Cloud migration is the IT category where buyer disappointment is most common. The phrase covers projects from a five-day SharePoint setup to a two-year replatforming. Partners range from competent boutiques to outfits with junior consultants who will learn on your bill. Picking the wrong one locks in operational pain for five years.
This is a buyer’s guide written from the engineering side of the table. We will define what cloud migration services actually mean for an Australian SME in 2026 (mostly file server to SharePoint and OneDrive, on-prem Active Directory to Entra ID, and on-prem SQL or line-of-business systems to Azure). We will cover the three pricing models you will see and which one fits your situation. We will name the lift-and-shift trap that costs SMEs more in year three than the original project cost. And we will give you the 12 questions to ask a prospective migration partner before you sign anything.
TechAssist has been running migrations for Melbourne SMEs since we were founded in 2014. Our cloud services Melbourne team has migrated firms ranging from 8 to 250 staff, across professional services, manufacturing, healthcare, and not-for-profit. We have 13 Australian engineers, two offices (Tecoma and 575 Bourke St CBD), a 24/7 NOC, and per-user fixed monthly pricing for the run state after the migration. The engineering bias in this guide is real but the recommendations are the same we give clients we end up not working with.
What “Cloud Migration Services” Actually Means in 2026
The term has been used loosely for so long it has lost meaning. Let us define it concretely. For an Australian SME in 2026, “cloud migration” almost always means one or more of the following workstreams.
File server to SharePoint and OneDrive. This is the bread-and-butter SME migration. An on-premise file server (often a Windows Server running 2016 or 2019 that is past end-of-life on hardware) is being retired, and the file shares are being moved to SharePoint Online document libraries plus OneDrive for individual user files. The work is more nuanced than it sounds: permissions need to be modelled cleanly, mapped drive habits need to be transitioned, and the file structure usually needs to be restructured at the same time because the on-prem structure has accumulated 15 years of cruft.
On-premise Active Directory to Entra ID. The identity layer migration. Moving from a Windows Server domain controller to Entra ID as the primary identity provider, with hybrid join or full cloud join for Windows endpoints. This is the foundation for conditional access, device compliance, and most of the modern security controls. It is also the migration that quietly breaks the most legacy line-of-business applications, so the discovery work needs to be thorough.
On-premise SQL or line-of-business system to Azure. The infrastructure-as-a-service or platform-as-a-service migration. Moving a database or LOB application from on-premise servers to Azure SQL, Azure VMs, or App Service. This is where the lift-and-shift trap lives, and we will talk about it shortly.
Email migration. Moving from on-prem Exchange or a third-party mail provider to Exchange Online. This is increasingly a small workstream because most SMEs already moved email to the cloud years ago, but it still comes up for late-mover firms and for post-acquisition consolidation work.
Backup re-platforming. Moving from on-prem backup appliances to cloud-native or hybrid backup services that protect both on-prem and cloud workloads. This often gets bundled into the migration scope because the existing backup tool does not protect the new cloud workloads, and trying to bolt it on later costs more than rebuilding the backup strategy properly. See our backup and disaster recovery Melbourne 2026 guide for the broader picture.
For a typical Melbourne SME migration, two or three of these workstreams are bundled into a single engagement, with the file server and Entra ID work usually being the core, and the SQL or LOB workstream being the optional but heavier component.
The Three Pricing Models
The pricing model a partner offers tells you a lot about how they run projects. There are three common shapes for cloud migration engagements in the Australian SME market.
| Pricing model | How it works | Best fit | Watch for |
|---|
| Fixed-price discovery plus T&M build | Fixed fee for a one-to-three-week discovery and scoping phase. Build phase is time and materials with a budget cap and weekly reporting. | Mid-complexity migrations where scope is genuinely uncertain. | T&M without a cap is open-ended. Insist on a cap and weekly reporting. |
| Hybrid (fixed core, T&M for complex bits) | Fixed price for the standard workstreams (file server, AD, email), T&M for anything custom (LOB integration, data transformation). | Most SME migrations of moderate complexity. | The boundary between fixed and T&M needs to be crystal-clear in the SOW. Vagueness here causes disputes. |
| Full fixed price | One fixed number for the entire engagement, including all workstreams, change requests within a defined envelope. | Well-defined migrations with low ambiguity in scope. | The partner has priced in risk margin. You will pay more than T&M would cost if the project runs smoothly. The upside is predictability. |
The honest take on which to choose: hybrid is the right answer for most Melbourne SMEs in the 30 to 100 staff range. Fixed-price discovery plus T&M build is the right answer when you have a legacy line-of-business application and the discovery phase needs to surface what the migration actually involves before anyone can credibly quote it. Full fixed price is the right answer when you have rigid budget approval processes that cannot tolerate any variance.
The model that should make you nervous: a low fixed price for an aggressive scope, where the partner is hoping to use change orders to recoup margin. This is the most common pattern of buyer disappointment we see. The kick-off feels great, the price feels right, and by week six you have approved $40,000 of change orders and the partner has rebuilt their margin on top of the original quote. The protection against this is a thorough discovery before the contract is signed.
The Lift-and-Shift Trap
This is the trap that costs Melbourne SMEs more in cloud cost over time than the migration itself. The partner takes your on-premise SQL Server, lifts it onto an Azure VM with the same specs, and shifts it to the cloud. The migration is fast, the bill at the end is low, and the project is declared a success.
