Server virtualisation runs several independent virtual machines on a single physical host, so one server can do the work of many. Most Melbourne SMEs still keep some on-premises compute for performance, control or cost reasons. The 2026 question isn’t whether to virtualise — it’s which hypervisor, and whether you need hyperconverged infrastructure at all.
This post explains virtualisation in plain terms, walks through the hypervisor shake-up after Broadcom’s acquisition of VMware, and tells you honestly when hyperconverged infrastructure (HCI) earns its keep — and when it’s overkill. Most small SMEs don’t need it.
What server virtualisation actually is
A physical server has finite CPU, RAM and disk. Run one operating system on it directly and most of that hardware sits idle most of the time. Virtualisation inserts a thin software layer — a hypervisor — between the hardware and the operating systems, so you can run multiple virtual machines (VMs) on the one host. Each VM behaves like its own separate server: its own OS, its own applications, its own network identity, isolated from its neighbours.
The payoff is consolidation. A business that once had a domain controller, a file server, a line-of-business application server and a print server on four ageing boxes can run all four as VMs on a single modern host, with capacity to spare. Fewer machines to power, cool, patch and replace. VMs are also portable — you can back one up as a file, move it to another host, or spin up a copy for testing without touching the others.
Why SMEs still run on-premises compute
The cloud handles a great deal of what used to live in a server room, but on-premises compute hasn’t gone away, and for good reasons:
- Latency-sensitive applications — CAD, large file editing, manufacturing line systems and some practice-management software perform better when the server is on the same LAN as the users.
- Data gravity — when you hold terabytes of project files, shifting it all to cloud egress charges and re-downloading it daily makes no financial sense.
- Specific software — plenty of legacy line-of-business applications simply aren’t built to run as SaaS.
- Control and predictability — a fixed capital outlay every five years can beat an ever-climbing monthly cloud bill for steady, predictable workloads.
A construction firm in Box Hill we work with keeps its estimating and document servers on-premises precisely because the project files are enormous and the estimators can’t tolerate cloud latency mid-tender. Their email and collaboration live in Microsoft 365; their heavy compute stays local. That hybrid split is typical.
The hypervisor landscape in 2026
For over a decade VMware vSphere was the default choice and the safe one. That changed when Broadcom acquired VMware and overhauled the licensing — moving to subscription-only bundles, raising minimum core counts, and discontinuing the free ESXi hypervisor and the perpetual licences many SMEs relied on. For a small business running two or three hosts, the renewal quotes have in many cases multiplied. The result is a genuine migration away from VMware among cost-conscious SMEs, and a healthier set of alternatives than the market has had in years.
| Hypervisor | What it is | Best fit for SMEs |
|---|
| VMware vSphere | The long-standing enterprise standard; mature, feature-rich | Existing VMware shops who can absorb the new subscription costs |
| Microsoft Hyper-V | Built into Windows Server; included with the licence you likely already buy | Windows-centric SMEs wanting a no-extra-cost, well-supported option |
| Proxmox VE | Open-source virtualisation with clustering and built-in backup | Budget-conscious businesses with capable IT support; no licence fees |
| Nutanix | HCI platform with its own hypervisor (AHV); compute and storage combined | Growing SMEs wanting an integrated, scalable appliance approach |
| Azure Local (Azure Stack HCI) | Microsoft’s hybrid HCI stack, managed through Azure | Microsoft-aligned businesses wanting on-prem hardware with cloud management |
For most Melbourne SMEs already invested in Windows Server, Hyper-V is the pragmatic answer. It’s a Type 1 hypervisor that ships with Windows Server, it’s well documented, and the live migration and replication features that used to cost extra in VMware are built in. Proxmox is a strong open-source alternative where there’s no appetite for licence fees and the IT partner is comfortable supporting it. Nutanix and Azure Local are HCI platforms — which brings us to the next question.
What hyperconverged infrastructure (HCI) is
Traditional virtualisation often kept three things separate: the servers that provide compute, a shared storage array (a SAN or NAS) that holds the VM data, and the network switching that ties them together. That works, but it means buying, managing and troubleshooting three distinct systems, often from three vendors.
Hyperconverged infrastructure collapses compute, storage and networking into clustered nodes — standardised server units that each contribute CPU, RAM and local disk to a shared pool, managed as one system through a single software layer. Add capacity by adding another node. There’s no separate SAN to maintain; the storage is software-defined across the cluster. A three-node HCI cluster can lose a whole node and keep running, because the data is mirrored across the others.
When HCI suits a growing SME
HCI makes sense when an SME has outgrown a single host but doesn’t want the complexity and cost of a traditional SAN-plus-hosts build. The signals we look for:
- You’re running enough VMs that one host is no longer enough, and you need genuine high availability — workloads that must survive a hardware failure without downtime.
- You expect to grow and want to scale by adding nodes rather than forklifting in a bigger array.
- You want fewer moving parts and a single support relationship rather than separate storage, compute and hypervisor vendors.
- You have, or your MSP provides, the discipline to manage a clustered platform properly.
A manufacturer in Dandenong we support moved to a three-node HCI cluster when their ageing single host couldn’t run their ERP, MES and file workloads with any headroom — and a hardware failure would have stopped the production line. The cluster gave them the ability to patch and reboot a node during business hours without anyone noticing, which a single host never could.
High availability, backup and disaster recovery
Virtualisation makes resilience easier, but it does not provide it automatically. Three distinct things often get muddled, and the distinction matters when a server room floods or ransomware hits.
High availability (HA) keeps workloads running when a host fails. In a cluster, if one node dies, its VMs restart automatically on the surviving nodes. HA protects against hardware failure — it does not protect your data from deletion, corruption or encryption.
Backup is your independent, recoverable copy. The cardinal rule is that a VM snapshot is not a backup — snapshots live on the same storage as the VM and vanish with it. You need proper, application-aware backups written to separate storage, ideally following a 3-2-1 approach with at least one immutable, off-site copy that ransomware can’t reach. We go deeper on this in our guide to backup and disaster recovery for Melbourne businesses.
