If you're a Perth business owner thinking about moving to Microsoft 365 — or you're already on it but suspect it wasn't set up properly — this guide is for you.
We've helped dozens of Perth businesses set up Microsoft 365 from scratch and fix environments that were configured by someone who ticked the default boxes and called it done. The difference between a properly configured M365 tenant and a default one is the difference between a secure, productive workplace and a ticking time bomb.
Here's everything you need to know — in plain English.
Why Microsoft 365 is the default choice for Perth businesses
Microsoft 365 isn't just email. It's your entire digital workplace: email, file storage, team communication, video meetings, device management, and security — in one platform, under one licence.
For Perth SMBs, it's become the default choice for a few reasons:
- One platform replaces five or six tools — Instead of paying for Gmail, Dropbox, Zoom, Slack, and a separate antivirus, M365 covers email (Outlook), files (OneDrive/SharePoint), meetings (Teams), chat (Teams), and security (Defender) in a single subscription.
- It scales from 3 users to 300 — The same platform works whether you're a sole trader with a VA or a 200-person professional services firm.
- Australian data residency — Microsoft stores your data in Australian data centres, which matters for compliance and increasingly for government and enterprise clients who require it from suppliers.
- It's what your clients and partners already use — In Perth's professional services, mining services, and government supply chain sectors, Microsoft is the standard. Being on the same platform makes collaboration seamless.
The most common Microsoft 365 setup mistakes we see in Perth
After auditing hundreds of M365 environments across Perth, these are the mistakes we see again and again:
1. MFA not enabled
Multi-factor authentication is the single most effective security measure you can implement, and it's included in every Microsoft 365 plan. Yet roughly 60% of the Perth SMB environments we audit don't have it turned on.
Without MFA, a stolen password — from a phishing email, a data breach, or a weak password — gives an attacker complete access to your email, files, and Teams. With MFA, that stolen password is useless without the second factor.
The fix: Enable Security Defaults or Conditional Access policies. Takes 15 minutes. Should have been done on day one.
2. Global admin accounts used for daily work
Your admin account should not be the same account you use to read email and join Teams meetings. If that account gets compromised, the attacker has full control of your entire M365 environment — they can delete users, export data, and lock you out.
The fix: Create a separate, dedicated admin account with a strong unique password and MFA. Use your regular account for daily work.
3. No offboarding process
When someone leaves your business, what happens to their Microsoft 365 account? In most Perth SMBs we audit, the answer is "nothing" — the account stays active for weeks or months, with full access to company email and files.
The fix: Build a simple offboarding checklist: disable sign-in, convert mailbox to shared, transfer OneDrive files, remove from groups. Takes five minutes per leaver.
4. Default sharing settings left wide open
Out of the box, Microsoft 365 allows users to share files and folders externally with anyone. That's convenient, but it means any staff member can accidentally (or intentionally) share sensitive documents with the world.
The fix: Tighten external sharing settings in SharePoint and OneDrive. Restrict anonymous links. Enable sensitivity labels for confidential documents.
5. No backup
This one surprises people: Microsoft 365 does not back up your data. Microsoft guarantees the availability of the platform, but if a user deletes files, if ransomware encrypts your SharePoint, or if an admin accidentally purges a mailbox, Microsoft's retention policies may not save you.
The fix: Implement a third-party backup solution for Exchange, OneDrive, SharePoint, and Teams. Several excellent options exist for under $5 per user per month.
What a proper Microsoft 365 setup looks like
Here's what we include when we set up Microsoft 365 for a Perth business:
Phase 1: Planning (Week 1)
- Licence selection — Choosing the right plan. Most small businesses need Business Basic or Business Standard. Businesses with compliance requirements or device management needs should look at Business Premium.
- Domain verification — Connecting your business domain (yourcompany.com.au) to Microsoft 365.
- User provisioning — Creating accounts with proper naming conventions and group memberships.
- Security baseline — MFA enabled, Security Defaults or Conditional Access configured, admin accounts separated.
Phase 2: Migration (Week 2–3)
- Email migration — Moving mailboxes from your current provider (Google Workspace, GoDaddy, Telstra, or another host) with all email history, contacts, and calendars preserved.
