Managed IT vs In-House IT: How Australian SMBs Should Compare the True Cost
Every few months, a business owner or CFO sits down to work out whether they should hire their first IT person or sign up with a managed IT provider. They Google the question, find a comparison article, and quickly realise that the article was written by an MSP with an obvious interest in the outcome. Or they find a forum post from a sysadmin who thinks every business should hire in-house, always.
Neither gives them the honest answer, which is this: it depends. It depends on your headcount, the complexity of your IT environment, what you actually need IT to do, and how carefully you account for every cost on both sides of the ledger.
This article is written from the perspective of an MSP — Pickle — so we are not going to pretend otherwise. But Pickle's reputation is built on honest advice, not on winning every deal. If in-house IT is the better answer for your business, this article should help you see that clearly. If managed IT is the better fit, it should help you see that clearly too.
Why This Comparison Is Harder Than It Looks
The standard managed IT vs in-house IT comparison goes roughly like this: the MSP article shows a scary total cost of employment for an IT hire, adds up the tooling costs, and concludes that managed IT is dramatically cheaper. The in-house IT advocate article shows a per-user managed IT rate, multiplies it by headcount, and concludes that hiring internally is obviously the smarter move at any meaningful scale.
Both miss critical variables.
The MSP article tends to use senior IT salary figures to make the comparison look worse for in-house, then compare against entry-level managed IT pricing that may not include the full scope of what an in-house person would do. The in-house advocate tends to ignore on-costs, tooling, leave cover, after-hours risk, and the compounding cost of knowledge concentration.
A fair comparison needs to account for the full cost of employment (not just base salary), the full scope of what managed IT actually includes, the capability differences between a single generalist and a team of specialists, and the indirect costs that rarely appear on any comparison spreadsheet — the afternoon your sole IT person is sick and a server goes down, or the three months after they resign before you find a replacement.
That is the framework this article uses. Let us work through it.
The True Cost of In-House IT
Employment Costs
The most common mistake in calculating the cost of an in-house IT hire is stopping at base salary. Salary is the starting point, not the total.
Base salary for IT roles in Australia varies significantly by level and city. As a general guide for the 2024–25 financial year:
- Junior IT support or helpdesk: $55,000–$75,000
- Mid-level IT administrator: $80,000–$110,000
- Senior IT engineer: $110,000–$150,000+
Sydney and Melbourne salaries sit at the higher end of these ranges. Brisbane, Perth, and Adelaide are typically 10–15% lower, though the gap has narrowed in recent years as remote work has made location less determinative.
On-costs are the employment costs that sit on top of base salary and are frequently underestimated by businesses that have not done detailed workforce modelling:
- Superannuation: 11.5% in 2024–25, rising to 12% from 1 July 2025. On a $80,000 salary, that is $9,200 per year.
- Payroll tax: State-dependent, but most businesses that have moved past the relevant state threshold (which varies from around $700,000 in Queensland to $1.2 million in New South Wales) will pay payroll tax at rates typically between 4.75% and 6.85% of wages. If your business is at the threshold, this cost applies.
- Workers compensation insurance: Typically 0.5–2% of wages depending on the industry classification.
- Annual leave: Four weeks per year under the National Employment Standards. During those four weeks, you are paying for a person who is not working — and if something breaks, you are paying someone else to fix it.
- Sick leave: 10 days per year under the NES. Unplanned, and the same coverage problem applies.
- Long service leave provisions: Accrues at a rate of around 1.3% of wages per year and represents a future liability whether or not the employee reaches the qualifying period.
Add all of that together and the true employment cost of a mid-level IT hire on an $85,000 base salary is closer to $105,000–$115,000 per year before you have bought a single piece of software.
Recruitment costs are also material and often written off as a one-time cost rather than a recurring one. The reality is that IT roles see higher-than-average turnover, particularly at the junior and mid-level. Recruitment costs include job board advertising ($500–$2,000 per campaign), recruiter fees if you use an agency (typically 15–20% of first-year salary, so $12,500–$17,000 on a $85,000 role), and the internal time cost of shortlisting, interviewing, and decision-making. A conservative figure for a managed recruitment process is $5,000–$20,000 per hire.
Onboarding time is the hidden productivity cost. A new IT hire in an unfamiliar environment takes one to three months to become genuinely effective — learning the existing infrastructure, understanding the documented (and undocumented) environment, building relationships with staff. During this period, you are paying full salary for partial productivity, and any gaps left by the previous person are unresolved.
Training and Certification
IT is not a static discipline. The tools, platforms, threats, and best practices shift constantly, and an IT hire who was current at the time of employment will become progressively less current without ongoing investment in training.
Professional certifications are the currency of demonstrated competence in IT. Common ones relevant to SMB environments include:
- Microsoft certifications (MD-102, AZ-104, MS-900): $200–$500 per exam, with multiple exams required for most certification paths
- CompTIA certifications (A+, Network+, Security+): $350–$500 per exam
- Security-focused certifications (CISSP, CISM): $700–$950 per exam, plus significant study time
A reasonable annual training budget for an IT administrator is $2,000–$5,000, plus the time they spend on training — which is time they are not resolving your helpdesk tickets.