Disaster recovery (DR) is the plan and the tested capability to get the whole environment running again somewhere else after a serious incident. Virtualisation helps enormously here — because a VM is just a file, you can replicate it to a second site or to the cloud and bring it up there. The numbers that govern this are your recovery time objective and recovery point objective, which we unpack in RTO vs RPO explained. Set those targets before you design the platform, not after.
Cloud vs on-premises vs hybrid
The honest position is that this is rarely all-or-nothing. Three broad paths:
- Cloud-first — run workloads in Azure or AWS, or replace servers with SaaS entirely. Best for businesses with variable demand, distributed teams, or no desire to own hardware. You trade capital cost for an operating bill that scales with use.
- On-premises — keep compute local for latency, data gravity or cost predictability. Best for steady, heavy workloads where the maths favours owning the kit.
- Hybrid — the common reality. Keep latency-sensitive and data-heavy workloads on-premises, push email, collaboration and backup targets to the cloud, and use the cloud as a DR site. Our cloud services work is mostly designing and running exactly this kind of split.
The mistake we see is treating cloud as automatically cheaper. For a server that runs flat-out twenty-four hours a day, owning the hardware over five years often beats the equivalent cloud instance. For a workload that’s busy three days a month, the cloud wins easily. Match the model to the workload.
Right-sizing: most small SMEs don’t need HCI
Here’s the part the appliance vendors won’t lead with: the majority of small businesses do not need hyperconverged infrastructure. A five-to-twenty-person professional services firm with a couple of VMs is perfectly well served by a single well-specified Hyper-V host with solid backups and a tested cloud DR plan. HCI starts to earn its cost at three nodes and a real high-availability requirement — below that, you’re paying for resilience and scale you won’t use.
Equally, plenty of SMEs we onboard are running more on-premises than they need to. If your file server, line-of-business app and identity could all sensibly move to Microsoft 365 and Azure, the right answer might be fewer servers, not a fancier cluster. Right-sizing cuts both ways — sometimes up to HCI, often sideways to hybrid, occasionally down to almost nothing on-site. The discipline is matching the architecture to the actual workload and risk tolerance rather than the brochure.
The MSP role in design and management
Virtualisation and HCI are easy to buy and easy to get wrong. The value of a competent MSP is in the design decisions made before anything is purchased: sizing the hosts to the workload with genuine headroom, choosing the hypervisor that fits your licensing and skills, designing HA and backup so they actually protect you, and setting RTO and RPO targets you’ve signed off on.
Then there’s the ongoing work — patching hosts and guests, monitoring capacity before you run out of it, testing DR restores so you know they work rather than hoping, and keeping the platform aligned to the Essential Eight. TechAssist is a Melbourne-based MSP founded in 2014 with 13 Australian-employed engineers — not offshore — and our managed IT services include this design-and-run work under fixed per-user monthly pricing rather than scope-creeping hourly billing. Our 24/7 NOC in Tecoma watches the hosts overnight so a failed node at 2am gets handled before you walk in.
Frequently asked questions
Is server virtualisation still worth it for a small business in 2026?
Yes, for almost any business running more than one server workload. Consolidating several roles onto one virtualised host saves on hardware, power and management, and makes backup and recovery far simpler because each VM is portable. The only businesses that genuinely don’t benefit are those that have moved everything to SaaS and the cloud and keep nothing on-premises.
Should I move off VMware because of the Broadcom changes?
Not reflexively — but it’s worth pricing the alternatives at your next renewal. If your VMware subscription quote has jumped substantially, Hyper-V (which you likely already licence through Windows Server) or Proxmox can deliver the same outcomes for an SME at far lower cost. Migration takes planning, so don’t leave it to the week before renewal.
What’s the difference between virtualisation and hyperconverged infrastructure?
Virtualisation runs multiple VMs on a host. HCI is an architecture that combines compute, storage and networking into clustered nodes managed as one system, removing the need for a separate storage array. All HCI involves virtualisation, but you can virtualise perfectly well on a single host without any HCI at all.
Do I need high availability or just good backups?
They solve different problems. High availability keeps you running through a hardware failure; backups let you recover from data loss, corruption or ransomware. A single host with excellent, tested backups is fine for many small businesses. If even an hour of downtime is unacceptable, you need HA as well — but never HA instead of backups.
Getting the architecture right
Server virtualisation is settled technology; the interesting decisions in 2026 are which hypervisor, how much resilience you genuinely need, and where the line between on-premises and cloud should sit for your business. Get those right and you spend nothing you don’t have to. Get them wrong and you either over-build a cluster you’ll never fill or under-protect a server you can’t afford to lose.
If you’re facing a VMware renewal, an ageing host, or a growth jump that’s straining your current setup, get in touch. We’ll look at what you actually run before recommending anything — and quite often the right answer costs less than you expect.
For most Microsoft-centric Australian SMEs, the honest answer to Azure vs AWS is Azure — because your fleet already runs Windows, Microsoft 365 and Entra ID, and Azure plugs straight into all three. Dev-heavy and startup teams more often land on AWS for its breadth and tooling. Both have Sydney regions, so data residency rarely decides it.
That short answer hides a lot of nuance, and the wrong call gets expensive to unwind. Below is a fair, SME-grade comparison — not the enterprise architecture wishlist you’ll find on the vendors’ own sites.
The two platforms, in plain terms
Microsoft Azure and Amazon Web Services (AWS) are the two dominant public cloud platforms. They both rent you compute, storage, databases, networking and a long catalogue of managed services, billed by consumption. For a 10-to-150-seat business in Melbourne, you will likely never touch more than a dozen of the hundreds of services either one offers. So the question isn’t “which platform is bigger” — AWS is — it’s “which one fits the way your business already works.”
AWS launched in 2006 and had a multi-year head start. It remains the market leader by revenue and has the deepest catalogue of services, the most mature tooling, and the largest pool of engineers who know it well. Azure arrived later but grew fast on the back of Microsoft’s existing enterprise relationships. If your business runs on Microsoft 365, Windows Server and Entra ID, Azure is built to feel like an extension of that environment rather than a separate world.
Where Azure leads for an Australian SME
Azure’s biggest advantage isn’t technical brilliance — it’s integration. Most Australian SMEs are already deep in the Microsoft stack: Outlook and Teams via Microsoft 365, identity in Entra ID (the platform formerly called Azure AD), and a mix of Windows laptops and servers. Azure treats that as home turf.