The problem is what happens in year two and year three. The on-prem server was a one-time hardware capital cost amortised over five years. The Azure VM is a recurring operational cost forever. The specs that made sense on-prem (over-provisioned because hardware was hard to expand) are wasted in Azure because cloud workloads should be sized to actual load and scaled when needed. The result is a perpetual Azure bill that is two to four times what a properly designed cloud architecture would cost, with worse performance characteristics.
The fix is platform-as-a-service or refactoring during the migration, not after. Specifically: SQL Server should usually become Azure SQL Database (with elastic pool, or serverless tier for variable workloads), not an Azure VM running SQL Server. Windows Server file shares should become SharePoint and OneDrive, not Azure Files. Custom applications should be containerised or refactored to App Service where viable, not lifted onto VMs.
The reason partners default to lift-and-shift is that it is fast and low-risk for them. It avoids the architectural conversations that take time and require Azure expertise that not every partner has. It also positions them for a profitable optimisation engagement in year two, when the bill is hurting and you come back asking for help.
If you are evaluating a migration partner, the lift-and-shift conversation is the single best test of their depth. Ask them what they would do with your specific workloads. If the answer is “lift to Azure VMs first, optimise later,” that is a partner who is going to leave you paying the on-prem tax in Azure forever. Walk away. The right answer is “let us look at each workload and design the target architecture before we move, even if it takes longer up front.”
The 12 Questions to Ask Before You Sign
These are the questions we would ask if we were on the buyer side of a migration engagement. The answers will tell you more than any case study.
One. Show me the discovery deliverable from your last three SME migrations. The discovery document is the single best indicator of how seriously a partner takes scoping. If they cannot show you a sanitised example, or if the example is two pages of high-level boxes, they are not doing real discovery.
Two. How will you handle the Azure cost forecast for year one, year two, and year three? You want a projected monthly Azure bill at each milestone, with the assumptions stated. Partners who cannot do this are guessing on the cost side, and guessing means surprises.
Three. What is your specific approach to file permissions during the SharePoint migration? File permissions are where the migration’s hidden complexity lives. The right answer involves a permissions audit, a model for SharePoint sites and Teams, and a plan for the inevitable exceptions. The wrong answer is “we will replicate the existing structure.”
Four. How do you handle the legacy line-of-business application that does not support Entra ID? Every SME has at least one. The right answer involves identifying it during discovery, modelling the options (hybrid join, application proxy, replacement, retirement), and pricing the work accordingly. The wrong answer is “we will figure it out during the build.”
Five. What is your incident response if the migration goes sideways at 8pm on a cutover Saturday? You want to know who is on call, what their response time commitment is, and what the rollback procedure looks like. Cutover weekends are when migrations fail spectacularly, and you need to know there is a human and a plan when it happens.
Six. Who are the named engineers on this project, and what are their certifications? Not “our team has Azure certifications.” You want names, role descriptions, and which specific engineers will be doing the architecture and implementation. Partners who staff projects with rotating cast members give you inconsistent work quality.
Seven. What does your post-migration run state look like, and what is the handover process? Most migration disappointment is not during the migration. It is in the six months after, when something breaks and the partner is no longer engaged. You want clarity on the handover, the run state ownership, and the path to ongoing support.
Eight. Can you share a reference from a Melbourne SME of similar size and complexity, in the last 18 months? You want the reference to be both recent (so the partner is still operating at the same standard) and comparable (so the work has actually relevant similarity to yours). Generic enterprise references are not useful for SME engagements.
Nine. What happens if Azure costs come in higher than your forecast? Specifically: who eats the difference, and what is the process for re-evaluating the architecture? A partner who says “we will work with you to optimise” without committing to any responsibility is offloading the architectural risk onto you.
Ten. How do you handle change requests during the build? You want a written change request process with size thresholds, approval steps, and a commitment that changes below a certain dollar value will be absorbed rather than charged. Without this, change requests become the partner’s margin recovery mechanism.
Eleven. What is your approach to security during and after the migration? The migration is the perfect moment to uplift conditional access, MFA, application control, and Essential Eight alignment. A partner who treats security as out of scope for the migration is leaving the most valuable work on the table.
Twelve. Where will my data live geographically, and what is the data residency commitment? For most SMEs the answer is Azure Australia East or Australia Southeast, but you want this stated explicitly, with the specific workloads named. This matters more than buyers usually realise, especially for clients in government supply chain or regulated sectors.
The partner’s answers to these twelve questions will tell you who you are dealing with. The partner who hedges or generalises is the partner who will surprise you later. The partner who has specific, named, defensible answers is the partner worth talking to in detail.
