IT support for small businesses in Hurstville & St George — what it costs, what you need, what to skip

• Managed monthly IT suits 5–30 person teams with shared systems and staff churn; break-fix suits businesses that can tolerate a day of downtime.
• Sydney managed IT pricing is mostly per-seat; ours is a flat $390/mo for up to 10 seats, no lock-in.
• Most day-to-day tickets are fixed remotely — being based in Hurstville just means the genuinely physical jobs get done fast.
• The ACSC's Essential Eight is the security baseline most small businesses skip — MFA, tested backups and updates cover the worst of it.
• Solo trader on one laptop? You don't need managed IT — pay for a few hours of setup once and keep your money.

Somewhere between five and thirty staff, IT stops being something you sort out yourself and starts being something that quietly eats your week. The shared drive locks out the bookkeeper. A new hire starts Monday and nobody set up her laptop. The EFTPOS terminal drops off the Wi-Fi at the busy end of every afternoon. None of it is difficult, exactly. It's just constant, and it always lands on whoever can least spare the hour.

This guide is for businesses in that bracket around Hurstville and the St George area — the allied-health practices in the corridor around St George Hospital, the retail and food businesses along Forest Road, the conveyancers, accountants and migration agents in the offices above them, and the family trades working out of Mortdale, Peakhurst and Riverwood. If you've been searching for small business IT support in Sydney and finding either enterprise sales pages or a bloke who might call back Thursday, this is the middle ground, explained properly.

One disclosure before we start: we sell IT support, from Hurstville (2220). So yes, we have skin in this game. The deal we'll make with you is the same one we make on our IT support service page — transparent pricing, plain English, and an honest section near the end about when you shouldn't pay us, or anyone, a monthly fee at all.

What small-business IT support actually includes

Strip the acronyms off and IT support for a small business is six jobs:

• Helpdesk — someone to email, call or message when a thing breaks. Password resets, email problems, "my screen is doing something weird". Most of it gets solved remotely, the same day. This is the bulk of the work and the bulk of the value.
• Microsoft 365 or Google Workspace admin — user accounts, shared drives, permissions, multi-factor authentication, mailbox rules, and switching everything off properly when someone leaves. Botched offboarding is one of the most common messes we walk into.
• Devices — laptops and desktops set up before a new hire's first day, kept updated, encrypted, and recoverable if one gets left on the T4 to Central. New starters should turn the machine on and have it just work.
• Network and printers — office Wi-Fi that reaches the back room, the router nobody has logged into since 2021, and the printer that hates everyone. Someone has to own these so you don't have to.
• Backups — not "we think OneDrive does it" but actual, scheduled backups with actual, tested restores. Most businesses we take over have backups in theory; far fewer have ever practised restoring one.
• Security basics — MFA everywhere, a password manager, software updates that actually happen, and a regular check that nothing obvious is wrong. More on this below, because it's the part most small businesses skip.

Around those six sits the unglamorous stuff that quietly makes the difference. Documentation, mostly. Where's the Wi-Fi password when the new hire arrives? Who has admin rights? A decent provider writes all of this into a runbook so the answer is never "ask Dave, if he still works here". A good one also runs a licence audit every quarter and kills the seats nobody uses — it's common for a 15-person business to be paying for 30 tools while actively using 8 of them.

If a provider's proposal doesn't cover all six jobs plus the documentation, you're not buying IT support. You're buying a phone number.

Break-fix or managed IT — which one a 5–30 person business needs

There are two ways to buy IT support, and most of the confusion in this market comes from providers pretending only one of them exists.

Break-fix means you pay when something breaks. An hourly rate, a call-out fee, an invoice per incident. No monthly commitment, no relationship beyond the job.

Managed means a flat monthly fee that covers the helpdesk, the admin, the monitoring and the preventative work — whether you log two tickets that month or twenty.

Break-fix is genuinely the right answer more often than managed providers like to admit. It makes sense when:

• You have one to four staff and no shared systems beyond email.
• A day of downtime is annoying but not expensive — you could keep trading from a phone if you had to.
• Your setup is simple and your staff turnover is close to zero.

Managed makes sense when:

• You're five or more people with shared drives, shared calendars and permissions that actually matter.
• Downtime costs real money — a medical practice that can't reach its booking system isn't seeing patients.
• People join and leave often enough that account setup and revocation is routine work, not a rare event.
• You hold data you'd hate to lose or leak — patient records, client files, payroll.