The practical wins stack up quickly:
- One identity system. Entra ID is the same directory that backs your Microsoft 365 logins. Conditional access, multi-factor authentication and single sign-on extend to Azure resources without a separate identity platform to maintain. If you’ve already done the work on conditional access policies, Azure inherits it.
- Hybrid that actually works. Azure Arc, Azure Files and Azure AD-joined devices make a half-on-premises, half-cloud setup manageable. For a business still running a local file server or a line-of-business app that can’t move yet, this matters more than any benchmark.
- Licensing leverage. If you hold Windows Server or SQL Server licences with Software Assurance, Azure Hybrid Benefit lets you reuse them and cut the compute bill materially. AWS has nothing equivalent for Microsoft workloads.
- Familiar admin surface. Your IT team already lives in the Microsoft 365 admin centre and Entra. The Azure portal sits beside them with the same login and similar logic.
For Windows-heavy SMEs, this integration is usually decisive. It reduces the number of systems to secure, the number of consoles to learn, and the number of places a misconfiguration can hide. That’s why most of the Microsoft-centric businesses we support across Melbourne end up on Azure — not because AWS couldn’t do the job, but because Azure does it with fewer moving parts.
Where AWS genuinely leads
It would be dishonest to wave AWS away. For a lot of workloads it’s the stronger platform, and pretending otherwise helps no one.
- Breadth and maturity. AWS has more services, more configuration options, and more battle-tested edge cases ironed out. If you need something niche — a specific database engine, a particular machine-learning service, an obscure networking feature — AWS very likely shipped it first and shipped it more completely.
- Developer ecosystem. The pool of engineers, open-source tooling, tutorials, Terraform modules and Stack Overflow answers skews AWS-first. For a startup or a product team building software as the core of the business, that ecosystem shortens development time.
- Container and serverless depth. AWS Lambda and the surrounding serverless tooling are more mature, and many teams find AWS’s container services (ECS, EKS, Fargate) more flexible for cloud-native architectures.
- Vendor-neutral footing. If you’re deliberately avoiding a single-vendor Microsoft estate — some businesses are, for good reasons — AWS doesn’t assume you live in that world.
The pattern we see is consistent: dev shops, SaaS startups and product engineering teams in places like Cremorne and Richmond tend to pick AWS and stay there, because their staff already think in AWS and their architecture is cloud-native from day one.
Side-by-side comparison
| Factor | Microsoft Azure | Amazon Web Services (AWS) |
|---|
| Best fit | Microsoft 365 / Windows / Entra ID shops; hybrid setups | Dev teams, startups, cloud-native and product businesses |
| Identity | Native Entra ID — same directory as your Microsoft 365 | AWS IAM; integrates with Entra but as a separate system |
| Service breadth | Very broad; deepest on Microsoft workloads | Broadest overall; most mature catalogue |
| Hybrid on-premises | Strong (Azure Arc, Azure Files, AD-joined devices) | Capable (Outposts) but less natural for Windows shops |
| Windows licensing | Azure Hybrid Benefit reuses your existing licences | No equivalent reuse for Microsoft licences |
| Developer ecosystem | Large and growing | Largest; deepest open-source and tooling support |
| Australian regions | Sydney, Melbourne, Canberra | Sydney, Melbourne |
| Pricing model | Pay-as-you-go, reserved instances, savings plans, Hybrid Benefit | Pay-as-you-go, reserved instances, savings plans, Spot |
| Learning curve for MS admins | Lower — familiar portal and identity | Higher — new console, new identity model |
Pricing: why like-for-like comparison is so hard
Anyone who tells you one platform is “cheaper” full-stop is guessing. Pricing on both is a moving target of instance types, regions, reserved-versus-on-demand commitments, storage tiers, egress charges and a dozen discount mechanisms. The same workload can be cheaper on either platform depending on how you commit and configure it.
A few things hold true regardless of which you pick:
- On-demand pricing is the most expensive way to run anything steady. Reserved instances or savings plans (both platforms have versions) cut 30–60% off predictable workloads in exchange for a 1- or 3-year commitment.
- Egress — data leaving the cloud — is the bill that surprises people. Both charge for it, and it’s easy to design an architecture that bleeds money moving data around. This is also why casual multi-cloud is costly: shifting data between AWS and Azure incurs egress on the way out.
- For Microsoft workloads, Azure Hybrid Benefit can swing the maths decisively. If you already own Windows Server or SQL Server licences, that reuse often makes Azure the cheaper home for those specific workloads.
The right move for an SME isn’t to chase the lowest sticker price. It’s to model your actual workload — steady-state versus bursty, how much data moves, what you already license — and price that. We build that modelling into our cloud services work rather than quoting a platform blind.
Australian regions and data residency
Data residency is the question Australian boards ask first, and it’s usually less of a deciding factor than people expect. Both platforms have multiple Australian regions: AWS runs Sydney and Melbourne; Azure runs Sydney, Melbourne and Canberra (the last partly for government). For nearly any commercial SME workload, you can keep data physically in Australia on either platform.
Where it gets real is for regulated data. Healthcare practices handling patient records under the Privacy Act and OAIC expectations, or firms with contractual data-residency clauses, need to actively configure the region and confirm that backups, logs and replicas don’t quietly land offshore. The default region matters, and so does where your disaster-recovery copy sits. We cover that thinking in our guide to backup and disaster recovery. The point is that residency is a configuration discipline on both clouds, not a reason to pick one over the other.
Support and partner ecosystem
Both vendors sell tiered support, and at SME scale you rarely want to deal with either directly — the base tiers are slow and the enterprise tiers are priced for enterprises. In practice, the support that matters is your partner’s.
Azure has the larger Australian Microsoft partner network, which reflects how embedded Microsoft already is in local business. AWS has a strong partner community too, weighted toward consultancies and dev-focused shops. For an SME, the practical question is: who picks up the phone when something breaks at 7am? A local managed service provider that runs your cloud day-to-day will resolve issues faster than any vendor support queue. That’s the model we run — Australian-employed engineers, sub-15-minute response on critical issues, rather than a ticket that sits offshore overnight.