A Sample Scope-of-Work Skeleton
Here is the structure of a sensible SOW for a Melbourne SME cloud migration. Adapt this for your situation. If the partner’s SOW is shorter or thinner than this, push back.
| SOW section | What it should contain |
|---|
| Executive summary | One-page summary of the engagement, the workstreams, the duration, and the price. |
| Discovery deliverables | Detailed inventory of current state, target architecture, migration approach for each workstream, risk register. |
| Workstream breakdown | Named workstream for each major workload, with explicit scope boundaries, deliverables, and acceptance criteria. |
| Target architecture diagram | Visual representation of the post-migration state, including identity, network, data, and security layers. |
| Migration sequence and timeline | Phased plan with named milestones, dependencies, and cutover windows. |
| Roles and responsibilities (RACI) | Who does what on the partner side and the client side, named individuals where possible. |
| Acceptance criteria per workstream | Specific tests that must be passed before each workstream is considered complete and signed off. |
| Change request process | Written process with thresholds for what counts as a change, approval steps, and pricing. |
| Azure cost forecast | Projected monthly Azure spend at three, six, twelve, and twenty-four months with assumptions stated. |
| Risk and mitigation | Named risks, probability/impact assessment, and mitigation plans. |
| Cutover plan and rollback procedure | For each cutover, the procedure, the abort criteria, the rollback steps, and the on-call coverage. |
| Post-migration support and warranty | What support is included for what duration after each workstream completes. |
| Pricing breakdown | Line-by-line breakdown of fixed and T&M elements, with assumptions. |
| Payment milestones | What gets paid when, tied to acceptance criteria not calendar dates. |
The SOW should be 25 to 50 pages for a typical mid-complexity SME migration. Less than that, the partner has not done the thinking. More than 80 pages, the partner is hiding complexity in volume.
A Melbourne Example: 65-Person Engineering Consultancy in Hawthorn
A 65-person mechanical and electrical engineering consultancy in Hawthorn engaged us in late 2024 for what they thought would be a SharePoint migration and turned into a broader cloud migration including identity, file shares, and an on-premise project management database.
The discovery surfaced more complexity than expected. The file server held about 14TB of project files including CAD models, which needed careful handling for SharePoint sync behaviour. The Active Directory had 11 years of accumulated permissions, roles, and group nesting that needed cleaning before any migration could be clean. The project management database was a SQL Server application with custom integrations to Outlook and to their cost-tracking spreadsheets that no one had documented in seven years.
The decision early in discovery: refactor where it materially reduces ongoing cost, lift-and-shift only where refactoring offered no value. SQL Server moved to Azure SQL Database (single database, with elastic pool option for future growth) instead of a VM. File shares moved to SharePoint with a redesigned site structure mapped to project workstreams rather than the old folder hierarchy. Identity moved to Entra ID with hybrid join during a transitional period, then fully cloud-joined endpoints by month six.
Timeline: 14 weeks from discovery start to final cutover, plus a 12-week post-migration support window. Cost: $148,000 fixed for the standard workstreams plus $34,000 T&M for the SQL refactor, against an internal budget envelope of $200,000. Azure run cost: $1,640 per month at steady state, against a forecast of $1,800. They are now on per-user fixed monthly managed service with us, with 24/7 NOC monitoring out of Tecoma and same-business-day on-site coverage when something needs hands on gear.
The lift-and-shift counterfactual: a partner who had simply lifted the SQL Server to an Azure VM would have charged less for the project (maybe $115,000 total) but the Azure run cost would have been roughly $3,400 per month due to the VM sizing and the SQL Server licensing on Azure. Over five years, the lift-and-shift would have cost the firm about $105,000 more in Azure spend, plus the future optimisation work to fix it. The architectural decision during the migration saved more than the migration cost over the asset lifetime.
Where TechAssist Sits in the Partner Landscape
We are honest about our positioning. We are not a Big Four consulting firm and we do not bid on $5m enterprise transformations. We are not a one-person operation working from a home office. We are a mid-market Melbourne MSP with 13 Australian engineers and the scale to handle SME migrations end-to-end while still being a partner you can call and get the principal engineer on the phone.
Our sweet spot is 30 to 250 staff Melbourne SMEs, professional services and skilled industries, where the migration needs to be done properly the first time, on a budget that is real but not unconstrained, with a transition into a managed service relationship afterwards. Our per-user fixed monthly pricing on the run state means we are not incentivised to leave you with brittle infrastructure that creates ongoing ticket volume.
We are Essential Eight aligned and ISO 27001 capable, which matters for clients moving into regulated sectors or pursuing certifications. We sub-15-minute respond to P1 incidents and provide same-business-day on-site coverage across Melbourne metro from our Tecoma office and our 575 Bourke St CBD office.
If our positioning does not fit your situation, that is fine. The questions in this guide will still serve you well with another partner. If it does fit, we are happy to run a discovery conversation. See our MSP Melbourne overview for the broader service description, our co-managed IT support page if you have an internal IT lead, and our managed IT services Melbourne page for the full service breakdown.
For vertical-specific context, see our law firms, manufacturers, and healthcare pages. For the broader provider selection framework, our how to choose an MSP Melbourne and top managed service providers Melbourne articles cover the ground.
The Six Red Flags That Should End the Conversation
If you see any of these during the sales process, the conversation should end. We have seen each of these cause migration disasters, and the partner’s behaviour during the sales cycle is the best predictor of how they will behave during the project.
One. They quote without discovery. A partner who gives you a fixed price for a migration without spending real time understanding your environment is either selling you a project they cannot deliver, or has priced in so much risk that you are overpaying.
Two. They cannot name the engineers. The salesperson is great. The case studies are slick. The actual delivery team is a mystery. This is the pattern where you find out, after signing, that the engineers are junior offshore staff or contractors with no continuity.
Three. The Azure cost forecast is “we will optimise after migration.” This is the lift-and-shift trap signalled in advance. Walk away.
Four. The change request process is “we will handle it.” No written process, no thresholds, no commitment. This will turn into endless change orders during the build.