This is not an optional cost. An IT hire who is not keeping pace with security developments is a liability, not just an underperformer.
Coverage Gaps
Coverage gaps are where the true cost of a single in-house IT hire becomes most visible — and where the indirect costs accumulate.
Leave cover is the most immediate gap. When your IT person takes their four weeks of annual leave, who covers? In a well-resourced business, there is a plan — a retainer with an IT provider, a defined escalation path. In most SMBs, the honest answer is: nobody, or a break-fix provider on emergency hourly rates (typically $180–$300 per hour). An IT incident during the two weeks your only IT person is in Bali is not a theoretical risk.
After-hours support is a related gap. An employee working standard hours is not contractually available for an incident at 10pm on a Friday. If you need after-hours availability, you need to build it into the employment contract — and compensate accordingly with on-call allowances or overtime. Most SMBs do not do this, which means after-hours incidents wait until Monday.
Knowledge concentration is the longest-term risk. When your IT environment is understood primarily by one person — who configured the server, where the passwords are documented, how the backup system works, what exceptions have been made — their resignation is an IT crisis, not just an HR inconvenience. The transition period between an IT person leaving and their replacement becoming effective can be three to six months of elevated risk, reduced productivity, and emergency spend.
Tools and Infrastructure
An in-house IT hire needs tools to do their job. These are costs that MSPs bundle into their pricing but that sit separately on your books when you employ internally.
Remote monitoring and management (RMM) software — the platform used to manage, patch, and monitor endpoints — typically costs $3,000–$10,000 per year for an SMB deployment, depending on the platform and feature set.
Security tooling adds significantly to this. Endpoint detection and response (EDR) software, a vulnerability scanner, email security (anti-phishing, anti-spam filtering), backup software with cloud storage, and a basic SIEM or log aggregation tool can collectively cost $8,000–$20,000 per year for a 20–30 person business, depending on vendor selection and licensing model.
Backup infrastructure is sometimes overlooked until something goes wrong. A properly configured backup system — with offsite or cloud replication, tested restore procedures, and appropriate retention policies — is not free to implement or maintain.
When you account for tooling alongside employment costs, the total cost of an in-house IT function looks quite different from the salary line on the org chart.
The True Cost of Managed IT Services
Pricing Models
The managed IT market in Australia is reasonably standardised in its pricing structure, though there is variation in what each tier includes.
Per-user per-month is the most common model for SMBs. Typical ranges in the Australian market:
- Helpdesk-only (remote support, no monitoring or tooling): $40–$80 per user per month
- Fully managed IT (helpdesk, remote monitoring, patch management, EDR, backup, email security, reporting): $80–$180 per user per month
- Premium or security-focused managed IT (all of the above plus advanced security tooling, compliance reporting, incident response): $150–$250+ per user per month
Per-device pricing is sometimes used in environments with many shared devices — retail, hospitality, manufacturing — where the user count is lower than the device count.
Flat monthly fee is occasionally offered for very small businesses (under 5 users) where per-user pricing would make the engagement uneconomical for the provider.
The critical thing when comparing managed IT pricing is to understand what is actually included. A $90/user/month agreement that includes EDR, backup, and after-hours escalation is a different product from a $70/user/month agreement that covers remote helpdesk during business hours only. Always get the scope in writing.
What Is Typically Excluded (and Costs Extra)
Managed IT agreements are defined by their scope, and project work, hardware, and non-standard events typically sit outside that scope.
Project work — office moves, new system implementations, server migrations, cloud transitions, major software deployments — is almost always quoted separately. This is reasonable: project work is not ongoing managed IT, and bundling it into a monthly fee would make pricing unpredictable for the provider. Expect project work to be quoted at a day rate or fixed project price.
Hardware is sourced separately in most managed IT agreements. The MSP may procure hardware on your behalf (and may offer preferred pricing through distributor relationships), but the hardware cost sits outside the monthly agreement.
After-hours emergency work varies by agreement. Some fully managed agreements include after-hours escalation at no additional charge; others charge overtime or after-hours rates for calls outside business hours. This is a critical clause to review, particularly if your business operates outside standard hours or if you have systems that cannot wait until the next business day.
Onsite visits are sometimes capped. An agreement may include a defined number of onsite visits per month, with additional visits charged at an hourly rate. For most SMBs with remote-first IT support, this is not a significant cost — but it is worth understanding before you sign.
Real Cost Example
Let us work through a concrete comparison for a 15-person Australian business.
Option A — In-house junior IT hire:
| Cost item | Annual cost |
|---|---|
| Base salary (junior IT support) | $70,000 |
| Superannuation (11.5%) | $8,050 |
| Payroll tax (estimated, state-dependent) | $4,500 |
| Workers compensation insurance | $1,400 |
| Annual and sick leave provision | $5,600 |
| Recruitment (amortised over 3-year tenure) | $3,000 |
| Training and certification | $2,500 |
| RMM software | $4,000 |
| Security tooling (EDR, backup, email security) | $8,000 |
| Total | $107,050 |
What you get: one person, business hours, no after-hours coverage, no leave cover, single point of failure. The tooling depends on the person's choices and configuration. If they leave, the knowledge leaves with them.