A Box Hill scenario
A professional services firm in Box Hill we work with came to us mid-migration. They’d started moving a line-of-business app to AWS on a developer’s recommendation, then realised their entire workforce ran on Microsoft 365, Entra ID and Windows laptops. They were now maintaining two identity systems, two sets of security policies, and paying a contractor to bridge the gap.
We didn’t rip out the AWS work for its own sake — that would have been waste. We assessed each workload. The custom app stayed where it ran well; everything tied to identity, file storage and the Windows fleet moved to Azure, where it inherited their existing conditional access and MFA. The result was fewer systems to secure and a smaller monthly bill, because the Windows workloads picked up Hybrid Benefit. The lesson wasn’t “Azure beats AWS” — it was that the platform should follow the business, not a single engineer’s comfort zone.
Should a small team go multi-cloud?
Usually not. Multi-cloud — deliberately running across both platforms for resilience or flexibility — sounds prudent and is genuinely useful at large scale. For a small team it’s mostly a tax: double the platforms to secure, double the expertise to hire or retain, egress charges for any data crossing between them, and twice the surface area for a misconfiguration to slip through.
The exception is incidental, not strategic — a SaaS product you consume that happens to run on the other cloud doesn’t make you multi-cloud. Pick a primary platform, get it right, and only spread out when a specific, costed requirement forces it. For an SME, depth on one cloud beats shallow coverage on two almost every time, and it keeps your security posture coherent.
Frequently asked questions
Is Azure or AWS better for a small business?
For a Microsoft-centric Australian SME — Microsoft 365, Windows fleet, Entra ID — Azure is usually the better fit because it integrates with what you already run and reduces the number of systems to secure. Dev-led and startup teams more often choose AWS for its breadth and tooling. Neither is universally “better”; the right choice follows your existing stack.
Is AWS cheaper than Azure?
Not reliably. The same workload can be cheaper on either platform depending on instance types, reserved commitments, storage tiers and data egress. For Microsoft workloads, Azure Hybrid Benefit often makes Azure cheaper because you reuse existing Windows or SQL licences. Model your actual workload rather than trusting a headline rate.
Does my data stay in Australia on Azure or AWS?
It can on both. AWS has Sydney and Melbourne regions; Azure has Sydney, Melbourne and Canberra. You must actively configure the region and confirm backups, logs and replicas don’t land offshore — residency is a configuration discipline, not a default guarantee, on either platform.
Should my SME run both Azure and AWS?
Rarely. Multi-cloud doubles the platforms to secure, the expertise to maintain and the cost of moving data between them. For most small teams, picking one platform and running it well delivers better security and lower cost than spreading thinly across both.
Making the call
If your business runs on Microsoft and you don’t have a dedicated platform engineering team, Azure is the path of least resistance and usually the right one. If you’re a product or dev-led business with AWS skills in-house, AWS’s depth will serve you better. Either way, the decision should rest on your actual workloads, licences and team — not on a vendor pitch or a benchmark blog.
If you’d like a straight assessment of which cloud suits your specific setup — and a costed migration plan rather than a sales deck — get in touch with our team. We’ll look at what you’ve got and tell you honestly where it should live.
Azure is worth it for a small business when you have a workload that genuinely needs cloud infrastructure — a server to retire, a line-of-business app to host, virtual desktops for a hybrid team. For most Melbourne SMEs, though, Microsoft 365 plus a small NAS does the job, and Azure becomes a bill you didn’t need.
Microsoft Azure small business deployments fail in one of two ways: a business pays for cloud infrastructure it doesn’t need, or it lifts a server into Azure with no cost controls and gets a quarterly bill that triples overnight. Both are avoidable. The trick is knowing what Azure actually does, where it earns its keep for an SME, and where a cheaper option does the same job without the meter running.
What Azure actually is, in plain terms
Azure is Microsoft’s public cloud — a set of data centres you rent compute, storage and networking from by the hour or the gigabyte. Instead of buying a physical server, racking it in a cupboard at your office and replacing it every five years, you run the same workload on Microsoft’s hardware and pay for what you use.
The catalogue is enormous — hundreds of services — but a small business touches a small slice of it. The services that matter for an SME are virtual machines (a server in the cloud), identity (Microsoft Entra ID, formerly Azure AD), file storage, backup, and virtual desktops. Everything else is for software developers and large enterprises, and you can safely ignore it.
One point of confusion worth clearing up: Microsoft 365 is not Azure. Microsoft 365 — your email, Teams, SharePoint and Office apps — runs on Microsoft’s cloud, but it’s a finished, fixed-price product. Azure is the raw infrastructure underneath. Plenty of businesses run entirely on Microsoft 365 and never touch Azure at all, and that’s a perfectly good place to be.
Where Azure earns its keep for an SME
Azure makes sense when you have a specific workload that needs infrastructure. Here are the use cases we actually deploy for Melbourne small businesses, rather than the marketing list.
Lift-and-shift a server as a virtual machine
The most common entry point. You’ve got an ageing physical server running an accounting package, a file share or a legacy app, and it’s due for replacement. Rather than spend $8,000 on new hardware that sits idle most of the day, you rebuild it as an Azure virtual machine. No cupboard, no UPS, no five-year refresh cycle. This is genuinely useful when the app can’t move to a SaaS alternative — but it’s also where the bill-shock stories start, because a VM bills every hour it’s switched on whether anyone’s using it or not.
Identity with Microsoft Entra ID
If you’re on Microsoft 365 you already use Entra ID — it’s the directory your staff log in against. Azure lets you extend it: conditional access, single sign-on to other apps, and proper multi-factor enforcement. We treat identity as the foundation of any cloud build, and we’ve written separately about conditional access policies in Microsoft 365 because getting them right is what stops a leaked password becoming a breach.
Azure Files and Azure Backup
Azure Files gives you a cloud file share that maps like a normal network drive. Azure Backup and Azure Site Recovery protect servers and workloads — Backup for restoring files and machines, Site Recovery for failing a whole server over to the cloud if your primary site goes down. These are solid, and we use them, but they’re only one ingredient in a proper recovery plan. The thinking that matters is your RTO and RPO — how long you can be down and how much data you can afford to lose — not the tool itself.