The structural problem with break-fix is the incentive. A provider paid per incident earns more when your systems fail, and earns nothing when they quietly keep working. Nobody on a break-fix arrangement is checking that your backups restore or that the receptionist who left in March was actually offboarded. That's not villainy — it's just what the billing model pays for. Managed flips the incentive: a flat fee means the provider does better when you never need to call.

Here's the comparison without the spin:

If you're a 5–30 person business in the St George area with shared systems, managed is usually the right call. If you're smaller or simpler than that, skip ahead to the section on when not to pay for this at all.

What IT support costs in Sydney

Now for what managed IT services cost — the question every provider makes you book a discovery call to answer.

Managed IT in Sydney is mostly priced per seat: per staff member, per month. Browse the pricing pages of the Sydney MSPs that actually publish numbers and per-seat plans commonly land somewhere between $100 and $250 per user per month, depending on what's bundled — security tooling, on-site allowances, after-hours cover. For a 10-person business that's a four-figure monthly bill before anyone has fixed anything.

Break-fix is the other model: ad-hoc support around Sydney commonly advertises at somewhere in the $120 to $180 an hour range, often with a call-out minimum. Fine for the occasional dead hard drive; expensive as a de facto helpdesk, with nobody doing preventative work between invoices.

Our pricing, for contrast and full disclosure: a flat $390/mo for up to 10 seats, then per-seat beyond that. It covers the helpdesk, Microsoft 365 or Google Workspace admin, device onboarding and offboarding, the security baseline and quarterly licence audits — the full list is on our IT support page. Hardware is procured at cost with receipts attached. Bigger one-off projects — an office move, a full platform migration — are quoted separately so the retainer stays honest. No lock-in; it's month to month, and you can leave whenever you like. All of it sits on our public pricing page, because making you book a call to learn a number is one habit of this industry we refuse to copy.

Why is our fee under the per-seat band? Mostly because of what we deliberately leave out: no 24/7 security operations centre, no after-hours guarantee (we're business hours, weekdays — genuine emergencies get answered as fast as we can manage, but the plan is nine to six), no enterprise compliance reporting. A 60-seat firm with regulatory obligations should buy the bigger product from a bigger MSP. A 12-person practice in Penshurst almost certainly should not.

On-site or remote — the "IT support near me" question

Something the industry doesn't love admitting: most IT problems don't care where the technician sits. Password resets, mailbox rules, permissions, software installs, mysterious pop-ups — all of it is handled remotely — answered within the hour, most of it sorted the same day. If a provider's pitch leans heavily on "local technicians standing by", check whether you're paying a premium for proximity you'll rarely use.

But rarely isn't never. Someone genuinely has to show up for:

• Physical network problems — cabling, dead switches, Wi-Fi blackspots in oddly shaped shops. Forest Road has a few of those.
• Hardware failures — a dead laptop swap-over, a workstation that won't even power on.
• Fit-outs and moves — new premises, new desks, everything needs plugging in and testing once.
• The first onboarding — we'd rather walk your office once and see the actual setup than guess at it from a spreadsheet.

This is where being based in Hurstville is worth something real rather than something marketed. We work from the Hurstville end of the St George area — Beverly Hills, Penshurst, Mortdale, Peakhurst, Riverwood, Lugarno and Oatley are minutes away, and the Kogarah medical and business district is one stop up the line. On-site visits across Sydney metro run next business day for most issues, and the St George corridor is the shortest trip on our list. If you've been typing "IT support Hurstville" or "IT support Kogarah" into Google and getting firms headquartered an hour away, that's the difference proximity actually makes — not faster password resets, but faster hands on the days when hands are what's needed.

The security basics most St George small businesses skip

The Australian Cyber Security Centre publishes a baseline called the Essential Eight — eight controls it recommends every organisation put in place, covering things like multi-factor authentication, regular patching, restricting admin privileges and daily backups. It's written for organisations of every size, and per the ACSC's own guidance, getting the basics right blocks the bulk of commodity attacks — the automated, untargeted stuff that hits small businesses precisely because nobody is watching.