Five. They will not provide a Melbourne SME reference of comparable scale. Generic references and enterprise references are not useful. If they cannot point you to a comparable client in the last 18 months, they have not done the work at your level recently.
Six. They are uncomfortable when you ask about security uplift during the migration. The migration is the moment to fix conditional access, MFA, and application control. A partner who treats this as out of scope is missing the point of why most SMEs are migrating in the first place. Read our zero trust security model explained and cybersecurity services Melbourne resources for the security framing.
Frequently Asked Questions
How long does a typical SME cloud migration take?
For a 50-person business with a moderate-complexity stack (file server, on-prem AD, one or two LOB applications), the engagement runs 12 to 20 weeks from discovery to final cutover, plus 8 to 12 weeks of post-migration support. Smaller and simpler migrations can be done in 6 to 10 weeks. Larger and more complex migrations can run 6 to 9 months. Anyone promising a serious migration in 2 to 4 weeks is selling you a rushed project.
Can we keep our existing IT person and just engage a partner for the migration?
Yes, and this is a common pattern, but it requires clear scope boundaries. The partner runs the project, the internal IT person handles end-user support, change communication, and the on-the-ground coordination during cutover. Our co-managed IT support model is built for exactly this arrangement. The pattern that does not work is the internal person trying to “help” with the technical migration work in parallel, which creates accountability gaps.
What does an Azure bill for a 50-person SME look like at steady state?
Depends entirely on the architecture and what workloads you have moved. For a 50-person business that has migrated file shares to SharePoint, identity to Entra ID, and one moderate SQL workload to Azure SQL, the Azure-side bill is typically $800 to $2,200 per month at steady state. The Microsoft 365 licensing is separate and runs $30 to $50 per user per month depending on tier.
Is hybrid cloud (some workloads on-prem, some in Azure) still a sensible choice?
For some workloads, yes. Specifically: industrial control systems, very large file shares where bandwidth economics matter (some video production and CAD scenarios), and certain LOB applications with vendor support constraints. For most SME workloads, hybrid is a transitional state, not a destination. Plan to be fully in the cloud within three years of starting the migration, or you will end up paying for the worst of both worlds.
What about Microsoft 365 Copilot during the migration?
Deploy after the migration, not during. The Copilot value comes from clean SharePoint structure, properly permissioned document libraries, and a tenant that has been hardened. Trying to roll out Copilot before the migration is finished produces poor user experience because Copilot is searching across the messy interim state.
How do we make sure we are not locked into the partner after the migration?
This is the right question to ask before signing. The protections are documentation (you should own all architecture documentation, including admin credentials and root-of-trust certificates), portable architecture (avoid partner-specific tooling for the run state), and a clean handover process. Our run-state pricing is per-user fixed monthly with no lock-in clause, and the architecture we deploy is standard Microsoft and Azure constructs that any competent partner can take over if you ever decide to move. Reach our team via the contact page for a discovery conversation.
�������������������������������������������������������������������������������������������������������������������������������������
Switching MSPs is a documentation problem dressed up as a technical one. Get the paperwork right in the first three weeks and the cutover is uneventful. Get it wrong and you’ll spend month two chasing passwords. This is the 90-day playbook we use when onboarding Melbourne SMEs leaving another provider.
The post assumes you’ve already made the call. You’re not weighing up how to choose an MSP in Melbourne — you’ve chosen. What you need now is execution: a sequence of decisions and handover tasks that gets you out of the old contract cleanly and into the new one with your data, your tenant control and your sanity intact.
The three decisions you settle before day zero
Most failed MSP migrations fail before they start, because the incoming provider was handed a vague brief and the outgoing one was given a vague deadline. Settle these three things in writing before the 90-day clock begins.
1. What’s in scope and what isn’t
Re-scope from scratch. Don’t inherit your old MSP’s scope document — it was almost certainly written to suit their staffing, not your needs. Walk through every endpoint, every server, every SaaS tenant, every printer, every meeting room, every shadow-IT app the finance team has been quietly paying for, and decide: managed, co-managed, or out-of-scope.
The honest answer for most Melbourne SMEs sits somewhere between fully managed and co-managed IT support, where the internal champion keeps the institutional knowledge and the MSP handles the heavy lifting. Decide which model you want before you sign, because it changes the SLA, the pricing and the documentation burden on day one.
2. The transition window
Pick the date the outgoing MSP’s responsibility ends, and pick it carefully. Don’t end it on a Friday. Don’t end it the day before a board meeting, end-of-month payroll, or a public holiday long weekend. We strongly prefer mid-week, mid-month cutovers — usually a Wednesday — so there’s time on either side to fix anything weird without burning a weekend.
Build a 30-day parallel-running window into the contract if you can. Some outgoing MSPs will fight this; their commercial incentive is to be gone the moment the notice period ends. Push back. A parallel period — where they still answer P1 tickets while the new provider takes over documentation and tooling — is the single biggest predictor of a clean switch.
3. Who owns the data, the tenant, and the licences
This is the conversation that exposes the bad MSPs. If your current provider’s name is on your Microsoft 365 tenant as the global admin owner, on your domain registrar account, on your backup vendor’s portal, or on your CSP partner record — you have a problem, and you need to fix it before you give notice. Not after.