Hosting a line-of-business app
If your business runs on a specific Windows application — a job-management system, a CAD licence server, an old ERP — and the vendor won’t or can’t move it to SaaS, Azure is a sensible home for it. You get a reliable, monitored, backed-up environment without owning the hardware. This is where Azure clearly beats a server in the cupboard.
Virtual desktops: Azure Virtual Desktop and Windows 365
If you have staff who need a full Windows desktop from anywhere — contractors, a hybrid team, people on locked-down or BYO laptops — virtual desktops put that desktop in Azure. Azure Virtual Desktop is the flexible, consumption-priced option; Windows 365 is the simpler fixed-per-user-per-month version (a Cloud PC). Windows 365 is usually the better fit for a small business precisely because the price is predictable. AVD is more powerful but needs someone watching the meter.
The cost model reality
This is the part nobody enjoys, and it’s the part that decides whether Azure is worth it. Azure is consumption-based: you pay for compute by the hour, storage by the gigabyte, and data movement by the transaction. There’s no fixed monthly number on the box. That flexibility is the whole appeal, and it’s also exactly how businesses overspend.
A few realities to hold onto:
- VMs bill while they’re running, not while they’re being used. A server left on 24/7 that’s only needed during business hours is burning roughly three times the cost it should. Auto-shutdown schedules fix this in minutes.
- Reserved instances cut compute costs sharply. If a VM is going to run for the long haul, committing to a one- or three-year reservation can cut the compute price by 40 percent or more versus pay-as-you-go. Most SMEs leave this money on the table.
- Storage and egress add up quietly. Old backups, orphaned disks from deleted VMs, and data being pulled out of Azure all bill in the background. These are the line items that make a quarterly invoice mysterious.
- Data residency matters. For Australian businesses, you deploy into the Australia East region (Sydney). Your data stays onshore, which keeps you comfortable for privacy and contractual reasons under the Privacy Act and the OAIC’s expectations. Don’t let a default drop your data into a US region.
Azure vs Microsoft 365 plus a NAS vs staying on-prem
Azure is not the default answer. For a lot of Melbourne SMEs, the right call is the cheaper one. Here’s how we frame the decision.
| Scenario | Best fit | Why |
|---|
| Small team, files and email, no legacy server apps | Microsoft 365 + a small NAS | SharePoint/OneDrive handles documents; a NAS gives fast local storage and cheap backup. No Azure bill, no meter. |
| Ageing server running a Windows-only line-of-business app | Azure VM | Retires the hardware, removes the refresh cycle, and hosts an app that can’t move to SaaS. |
| Hybrid or contractor-heavy team needing full Windows desktops | Windows 365 / Azure Virtual Desktop | Centralised, secure desktops from any device, no fleet of company laptops to manage. |
| Heavy local data, low internet reliability, latency-sensitive work | Stay on-prem (or hybrid) | Large CAD or video files and patchy connectivity make cloud-only painful and slow. |
| Regulated data with strict residency or recovery requirements | Azure (Australia East) or hybrid | Onshore region, auditable backups, and documented recovery you can show an insurer or regulator. |
The pattern is simple: if your needs are documents, email and collaboration, Microsoft 365 with sensible backup is enough, and Azure is overkill. The moment you have a server-based workload, virtual desktops, or a recovery requirement you can’t meet locally, Azure starts earning its place.
FinOps: the cost-control discipline that makes Azure worth it
FinOps is just the practice of treating cloud spend like any other managed expense — measured, budgeted and reviewed, not left to drift. For a small business it doesn’t need to be a department. It needs a handful of controls:
- Budgets and alerts. Set a monthly budget in Azure Cost Management with alerts at 50, 80 and 100 percent. You should hear about an overspend the week it happens, not on the invoice.
- Auto-shutdown and right-sizing. Switch off VMs out of hours and match the VM size to the actual workload. Most environments are over-provisioned because someone picked a bigger size “to be safe”.
- Reservations for steady workloads. Anything running long-term should be on a reservation, not pay-as-you-go.
- Tagging and clean-up. Tag resources by purpose so you can see what’s costing what, and delete orphaned disks, snapshots and old backups on a schedule.
None of this is exotic. It’s the difference between Azure being a controlled line item and Azure being a surprise.
A scenario from the eastern suburbs
A surveying firm in Box Hill we work with came to us after a self-managed Azure setup. They’d lifted their old file-and-app server into a VM, which was the right call — but the VM ran 24/7, the original oversized disk was still being billed alongside its replacement, and there were no budget alerts. Their spend had crept to nearly double what the workload justified. Adding an out-of-hours shutdown schedule, right-sizing the VM, moving it onto a one-year reservation and deleting the orphaned disk brought the monthly cost down by roughly a third — for the same performance. Nothing clever; just the discipline that should have been there from day one.
The MSP role: governance, not just deployment
Anyone can spin up a VM in Azure. The value an MSP adds is everything around it — making sure the build is sized correctly, deployed to Australia East, backed up to a tested standard, secured with proper identity controls, and watched so the bill doesn’t run away. That’s governance, and it’s the part a business can’t easily do for itself between everything else it’s juggling.
At TechAssist we’re a Melbourne-based MSP, founded in 2014, with 13 Australian-employed engineers — no offshore helpdesk. Our 24/7 NOC at Tecoma monitors the environments we run, so a backup that silently fails or a cost that spikes gets caught by us, not discovered by you on the invoice. We build and manage Azure as part of our broader cloud services, and we’ll tell you plainly when Azure is the wrong answer and Microsoft 365 plus a NAS would serve you better and cheaper. We’re also Essential Eight aligned, which matters once you’re putting business data into the cloud.
The honest position is this: Azure is a powerful tool that’s worth it for the right workload, with the right controls, in the right region — and an expensive mistake without them. The job is matching the tool to your actual needs.
Frequently asked questions
Is Azure cheaper than buying a server?
Sometimes. Over five years, a well-governed Azure VM with a reservation and an out-of-hours shutdown can beat the total cost of owning, powering and replacing a physical server — and you avoid the capital outlay. Without those controls, Azure is usually more expensive. The cost discipline is what decides it.
Where is my data stored if I use Azure in Australia?
