australian SMBs, picking the right plan is important because the cost difference between a plan that’s too cheap and one that fits is often less than you’d expect, but the cost difference between one you need and one you don’t have can be substantial.The conventional wisdom is simple: small businesses use Business plans, large enterprises use Enterprise (E3/E5) plans. In 2026, that’s not actually accurate anymore. Some small businesses genuinely need E3. Some larger businesses are better off with Business Premium. It depends on what you’re actually doing.

The Plans at a Glance

Business Basic: AUD $8–9/user/month. Email, Office online (cloud only), basic Teams.Business Standard: AUD $12–14/user/month. Everything in Basic plus desktop Office apps, advanced Teams features.Business Premium: AUD $20–22/user/month. Everything in Standard plus advanced security, basic compliance.Enterprise E3: AUD $25–28/user/month. Desktop Office, Teams, advanced security, compliance, advanced Exchange.Enterprise E5: AUD $45–50/user/month. Everything in E3 plus advanced analytics, eDiscovery, advanced threat protection.

Business Basic: Email and Cloud Office Only

This is the entry-level plan. You get email, Office apps in browser, 1TB cloud storage per user, basic Teams, and basic task management.Who this is for: Businesses that don’t need desktop Office. Mostly email and cloud documents.Why you wouldn’t: No desktop Office. Your team can’t use Word, Excel, or PowerPoint offline. They’re always in browser.

Business Standard: Desktop Office Included

This adds desktop Office apps (Word, Excel, PowerPoint, OneNote, Access, Publisher for Windows), advanced Teams features, and advanced Outlook features.Who this is for: Most small businesses. Especially if your team uses Office documents regularly or works hybrid/remote.Why you’d upgrade to Premium: You need security features that Business Standard doesn’t include (MFA enforcement, Conditional Access, Insider Risk, Defender for Office 365).

Business Premium: Advanced Security and Basic Compliance

This adds: Defender for Office 365, device management (Intune), Conditional Access, threat intelligence, basic Data Loss Prevention (DLP), audit logs, eDiscovery, MFA enforcement, and more.Who this is for: Australian SMBs with compliance requirements. Especially if you handle customer data (Privacy Act compliance), financial data, or health information.Cost-benefit: AUD $20–22/month per user. For a 20-person team, that’s AUD $400–440/month. Compared to Business Standard, you’re paying an extra AUD $160–200/month for comprehensive security. If you ever get phished or have a security incident, that investment pays for itself many times over.Why you wouldn’t: You genuinely don’t care about advanced security and compliance. (But you should.)

Enterprise E3: Full Enterprise Features, Advanced Compliance

This is a big step up from Business. You get: advanced eDiscovery, advanced Compliance Manager, Information Protection (Advanced DLP, encryption, labeling), Advanced Threat Analytics, Customer Lockbox, advanced reporting, unlimited archiving, and advanced hold and retention policies.Who this is for: Larger businesses, regulated industries (finance, healthcare, law), or businesses with serious compliance or legal hold requirements.Why you’d upgrade to E3: You’re in a regulated industry and compliance is a real requirement. Or you’re large enough that internal investigations, legal holds, and data retention are regular activities.Pricing: E3 is typically more expensive than Business Premium at face value, but with enterprise discounts it often becomes cheaper per user. For a 200-person company, enterprise licensing might be significantly cheaper than Business plans.

Enterprise E5: Full Enterprise with Advanced Security and AI

E5 adds: Defender for Endpoint, Defender for Identity, Insider Risk Management, Advanced Audit Log, Privileged Access Management, attack simulation, and advanced analytics.Why you’d use it: You need comprehensive threat detection across endpoints, email, identity, and insider threats. Or you’re a large organisation that needs to detect and respond to serious security incidents.Why most SMBs wouldn’t: Cost. E5 is expensive (AUD $45–50/user/month). For a 20-person team, that’s AUD $900–1,000/month. Unless you’re in a high-risk industry (finance, healthcare, critical infrastructure), that’s hard to justify.

What’s Actually Included by Security Tier

MFA: Included from Business Premium up. Not in Basic or Standard.Defender for Office 365: Business Premium and above.Device Management (Intune): Business Premium and above.Conditional Access: Business Premium and above.Data Loss Prevention (DLP): Basic version in Business Premium. Advanced version in E3.Defender for Endpoint: E5 only.Insider Risk Management: E5 only.

Compliance and Australian Regulatory Requirements

If you’re subject to Australian Privacy Act compliance, or you work in healthcare, finance, or aged care, your plan choice matters.Australian Privacy Act compliance: You need at least Business Premium for MFA, audit logging, and basic DLP. E3 gives you better audit logs and advanced DLP. Most SMBs are fine with Premium for Privacy Act work.Healthcare: Business Premium is a floor. Realistically, E3 or higher if you’re handling sensitive health data.Financial services: Depends on what you do. Stockbroker? E5. Accounting firm? Business Premium to E3. Small advisory business? Business Premium might be enough.

Common Mistakes in Plan Selection

Buying too cheap (Business Basic or Standard) and regretting it. Most SMBs end up upgrading within 6 months because they realise they need MFA, audit logs, or better email protection. Start with Business Premium and save the pain.Buying too expensive (E5) without needing it. If you’re a 15-person consulting firm, E5 is wasteful. Business Premium or E3 is better.Not thinking about security during plan selection. Plan choice is partly a security decision. Business Premium has features (MFA, Defender) that Business Standard doesn’t.Assuming all users need the same plan. You can use different plans for different users. Your accountant might need E3. Your receptionist might be fine with Business Standard.

What to Do Now

If you’re on Business Basic or Standard: Evaluate whether you need Business Premium. If you care about security or compliance, upgrade. It’s usually worth it.If you’re on Business Premium: This is a good place for most SMBs. Consider E3 only if you’re in a regulated industry with heavy compliance requirements.Related reading: security considerations | cloud adoptionIf you’re on E3 or E5: Review whether you actually need these features. If you’re a small business on E5, you might save significant money by moving to Business Premium and buying specific add-ons you need.

Next Steps

Don’t just accept the plan your current vendor put you on. Review your current usage, your compliance requirements, and your security needs. You might be overpaying, or you might be underpaying and not getting features you need.

Related — Choosing the right M365 SKU is one decision — getting it deployed and hardened properly is the next. See our Office 365 and Microsoft 365 support in Melbourne for what proper M365 management actually looks like beyond basic reseller help.

Ready to Make IT Your
Competitive Advantage?

Book a free consultation with our team. No pressure, no jargon — just a clear-eyed look at where you stand and what's possible.

Enquire Now → Get a Free IT Health Check Call 1300 028 324