Your business should own:
- The Microsoft 365 tenant, with at least two break-glass global admin accounts that belong to your staff, not the MSP
- The domain registrar account (and DNS, if it’s separate)
- Any CSP relationship and the licences attached to it — these can be transferred between partners but only if the outgoing one cooperates
- Your backup data and the keys/credentials to access it directly
- Firewall and switch admin accounts, with documented passwords held by you
If you can’t tick all of those today, the first month of your 90-day plan is going to be about clawing them back. That’s normal. It just needs to be planned for.
Days 0-30: onboarding, documentation, and the quiet panic
The first month is unglamorous. It’s spreadsheets, screenshots, audit logs and asset lists. Resist the temptation to start changing things — the new MSP’s job in month one is to learn your environment, not improve it.
What to demand from the outgoing MSP
Send this list in writing on day one. Give them fourteen days. Escalate to their account manager on day fifteen.
| Artefact | Why it matters | Common excuses to ignore |
|---|
| Full password vault export (or read-only access) | You can’t manage what you can’t log into | “We use a shared internal tool we can’t export from” |
| Microsoft 365 / Entra tenant admin handover | Without this, nothing else moves | “We’ll keep our GA account active for support purposes” |
| Network diagrams (current, not from 2019) | The new MSP needs to understand the topology before they touch it | “It’s all in our heads, we’ll do a walkthrough” |
| Hardware asset list with serials, warranty, location | Drives the new monitoring deployment and refresh planning | “Our RMM has it, we’ll send a screenshot” |
| Vendor contact list (Microsoft, Cisco, Datto, ISP, etc.) | You need to be able to log a vendor case without the old MSP | “We’re the single point of contact, that’s what you pay us for” |
| Backup configuration, retention policy, and last successful restore test date | You’re about to migrate backups; you need a baseline | “Backups are working, don’t worry about it” |
| Open ticket list and known issues register | So nothing falls between the chairs at cutover | “We’ll close everything off before handover” (translation: they’ll mark them resolved without fixing them) |
| Firewall, switch and Wi-Fi controller configs (exported) | If the device dies in month two, you need the config | “We back those up internally” |
If the outgoing MSP refuses any of the above, you have a documentation problem and possibly a contract problem. Read your exit clause carefully — most decent MSP agreements include a transition cooperation obligation, even if it’s buried. If yours doesn’t, that’s a lesson for the new contract.
Vendor relationship transfers
Microsoft is the big one. If your licences sit under the outgoing MSP’s CSP tenant, you have three options: transfer the CSP relationship to your new MSP (cleanest, but needs both providers to cooperate), move to direct billing with Microsoft (clean break, but you lose any CSP discount and pick up admin overhead), or run a fresh CSP relationship in parallel and migrate users across. Most of our incoming clients choose option one. It takes about ten business days when both sides play ball, and four weeks of pain when they don’t.
Cisco Meraki, Datto, Veeam, NinjaOne, Ahsay, SentinelOne, Huntress — anything with a partner portal — works the same way. Each vendor has its own re-assignment process, each takes a different amount of time, and each one needs the outgoing partner’s sign-off. Map every vendor relationship in week one. Start the transfer requests in week two. By week four, most should be done.
The “who do I call now?” comms plan
Your staff don’t care about your CSP transfer. They care about who picks up the phone when Outlook stops working. Two communications go out in the first week of the new MSP relationship:
Internal staff comms — short, plain, on a single page. New helpdesk email, new phone number, what counts as a P1 (and what to do about it after hours), and a one-line reassurance that nothing else is changing yet. Keep it under 200 words. Pin it in Teams. Print it for the front desk.
Vendor and partner comms — a separate note to your accountant, your auditor, your software vendors and your ISP, telling them who the new IT provider is and giving them updated contact details. Five emails, fifteen minutes, saves a week of confused calls in month two.
At TechAssist, this is the part we drive hardest in week one. Our managed IT services onboarding kicks off with a comms pack the client can send out the same afternoon they sign — because the technical handover takes weeks, but the staff experience changes the moment someone needs help.
Days 31-60: cutover, validation, and finding the lies
Month two is where the previous MSP’s documentation gets tested against reality. It’s also where you migrate the systems they were responsible for — backups, monitoring, ticketing, security tooling — and where things go wrong if anyone rushed month one.
Backup and DR migration
Don’t decommission the old backup until the new one has completed a full successful cycle and a test restore. That sounds obvious. It is regularly ignored.
The order we use:
- New backup platform deployed and configured in parallel — Veeam, Datto, Ahsay, whatever the new MSP standardises on. Old backups continue running untouched.
- First full backup completes successfully on the new platform. Verify the job logs, not just the dashboard summary.
- Test restore performed — not a “we restored a file” test, an actual rebuild of a representative VM or mailbox to an isolated environment, with the client present.
- Second successful cycle.
- Old backup retention frozen (don’t delete — freeze) for a minimum of 90 days after cutover. This is your safety net if a corruption is discovered later.
- Old backup agents removed from production endpoints.
Do not skip the test restore step. We have seen handovers where the outgoing MSP’s backup dashboard was green every day for two years and nothing was actually being captured beyond the C: drive. The only way to find that out is to try to restore something that matters.
Monitoring and ticketing platform switch
The new RMM agent goes on every endpoint in month two. So does the new ticketing system’s email connector. The old RMM and ticketing email stay live in parallel until day 60, then come down.