If you deploy into the Australia East region, your data sits in Microsoft’s Sydney data centres and stays onshore. This is the right default for Australian businesses with privacy or contractual obligations. Always confirm the region at deployment — don’t assume it.
Do I need Azure if I already have Microsoft 365?
Usually not. Microsoft 365 already covers email, documents and collaboration. You only need Azure on top of it when you have a workload that needs actual infrastructure — a server, a hosted line-of-business app, or virtual desktops.
How do I avoid a surprise Azure bill?
Set budgets and alerts in Azure Cost Management, switch off VMs out of hours, use reservations for steady workloads, and delete orphaned resources. An MSP managing the environment should be doing all of this and reviewing the spend with you regularly.
Can a small business run virtual desktops affordably?
Yes. Windows 365 gives you a fixed per-user-per-month Cloud PC, which keeps costs predictable for a small team. Azure Virtual Desktop is more flexible but consumption-priced, so it needs the cost discipline to stay affordable.
Not sure whether Azure is worth it for your situation, or worried an existing setup is costing more than it should? Talk to us — we’ll give you a straight answer, not a sales pitch.
For most Australian SMEs the honest answer to Microsoft 365 vs Google Workspace comes down to how your team actually works. Google suits lean, cloud-native businesses that live in a browser. Microsoft suits desktop-heavy, Windows-fleet, compliance-driven operations. Both are mature, secure platforms — the wrong fit just costs you in friction.
We’re a Microsoft-centric MSP, so I’ll declare that bias up front. But there are plenty of Melbourne businesses where I’d point a client to Google without hesitation. This is a fair comparison, not a sales pitch, and below there’s a table to cut through the marketing on both sides.
The quick comparison
| Area | Microsoft 365 | Google Workspace |
|---|
| Productivity apps | Full desktop Word, Excel, PowerPoint, Outlook (plus web versions) | Web-first Docs, Sheets, Slides — fast, but lighter than desktop Office |
| Email | Exchange Online + Outlook — rich rules, shared mailboxes, calendaring | Gmail — excellent search and spam filtering, simpler admin |
| Storage | OneDrive (per user) + SharePoint (team sites), 1 TB+ per user | Google Drive + Shared Drives, pooled storage by tier |
| Meetings & chat | Teams — meetings, chat, calls, channels, deep app integration | Google Meet + Google Chat/Spaces — clean, lightweight |
| Identity | Microsoft Entra ID — granular conditional access, hybrid AD | Google identity / Cloud Identity — strong, but less enterprise-deep |
| Admin & security | Defender, Purview, very granular controls — steep but powerful | Admin console — simpler, faster to learn, fewer knobs |
| Data residency (AU) | Australian data centres available for core data at rest | Regional storage options; some data still processed globally |
| Entry pricing (AUD, ex GST) | Business Basic ~$8.20/user/mo; Standard ~$17.20; Premium ~$30.20 | Business Starter ~$10/user/mo; Standard ~$20; Plus ~$32 |
| Best fit | Desktop-heavy, Windows fleets, regulated industries | Cloud-native startups, lean teams, browser-first work |
Pricing changes regularly and varies by term and reseller, so treat those figures as a guide rather than a quote. The real cost difference between the two is usually rounding error compared with the cost of choosing the platform that fights your workflow.
Apps: desktop power vs web speed
This is the clearest fork in the road. Microsoft gives you the full desktop Office suite — the real Excel, with the pivot tables, Power Query, macros and add-ins that finance teams and engineers depend on. If your business runs complex spreadsheets, branded Word templates, or PowerPoint decks that have to look identical every time, desktop Office still has no equal.
Google Workspace is web-first and proud of it. Docs, Sheets and Slides load instantly, autosave constantly, and make real-time co-editing feel effortless. For a marketing agency or a startup where two people are in the same document at once all day, that collaboration model is genuinely better. The trade-off is depth: heavy Excel users hit Sheets’ ceiling quickly, and complex formatting can drift.
Where Google clearly wins: if your team already does everything in a browser and nobody opens a desktop app from one week to the next, paying for desktop Office you’ll never install is waste.
Email: Outlook vs Gmail
Exchange Online with Outlook is the workhorse of Australian business email. Shared mailboxes, delegate access, distribution groups, calendar scheduling across a team — it’s all mature and granular. For a law firm in Hawthorn juggling shared client inboxes and rigid retention rules, Exchange and Microsoft Purview make that straightforward.
Gmail’s strength is search and filtering. Its spam and phishing detection is excellent, the interface is clean, and conversation threading is hard to beat. Smaller teams often find Gmail simply gets out of the way. Either way, email is your single biggest attack surface — we cover that in our guide to business email security and BEC, and the controls matter more than the brand.
Storage: OneDrive/SharePoint vs Drive
Microsoft splits storage into OneDrive (your personal files) and SharePoint (team document libraries). Done well, SharePoint is a proper intranet and document-management system with versioning, metadata and permissions. Done badly, it’s a sprawl of sites nobody can navigate. It rewards structure.
Google Drive with Shared Drives is more intuitive out of the box. Files live where you’d expect, sharing is a couple of clicks, and there’s less to misconfigure. For a business that just wants files in folders without a SharePoint information-architecture project, Drive is the gentler path.
Meetings: Teams vs Meet and Chat
Teams is the centre of gravity in the Microsoft world — meetings, calls, persistent chat, channels and an app platform all in one. For organisations already on Microsoft, that integration is a real advantage; for ones that aren’t, Teams can feel like a lot. Plenty of people find it heavy.
Google Meet and Google Chat are deliberately lighter. Meet is reliable, browser-based and quick to join with no client to install. If your meetings are mostly external and you value “click the link and you’re in”, Meet’s simplicity is a genuine plus. Microsoft’s edge shows up in internal collaboration depth, calling features and telephony integration.
Identity, admin and security
This is where Microsoft pulls ahead for businesses that need it. Microsoft Entra ID (the identity platform formerly known as Azure AD) offers some of the most granular access controls available — you can require multi-factor authentication only from unmanaged devices, block sign-ins from outside Australia, or enforce compliant-device checks. We walk through this in our piece on conditional access policies in Microsoft 365. Defender and Purview add threat protection and data-loss prevention that map neatly onto frameworks like the Essential Eight.