Here's what we typically find when we take over IT for a small business, in rough order of frequency:

1. Ex-staff accounts still active. The receptionist who left months ago can still read the practice inbox. This is the most common finding and the cheapest to fix — offboarding should revoke everything within the hour of notice, not whenever someone remembers.
2. MFA missing or optional. One phished password should not equal full mailbox access. Turning multi-factor authentication on everywhere costs an afternoon of mild grumbling and removes the most common way small businesses get done over.
3. Backups that have never been restored. A backup you've never tested is a hope, not a backup. We schedule test restores, because the worst possible moment to learn your backup is broken is the day you need it.
4. Everyone is an admin. When every login can install anything, every phishing click is a potential disaster. Most staff need standard accounts. Almost nobody needs admin rights for daily work.
5. Updates on "remind me tomorrow" since 2024. Unpatched software is the open window attackers check first. Updates need to be automatic and verified, not voluntary.

For the allied-health practices around St George Hospital this is more than housekeeping. Once you hold health information, the Australian Privacy Principles govern how you store and secure it, and "the old IT guy left and nobody changed the passwords" is not a defensible position. None of this requires an enterprise security budget. It requires the boring basics, done properly, checked on a schedule. That's the whole trick.

Red flags when you're comparing IT providers

Things we'd walk away from, in a market we work in:

• Lock-in contracts. Twelve, twenty-four, thirty-six months. A provider confident in its service doesn't need to imprison you in it. Month-to-month keeps everyone honest.
• Surprise per-ticket billing inside a "managed" plan. The flat fee that turns out to exclude the things you actually call about. Read what counts as out-of-scope before signing — if that list is long, the flat fee is fiction.
• Alignment workshops and vCIO theatre. If a 10-person business is being sold quarterly strategic technology roadmap sessions, someone is billing for slideware. You need systems that work and a sensible plan for the year, and the plan fits on a page.
• Hardware margins. Providers that resell laptops with an undisclosed markup have a financial incentive to recommend replacing things. Hardware should be quoted at cost, receipts attached.
• Holding your credentials hostage. You — not the provider — should own the admin accounts, the domain name and the documentation. If leaving your current provider means losing access to your own systems, that isn't support, it's hostage-taking. A decent provider hands over a complete runbook on exit without being chased.
• Fear-selling. Security matters. But a pitch built entirely on terrifying you into the premium tier is a sales tactic, not a risk assessment.

And one for balance: be suspicious of cheap, too. If a quote comes in dramatically under everyone else's, the support behind it is usually a shared inbox and a prayer. The most useful question to ask any provider — including us — is "walk me through exactly what happens when I log a ticket". The quality of that answer tells you most of what you need to know.

When you don't need managed IT

This is the section the rest of the industry leaves out.

• Solo trader, one laptop, one phone. You do not need a monthly IT retainer. Pay someone for a few hours, once — password manager, MFA, automatic backups, updates switched to automatic — then call break-fix when something actually dies. Paying $390 a month to babysit one MacBook is a waste of your money, and if you ring us in that situation we'll tell you exactly that.
• Two or three people, everything in the browser. If the whole business runs in Xero, Gmail and a booking tool — no server, no shared drive, no staff churn — a yearly check-up plus break-fix is a perfectly defensible setup. The maths changes the day you hire staff member number five, or the day you start holding client files you can't afford to lose.
• You already have a genuinely technical person who enjoys it. Rare, but real. If a co-owner happily manages accounts and backups and actually tests the restores, don't pay to duplicate them. Just make sure it's all written down for the week they're on leave.

The flip side — the moment you've outgrown DIY — is usually one of three events: you hit five-plus staff and onboarding becomes routine work, you start holding sensitive client or patient data, or you lose a morning of trading to something preventable and realise the downtime cost more than a year of support would have.

Where automation picks up after the IT is sorted

Once the foundations behave — accounts, devices, backups, security — the next bottleneck in most St George businesses isn't broken technology. It's repetitive admin done by humans. The clinic front desk re-typing referral details into the practice system. The conveyancer copying figures out of PDFs into a matter file. The trades office triaging fifty overnight emails into quote, invoice and junk.

That's a different discipline from IT support — it's AI automation, and we build those systems too, with humans kept in the loop and model costs passed through at cost. Custom builds start at $1,490 plus a monthly fee, and we'll tell you when a plain script beats an AI for the job. It's only worth exploring once your basics are stable — which is why it sits at the end of this guide.

And if you're a 5–30 person business in Hurstville, Kogarah or anywhere along the St George corridor that just wants the IT handled by people who are actually nearby — get in touch. Tell us what's breaking. We'll tell you honestly whether you need us, and if the right answer is a few hours of setup and no retainer, that's the answer you'll get. We're around the corner, and the first conversation costs nothing.