Two specific gotchas. First, antivirus and EDR conflicts — running SentinelOne alongside Defender for Business alongside the outgoing MSP’s Webroot deployment will cause genuine performance issues and false positives. Plan the security tool swap as a single coordinated change, not a gradual rollout. Second, RMM agent collisions on shared resources, especially scheduled tasks and Windows Update behaviour. Audit scheduled tasks after the new agent is in place; you’ll usually find three or four orphaned jobs from the previous provider that nobody removed.
Security baseline reassessment
Month two is the right time to ask “is the security posture we inherited actually any good?” — and to answer it honestly. Run a fresh baseline: MFA coverage across all accounts (not just users — service accounts, break-glass, admin), conditional access policies, Defender for Office 365 settings, Entra ID logs, privileged role assignments, and external sharing settings on SharePoint and OneDrive.
It is not unusual to find that the outgoing MSP had MFA enforced for staff but not for the three service accounts that authenticate to line-of-business apps. It’s almost universal to find at least one privileged role assignment that should have been removed when someone left the business two years ago. Fix these before they bite you.
A concrete example
A South Yarra logistics firm — around 45 staff, two warehouses, a fleet of about thirty vehicles — switched to us in Q3 2025 after their previous MSP missed two P1 outages in a single quarter. The pre-switch audit found that the firm’s Microsoft 365 tenant had the outgoing MSP listed as the primary CSP partner with sole global admin rights, no break-glass accounts owned by the client, and the domain registrar account was registered to a personal Gmail address belonging to the outgoing MSP’s former tech lead, who had left that business eighteen months earlier.
Reclaiming the tenant took twelve business days and a Microsoft support case. Reclaiming the domain took a further three weeks and required a notarised letter of authority. None of this was technically complex. All of it was the documentation problem this post keeps banging on about. By day 60 the firm was fully migrated, with a backup regime that actually included their warehouse management database (the previous one did not), and a per-user fixed monthly fee they could budget against. The first three months of tickets came in under our standard sub-15-minute P1 response, and the on-site work — including a Wi-Fi controller swap at the Port Melbourne warehouse — was handled same-business-day from our Tecoma NOC.
Days 61-90: stabilise, verify, and close the door
The final month is about proving the new arrangement works and shutting down the old one for good.
SLA verification with real tickets
By day 60 you should have enough ticket history with the new MSP to verify what they promised against what they’re actually delivering. Run a report. Not the MSP’s report — your own pivot of the ticket data, exported. Look at:
- P1 response time, mean and 95th percentile (not just the average — averages hide the bad ones)
- P2 and P3 resolution time against SLA
- Tickets reopened within seven days (a proxy for “fixed it properly the first time”)
- After-hours ticket coverage, if you pay for it
- On-site response time for the tickets that needed it
If something’s off, raise it at the day-90 review, in writing, with the numbers. A good MSP will look at the same data and either explain it or fix it. A bad one will tell you the dashboard says everything’s fine.
Final removal of outgoing MSP access
Day 75 is the audit. Every system, every portal, every shared mailbox, every Teams channel, every PSA integration — does the outgoing MSP still have a way in? They almost always do. The common ones we find at this stage:
- An old Entra ID guest account still active
- A service principal or app registration created during their tenure with broad Graph permissions
- A VPN account that wasn’t disabled
- A shared admin email forwarder that still copies to their helpdesk
- RMM agent remnants on one or two endpoints that were offline during the rollout
- Their public IP still in your firewall allowlist for “remote support”
Close them all. Document who closed each one and when. This isn’t paranoia — it’s basic hygiene and it’s increasingly a requirement of cyber insurance renewals.
The post-mortem with the new MSP
Day 90 isn’t a celebration, it’s a review meeting. The honest version of this conversation includes “what wasn’t documented that we wish had been,” “what surprised us in the environment,” and “what we’d do differently if we did this again.” If your new MSP can’t have that conversation, they’re not the right MSP. If you don’t have it, you’ll repeat the same mistakes in three years when you switch again.
Red flags from outgoing MSPs
Some MSP handovers go badly because the outgoing provider is genuinely overstretched. Some go badly because they’re being hostile. It helps to know which one you’re dealing with.
| Behaviour | Likely meaning | What to do |
|---|
| “We don’t release documentation to third parties” | Hostile handover, or genuinely no documentation exists | Quote the cooperation clause; escalate to their director in writing |
| Global admin password changed after notice given | Hostile; possibly trying to extract additional fees | Microsoft tenant recovery process; legal letter if needed |
| “We’ll need to charge for handover time” | Either contractual (rare) or opportunistic (common) | Check the contract. Pay only what’s clearly owed |
| Sudden discovery of “out of scope” items requiring quotes | Revenue extraction during the notice period | Refuse anything non-urgent; defer to the new MSP |
| Tickets being closed without resolution in the last weeks | Cleaning up their stats before handover | Audit the closed-ticket list; reopen anything not actually fixed |
| Vendor portals showing the MSP as the registered owner of your licences | Either standard CSP arrangement or genuine ownership dispute | Initiate transfer immediately; involve the vendor account manager |
| Staff at the old MSP going quiet after notice | The account has been deprioritised internally | Escalate to their service delivery manager, not your usual contact |
The single best defence against a hostile handover is having owned your own tenant from day one. If you’ve already given notice and you don’t own it, the first phone call is to Microsoft (or the relevant vendor) to start the partner-of-record change, not to the outgoing MSP.