Google’s admin console is more approachable. Fewer settings means less to get wrong, which for a small team without dedicated IT is a real benefit. Google’s identity and security are strong — context-aware access and solid MFA — but Microsoft’s controls go deeper for complex, regulated or hybrid environments where on-premises Active Directory is still in the mix.
Compliance and data residency
For Australian businesses bound by the Privacy Act and the OAIC’s Notifiable Data Breaches scheme, data residency and auditability matter. Microsoft offers Australian data centres for core data at rest and gives detailed control over retention, legal hold and audit logging through Purview — useful for sectors under AHPRA, ASIC or similar oversight.
Google Workspace provides regional storage options and strong compliance certifications, though some processing still happens across its global infrastructure. For most SMEs that’s perfectly acceptable. For a healthcare practice or a firm with strict data-handling obligations, Microsoft’s granular controls usually make the compliance conversation easier — see our notes on healthcare IT and OAIC obligations.
Migration effort
Moving platforms is rarely trivial. Email migrates reasonably well in both directions, but the friction lives in the details: shared mailboxes, calendar permissions, distribution lists, and re-training people on a new interface. Document migration is messier — Google formats don’t always survive a clean trip into Office, and complex Excel or SharePoint structures don’t always land neatly in Sheets and Drive.
The practical rule is to migrate once, deliberately, and stay put. Bouncing between platforms because of a price tweak costs far more in lost time than it saves. Whichever way you go, plan the cutover properly and run the two systems in parallel briefly so nothing falls through the cracks.
A Melbourne example
A construction firm in Box Hill we work with came to us split down the middle — the site teams lived in Gmail on their phones, while the office ran Excel-heavy estimating and project schedules that Sheets simply couldn’t handle. They’d been arguing about it for a year. We standardised them on Microsoft 365 because the desktop Office dependency was non-negotiable for their estimators, then used Teams to pull the field and office staff onto one platform. Had their work been browser-only, we’d have recommended Google and meant it.
That’s the point. TechAssist is a Melbourne-based MSP founded in 2014 with 13 Australian-employed engineers, and most of our client base runs Microsoft because that’s where desktop-heavy, compliance-driven Australian businesses tend to land. But the right answer is the one that fits how your people actually work, not the one your MSP is most comfortable supporting.
Frequently asked questions
Is Microsoft 365 more secure than Google Workspace?
Neither is inherently more secure — both are mature, well-defended platforms. The difference is control depth. Microsoft Entra ID and Defender offer more granular configuration, which helps in regulated or complex environments. Google’s simpler model means fewer settings to misconfigure, which suits smaller teams. Security comes from how you configure either platform, not the logo.
Can I run both Microsoft 365 and Google Workspace?
You can, and some businesses do — for example, Microsoft for email and Office, Google for a specific cloud tool. But running both means two sets of licences, two admin consoles and two security surfaces to manage. For most SMEs the overhead outweighs the benefit. Pick one as your primary platform.
Which is cheaper for a small Australian business?
Entry tiers are close — Microsoft 365 Business Basic and Google Business Starter sit within a few dollars of each other per user per month. The bigger cost is fit: paying for desktop Office you never use, or wrestling with Sheets when you need real Excel, costs far more than the licence-price gap.
How hard is it to migrate from Google to Microsoft?
Email migrates fairly cleanly; documents and shared-drive structures are where the work lives. Expect format conversion, permission rebuilding and user re-training. With a planned cutover and a short parallel-run period it’s very manageable — the mistake is doing it ad hoc without a migration plan.
Getting the decision right
If your business is lean, cloud-native and browser-first, Google Workspace is a strong, often better choice — and we’ll tell you so. If you’re desktop-heavy, running a Windows fleet, or carrying real compliance obligations, Microsoft 365 usually wins, and it’s where our Microsoft 365 support is built to add the most value with security and identity configured properly rather than left on defaults.
Not sure which way to jump? Get in touch and we’ll look at how your team actually works before recommending anything. No pressure to switch, and an honest answer either way.
Windows Autopilot is a Microsoft service that lets a brand-new laptop set itself up automatically the first time a staff member turns it on. The device ships from the vendor straight to the user, connects to your Microsoft tenant over the internet, and configures itself — no imaging, no SOE, no IT hands on it.
If onboarding a new hire still means a laptop landing on an engineer’s desk for a day of imaging, this is the fix. Below: what Autopilot does, how a device self-provisions, the moving parts, the deployment modes, the licensing, and where an MSP fits in.
What Windows Autopilot actually is
Autopilot is not an imaging tool — there is no gold image and no USB stick. It takes the standard Windows installation the manufacturer already put on the device and transforms it into your corporate build during the out-of-box experience (the setup screens a user sees on first boot). It runs on two Microsoft cloud services: Microsoft Entra ID (formerly Azure AD) handles identity and joins the device to your directory, and Microsoft Intune — the mobile device management (MDM) platform inside Microsoft 365 — pushes down your policies, apps, baselines and configuration. A machine the user has never touched arrives configured exactly like every other device in the business, enrolled, encrypted and ready to work.
The problem it solves: no more manual imaging or SOE
The traditional approach was the Standard Operating Environment: you built a master image, captured it, and re-applied it to every new or rebuilt machine. The costs add up. Devices have to be shipped to IT first, imaged, then re-shipped to the user — adding days and double the freight. The image goes stale the moment it is captured and needs constant rebuilding. And it does not scale: imaging a laptop for someone starting in a Dandenong warehouse means shipping it to your office or sending an engineer out.
Autopilot removes the imaging step entirely. The configuration lives in the cloud and is applied at first boot, so the same provisioning works whether the user is in your CBD office or at home in Ringwood.
How a device self-provisions on first login
The sequence when an Autopilot-registered device is unboxed:
- The user powers on the laptop and connects to Wi-Fi or ethernet — internet access is the only prerequisite.
- Windows checks in with Autopilot, recognises the device by its hardware identity, and pulls down the assigned profile, which customises the setup screens and applies your branding.
- The user signs in with their Microsoft 365 work account; Entra ID authenticates them and joins the device to your directory.
- Intune enrolment kicks off automatically, pulling down your configuration profiles, security baseline, certificates, Wi-Fi settings and assigned apps.