- File migration — Moving files from Dropbox, Google Drive, network drives, or USB sticks into OneDrive and SharePoint with a sensible folder structure.
- DNS cutover — Pointing your domain's MX records to Microsoft 365. We typically do this over a weekend to minimise disruption.
- Device setup — Configuring Outlook, Teams, and OneDrive on every device — desktops, laptops, and mobile phones.
Phase 3: Security hardening (Week 3–4)
- Conditional Access — Policies that control who can access what, from where, and on which devices.
- Data Loss Prevention — Rules that prevent sensitive information (ABNs, credit card numbers, health records) from being emailed externally.
- Defender for Business — Antivirus, anti-phishing, and safe links/attachments configured for your organisation.
- External sharing controls — Tightened to prevent accidental data leaks.
- Audit logging — Enabled so you have a record of who did what, when.
Phase 4: Training and handover (Week 4)
- Team training — A hands-on session covering Outlook, Teams, OneDrive, and SharePoint. We focus on the features your team will actually use, not a generic feature tour.
- Admin training — Showing your nominated admin how to add/remove users, reset passwords, and manage basic settings.
- Documentation — A runbook covering your specific configuration, so whoever supports you next knows exactly how things are set up.
How much does Microsoft 365 setup cost in Perth?
Costs vary depending on the number of users, the complexity of your current setup, and what you're migrating from. Here's a rough guide:
| Scenario | Typical cost |
|---|---|
| New setup, 5–10 users, no migration | $1,500–$3,000 |
| Migration from Google Workspace, 10–20 users | $3,000–$5,000 |
| Migration with security hardening, 20–50 users | $5,000–$10,000 |
| Complex migration with Intune + Conditional Access | $10,000–$20,000 |
These are project costs, not ongoing. Monthly Microsoft 365 licences are separate — Business Basic starts at around $9 per user/month, Business Standard around $19, and Business Premium around $33.
We always provide a fixed-price quote before starting, so you know exactly what you're paying. No hourly surprises.
The Essential Eight and why it matters for M365 setup
If your Perth business works with government clients, enterprise companies, or in regulated industries (mining services, healthcare, professional services), you're increasingly being asked about the Essential Eight — the Australian Signals Directorate's cybersecurity framework.
Four of the eight controls are directly related to how your Microsoft 365 environment is set up:
- Application control — Managed through Intune and Defender
- Patching applications — Managed through Intune update policies
- Multi-factor authentication — Built into M365 Conditional Access
- Restricting admin privileges — Managed through Azure AD role assignments
A properly configured Microsoft 365 Business Premium tenant can achieve Maturity Level 1 across most Essential Eight controls without any additional tools.
Read our Essential Eight guide for Perth business owners →
Should you DIY or get help?
If you're technically confident and have fewer than five users with no existing email to migrate, you can probably set up Microsoft 365 yourself using Microsoft's wizards. Just make sure you:
- Enable MFA for every account
- Create a separate admin account
- Configure external sharing restrictions
- Set up a third-party backup
For anything more complex — migrations, security hardening, Intune device management, or Essential Eight compliance — it's worth getting a specialist involved. The cost of doing it properly upfront is a fraction of the cost of fixing a security incident or a botched migration later.
How we can help
We're a Perth-based Microsoft 365 consultancy that specialises in getting M365 set up properly for small and medium businesses. Whether you're starting from scratch or inheriting a mess from your previous IT provider, we can help.
What we offer:
- Free M365 Security Assessment — We'll review your current M365 environment and tell you exactly what needs fixing. No cost, no obligation.
- Full Microsoft 365 setup and migration — Email, files, devices, security, and training. Fixed-price, no surprises.
- Ongoing managed M365 support — Monthly plans covering security monitoring, user management, and priority support.
Book your free Microsoft 365 security assessment →
Or take our free IT Health Check quiz to see where your business technology stands right now — it takes two minutes and gives you a score out of 100.
A Dark Cloud Creative is a Perth technology consultancy helping small businesses and growing teams get their Microsoft 365 setup done properly. We cover migration, security hardening, Intune device management, Teams Phone, and ongoing managed support.