What a good incoming MSP actually does in the first 90 days
To set expectations on the other side of the table — here’s what we do when a Melbourne SME signs with us. We’ve been doing this since 2014 and we’ve refined the playbook through several dozen migrations across industries from logistics to professional services to manufacturing.
Week one is documentation and access. Our onboarding engineer (not a salesperson) sits with the client’s internal champion, sometimes at our Tecoma office, sometimes at our 575 Bourke Street CBD office, sometimes on-site at the client. We work through the artefact checklist above and we don’t leave the room until either we have the documents or we have a written commitment from the outgoing MSP on when we’ll have them.
Week two and three is monitoring and tooling deployment in parallel — we don’t switch off anything the outgoing MSP is doing yet. Our NOC at Tecoma picks up alerting; the outgoing MSP’s RMM keeps running until day 30.
Week four is the comms switch. The client’s staff get the new helpdesk details. Our sub-15-minute P1 response and same-business-day on-site for Melbourne metro becomes the standard. Per-user fixed monthly pricing kicks in — no hourly billing for anything that was in the agreed scope, which removes the awkward “should I log this ticket?” decision for the client’s staff.
Weeks five through eight are the technical migrations — backups, security tooling, the harder vendor transfers. Weeks nine through twelve are stabilisation and the day-90 review.
That’s it. It’s not glamorous. It works because the order is right and because the people doing it have done it before. Our thirteen engineers are all Australian-employed and most of them have been with us long enough to have run this playbook a dozen times. If you’re comparing providers and want a longer reference list, our writeup on the top managed service providers in Melbourne covers what to look for in this stage of the conversation.
FAQ
How long does switching MSPs actually take?
From signed contract to fully decommissioned previous provider, plan for 90 days. The technical work is usually done in 45-60 days; the remaining time is SLA verification, security baseline review, and the final access cleanup. Smaller environments (under 25 staff, no on-premises servers, clean Microsoft 365 tenant) can be done in 45 days. Larger or more complex environments, or anywhere with a hostile outgoing provider, can stretch to 120 days.
Will my staff be without IT support during the switch?
No — not if it’s run properly. The whole point of the parallel-running window in the first 30 days is that the outgoing MSP keeps handling P1 tickets while the incoming MSP takes over documentation and tooling. By day 30 the new provider is taking everything. There should be no period where nobody is on the hook.
What happens if the outgoing MSP won’t hand over passwords or admin access?
Read your contract first — most MSP agreements include a transition cooperation clause, and a written reminder of it usually unlocks the handover within a week. If that doesn’t work, the vendors themselves (Microsoft, your domain registrar, your backup vendor) have partner-of-record change processes that don’t require the outgoing MSP’s consent, though they take longer. As a last resort, a letter from your solicitor referencing the contract terms is usually sufficient. We’ve never had to go further than that.
Do I have to migrate to my new MSP’s preferred tools?
Mostly, yes — and that’s usually fine. MSPs deliver SLAs through standardised tooling; if every client runs different backup, monitoring and security stacks, the response times suffer and the cost goes up. The exception is line-of-business software, which obviously stays where it is. If your new MSP insists on swapping out a working line-of-business system as part of onboarding, push back hard — that’s a separate project.
Can I keep some IT in-house and outsource the rest?
Yes, and for a lot of Melbourne SMEs this is the right model. Co-managed arrangements where an internal IT person or small team handles day-to-day requests and strategic projects, and the MSP handles the NOC, helpdesk overflow, after-hours and specialist work, tend to give the best outcome per dollar spent. The 90-day playbook above works the same way; the scope conversation in the pre-switch phase is just more detailed.
What’s a reasonable price to pay during the transition?
You’ll likely pay both MSPs for the first 30-45 days — the old one on the existing contract, the new one on a reduced onboarding fee or a ramped-up monthly. Budget for it. Trying to avoid the overlap by ending the old contract early is where most failed migrations start. The overlap cost is small compared to the cost of a botched cutover.
How do I know if the new MSP is actually any better?
Real ticket data at day 90. Not testimonials, not the sales pitch, not the dashboard the MSP shows you — your own export of the ticket history, with response and resolution times against the SLA you signed. If the numbers are good, you’re in the right place. If they’re not, you have the conversation early, when it’s still fixable.
If you’re partway through this decision and want a second opinion on the pre-switch audit — particularly the tenant ownership and vendor relationship pieces, which are where the worst surprises live — get in touch. An hour on the phone before you give notice saves a fortnight in month two.
����������������������������������������������������
Unlocking Business Growth through Cloud Solutions Adoption
The rapid expansion of cloud solutions has revolutionized the way businesses operate, fueling sustainable growth. With the right approach, businesses of all sizes can leverage the cloud’s immense potential to enhance productivity, streamline processes, and reduce costs. TechAssist, as a professional, knowledgeable, and customer-focused partner, plays a crucial role in helping businesses successfully adopt cloud solutions, ensuring a smooth operation of their IT infrastructure while reaping the maximum benefits.