- The Enrollment Status Page blocks the user from reaching the desktop until the mandatory apps and policies have landed.
When it finishes, the first person to log into that machine is the staff member it was bought for — not an engineer — at a fully managed, encrypted desktop.
The moving parts
Autopilot profiles
A profile is the deployment template you assign to a group of devices in Intune. It controls the out-of-box experience: which setup screens are hidden, whether the user becomes a local administrator or standard user, the deployment mode, the naming convention and your branding. Most businesses run one or two — a user-driven profile for staff laptops, sometimes a separate one for shared devices.
The Enrollment Status Page
The Enrollment Status Page (ESP) shows setup progress and gates access to the desktop until the apps and policies you mark mandatory have installed — so a new starter cannot begin work on a half-configured machine. Block on a slow or flaky app, though, and you leave users staring at a spinner; tuning it well is one of the fiddlier parts of the job.
Hardware hash and device registration
Autopilot identifies each device by a hardware hash — a unique fingerprint of its components — which must be registered against your tenant before first boot. With OEM / CSP registration, the hardware vendor or Cloud Solution Provider partner registers the hash to your tenant at purchase, so the device is Autopilot-ready before it leaves the warehouse — the clean path for volume orders. For devices you already own, manual hash collection exports the hash into Intune with a PowerShell script, but that means handling the device once. Build OEM or CSP registration into your procurement so hardware arrives pre-registered; that is what makes true drop-ship onboarding possible.
Deployment modes: user-driven vs self-deploying and kiosk
Autopilot supports several modes, depending on how the device will be used:
| Mode | How it works | Best for |
|---|
| User-driven | User signs in with their work account; the device joins Entra ID and binds to them | Standard staff laptops |
| Self-deploying | No credentials entered; the device provisions itself end to end, using the TPM to prove its identity | Shared devices, digital signage, meeting-room PCs |
| Kiosk | A self-deploying device locked to a single app, with no general desktop | Front-of-house terminals |
User-driven is what most growing teams use. Self-deploying and kiosk modes suit devices no single staff member owns — a reception terminal in a Hawthorn clinic, a warehouse scanning station — and need a TPM 2.0 chip, which any recent business device has.
Prerequisites: what you need before you start
Autopilot is not a standalone product — it is a capability on top of Microsoft 365. You need:
- Microsoft Entra ID for identity and device join — the standard directory in a Microsoft 365 business or enterprise subscription covers this, though some advanced enrolment options want Entra ID P1.
- Microsoft Intune licensing for the MDM management — included in Microsoft 365 Business Premium and the E3/E5 plans. On a cheaper plan you will need to add Intune first.
- Devices that ship with Windows 11 Pro or Enterprise — the Home edition cannot be managed this way.
- A configured tenant — your Intune profiles, security baselines, app deployments and ESP set up before the first device ships.
That last point is the one businesses underestimate: Autopilot delivers whatever you have built in Intune, so the value is in the policies and app packaging, not the provisioning trick itself. If you are reviewing your licensing, our Microsoft 365 support team can tell you whether your plan already covers what Autopilot needs.
Why this matters: fast onboarding and consistent security baselines
Two things drive most businesses to Autopilot. The first is onboarding speed: a drop-shipped self-provisioning laptop takes the engineer, the queue and the freight out of every hire. The second, and arguably more important, is consistent security baselines. Because every device is built from the same Intune configuration, every machine gets BitLocker encryption, the same firewall and account-protection policies, Defender, conditional access and patching automatically — no engineer remembering to tick a box. An enforced baseline across the fleet is exactly what the Essential Eight mitigation strategies expect, and the same Intune layer lets you wipe a lost device remotely the moment a laptop goes missing on a train at Box Hill — it pairs naturally with conditional access policies in Microsoft 365.
A Melbourne scenario
An engineering consultancy in Camberwell we work with was hiring two or three people a month and rebuilding laptops by hand each time — a machine couriered to their office, half a day of imaging, and a checklist someone occasionally skipped, so no two laptops were quite the same and a couple shipped without disk encryption on.
We stood up their Intune configuration, built a user-driven Autopilot profile with a tuned Enrollment Status Page, and arranged for new hardware to be registered at purchase. Now a laptop is drop-shipped to the new hire; they open the box, sign in, and an hour later are working on a fully configured, encrypted device identical to everyone else’s. Their office manager handles onboarding without touching a technical step, and the fleet has a uniform baseline at last.
The MSP role in setting it up
The provisioning is the easy part to demonstrate and the hard part to build well. The work an MSP does sits underneath what the user sees:
- Designing and hardening the Intune configuration — the compliance policies, configuration profiles, security baselines and app deployments every machine inherits — and packaging line-of-business apps to install silently during enrolment.
- Setting up the procurement pipeline so devices arrive Autopilot-ready, tuning the ESP, and integrating Autopilot with conditional access, encryption and your broader MDM strategy so device management is one coherent system.
TechAssist is a Melbourne MSP, founded in 2014, with thirteen Australian-employed engineers — so the people building your Intune environment are local, not offshore. We bundle this into our managed IT services, so device provisioning, patching and security baselines sit inside the fixed monthly per-user fee, not a per-device charge each time you hire.
Frequently asked questions
Do I need to wipe a new laptop before using Autopilot?
No. Autopilot works with the standard Windows installation the manufacturer ships and transforms it into your corporate configuration during first boot — there is no wiping or imaging step. Devices you already own can be reset and will provision on the next boot once registered.
What happens if there is no internet during setup?
Autopilot needs internet to reach Entra ID and Intune, so the device must connect to Wi-Fi or ethernet during the out-of-box experience. Until it does, the laptop sits at the network screen — which is why drop-ship onboarding assumes the user has working internet.
Is Autopilot the same as Intune?
No, but they work together. Intune is the management platform that holds your policies, apps and baselines; Autopilot hands a new device over to Intune at first boot. You need Intune licensing for Autopilot to do anything.
Where TechAssist fits
Autopilot looks like magic in a demo and falls over in practice if the Intune configuration behind it is thin — the provisioning is the visible part, but the policies, baselines and procurement pipeline are what make the fleet secure and consistent. If manual device setup is slowing your onboarding, get in touch and we will scope what your tenant needs.