Understanding Cloud Solutions and Their Components
Cloud computing is an innovative approach to storing, accessing, and processing data through a network of remote servers hosted on the internet, rather than on local servers or personal computers. This powerful technology enables businesses to harness a flexible, scalable, and cost-effective infrastructure that is fundamental to their growth and competitiveness.There are three primary types of cloud solutions: public, private, and hybrid. Public clouds offer services and resources on a shared platform, managed by third-party providers. Private clouds, on the other hand, are exclusively designed for a single organisation, offering greater control and security. Hybrid clouds combine the best of both public and private solutions, providing a tailored approach that meets the unique requirements of each business.The key components of cloud infrastructure include storage, compute, and networking. Storage refers to the capacity to hold data in various formats, such as files, databases, or data lakes. Compute entails the processing power needed to run applications and workloads, while networking represents the connectivity between different cloud services, users, and devices. These components work together seamlessly, empowering businesses to adopt and benefit from cloud solutions that drive their growth.
Exploring the Benefits of Cloud Solutions for Business Growth
Cloud solutions provide a myriad of advantages that can significantly contribute to a business’s growth. These benefits range from cost savings and increased operational efficiency to enhanced collaboration and improved security.One of the most compelling reasons to adopt cloud solutions is the potential for cost savings. By leveraging cloud services, businesses can reduce hardware and infrastructure expenses, as well as lower energy consumption and maintenance costs. Furthermore, the pay-as-you-go pricing models offered by cloud providers allow for better cost management and resource allocation.Scalability and flexibility are also critical advantages of cloud solutions. Growing businesses can easily and quickly allocate resources as needed, ensuring they have the capacity to meet increasing demands. On-demand access to resources and applications ensures that businesses can adapt to changing circumstances, while customizable solutions cater to the specific needs of each organisation.Cloud solutions also enhance collaboration and mobility within a business. Employees can remotely access data and applications, promoting a more agile and productive workforce. Real-time collaboration capabilities foster seamless communication and teamwork, while support for Bring Your Own Device (BYOD) policies facilitates increased employee engagement and satisfaction.Security and compliance are other vital benefits offered by cloud solutions. Providers invest in advanced data protection and encryption methods to safeguard sensitive information. Regular security updates and patches help businesses stay ahead of potential threats, and compliance with industry-specific regulations ensures that organisations maintain high standards of data privacy and integrity.Finally, cloud solutions can drive increased operational efficiency. Automation of repetitive tasks frees up valuable time and resources, while streamlined workflows and processes enhance productivity. Faster deployment of applications and services ensures that businesses can quickly capitalize on new opportunities, further fueling their growth.
Navigating the Cloud Adoption Process for Business Growth
Successfully adopting cloud solutions for business growth requires a strategic approach that encompasses several key steps. The first step involves assessing your current IT infrastructure and requirements, which allows you to identify areas that could benefit from the capabilities offered by the cloud. This evaluation will help you determine the most appropriate cloud services and solutions for your organisation’s needs.Choosing the right cloud service provider and solution is a critical decision that will significantly impact your business’s growth potential. Careful consideration should be given to factors such as performance, security, compliance, and pricing. Additionally, it’s essential to evaluate the provider’s reputation, customer support, and track record of success.Planning and executing a smooth transition to the cloud is vital to minimise disruption and ensure a positive outcome. This process may include migrating data, applications, and workloads, as well as training staff on new systems and processes. It’s crucial to develop a detailed plan and timeline, with clear objectives and milestones, to keep the project on track and manage expectations.Continuous monitoring and optimisation of cloud usage are necessary to maximise the benefits of your cloud solutions. This includes analysing performance metrics, identifying potential issues, and implementing improvements to enhance efficiency and cost-effectiveness. Regularly reviewing and adjusting your cloud strategy will help your business stay agile and responsive to evolving needs and opportunities, driving sustainable growth.
How TechAssist Supports Cloud Adoption for Sustainable Business Growth
As a professional, knowledgeable, and customer-focused partner, TechAssist plays a crucial role in supporting businesses through their cloud adoption journey, ensuring they can harness the full potential of cloud solutions for growth. Our team of experts offers advice and consultation on cloud strategy, helping organisations identify the most suitable cloud services and solutions to meet their needs.TechAssist ensures a seamless implementation and integration of cloud solutions by working closely with businesses to develop a detailed plan and timeline, migrate data and applications, and train staff on new systems and processes. Our commitment to providing ongoing support and management for cloud infrastructure ensures that businesses can focus on their core activities while trusting that their IT systems are in capable hands.To deliver optimal performance and security, TechAssist continuously monitors and optimizes cloud systems, analysing performance metrics and implementing improvements as needed. This proactive approach helps businesses stay agile, responsive, and competitive in an ever-changing landscape. By partnering with TechAssist, organisations can confidently embark on their cloud adoption journey, unlocking the benefits of cloud solutions for sustainable business growth.
Empower Your Business with Cloud Solutions and TechAssist
Adopting cloud solutions for business growth presents numerous advantages, including cost savings, scalability, flexibility, enhanced collaboration, and improved security. To fully leverage these benefits, partnering with a knowledgeable and reliable IT provider like TechAssist is crucial. Our team offers expert advice, seamless implementation, and ongoing support for cloud infrastructure, ensuring optimal performance and security. We encourage businesses to explore cloud solutions as a key component of their growth strategy. With TechAssist by your side, you can confidently navigate the cloud adoption process and unlock the full potential of this transformative technology. Learn more about how TechAssist can support your business growth with cloud solutions.