Option B — Managed IT (per-user pricing):
| Cost item | Annual cost |
|---|---|
| 15 users × $120/user/month | $21,600 |
| Total | $21,600 |
What you get: helpdesk (remote and onsite), remote monitoring and management, patch management, EDR, cloud backup, email security, regular reporting, after-hours escalation, and access to a team of engineers across multiple disciplines. Tooling is included, configured, and maintained by the provider.
The cost difference — $107,050 versus $21,600 — is material. But the comparison is not complete without noting that the in-house hire can do things an MSP agreement does not: they can sit with staff, understand the business deeply over time, own vendor relationships, and make strategic IT decisions. These are real advantages at sufficient scale.
The inflection point is somewhere around 50 staff. At that size, a full-time IT manager (not a junior support person — a manager) becomes cost-justified, and the math starts to shift. We will come back to this.
Beyond Cost — Capability and Coverage
Cost is one axis of the comparison. Capability is the other, and it is equally important.
Skills Breadth
Modern SMB IT environments are not simple. A typical 20-person business in 2025 is running Microsoft 365 (including Exchange Online, SharePoint, Teams, and Intune), cloud-hosted line-of-business applications, a managed network with wireless and VPN, endpoint security, backup with cloud replication, and increasingly, some form of compliance requirement around data handling.
No single generalist is expert in all of these domains simultaneously. A junior IT hire may be solid on helpdesk and endpoint management but thin on networking and weak on security. A mid-level administrator may be strong on Microsoft 365 but have limited experience with backup architecture or endpoint detection and response tooling.
An MSP brings a team of specialists. When a networking issue arises, a networking engineer handles it. When a security incident occurs, the response draws on dedicated security expertise — including, where relevant, the capability to execute a structured cyber incident response process rather than improvising under pressure.
After-Hours and Emergency Coverage
A 24/7 monitored managed IT service detects and responds to incidents around the clock. A ransomware attack that begins at 2am on a Sunday is caught by automated monitoring and escalated to an on-call engineer before it has encrypted the majority of your file share. The same attack against a business relying on an in-house IT person — who is not on call, is not monitoring, and will not see the alerts until Monday morning — plays out very differently.
This is not a hypothetical. The majority of significant cyber incidents in Australian SMBs occur outside business hours, often starting in the small hours when automated detection is the only line of defence. If your in-house IT person is not monitoring, and is not on call, and does not have response playbooks, that window is undefended.
Security Specialisation
Cybersecurity is a specialist discipline. The Essential Eight maturity framework — the Australian Signals Directorate's baseline for SMB security — requires patching, application control, multi-factor authentication, and backup procedures that need to be implemented consistently and maintained ongoing. An IT generalist with security responsibilities can implement some of these controls; maintaining them across a growing environment while also handling day-to-day helpdesk is a different proposition.
An MSP with a security capability brings dedicated tooling, documented processes, and the experience of managing security posture across many client environments. That breadth of exposure — seeing what attack vectors are active across a client base — is something a single in-house hire cannot replicate.
Scalability
Managed IT scales cleanly with headcount. You add a user, you add a licence. The pricing model and the service capability scale together.
Scaling in-house IT means hiring — a process that takes three to six months from job posting to effective contribution — or accepting that the existing person becomes progressively more stretched as the business grows. A 25-person business whose IT hire joined when there were 12 people is often running on a person who is covering more ground than they can handle well.
When In-House IT Makes More Sense
Being honest about this serves our readers better than overselling managed IT.
Businesses with 50 or more staff are the clearest case for in-house IT. At that scale, a full-time IT manager is cost-justified — and a senior IT manager earning $120,000–$140,000 all-in brings strategic value that a purely outsourced model cannot replicate. They attend leadership meetings, understand the business strategy, and make IT decisions in that context.
Businesses with highly specialised systems sometimes require dedicated expertise that an MSP cannot match. A manufacturing business running bespoke SCADA systems, a healthcare provider with clinical software deeply integrated into operations, or a business running proprietary legacy applications built on unusual platforms may need someone who lives in that system daily — not an MSP that visits it occasionally.
Organisations with strict regulatory requirements for on-premises data handling exist, though they are rarer than they used to be. Some government-adjacent or defence-adjacent businesses have data sovereignty requirements that affect how IT can be structured. In these cases, the regulatory framework shapes the decision more than the cost comparison.
Businesses where IT is strategic and product-facing — those building internal software, running IT as a product, or treating technical capability as a competitive differentiator — typically need internal technical leadership. An MSP is an operational support model, not a product development partner.
The hybrid model is the practical answer for many businesses in the 30–100 staff range. An in-house IT manager or coordinator handles day-to-day user support, vendor relationships, and strategic input; an MSP provides remote monitoring, security tooling, after-hours escalation, and specialist project capability. This is not a compromise — it is often the optimal arrangement.
The Hybrid Model — Getting the Best of Both
The hybrid model has become increasingly common among Australian SMBs in the 20–50 staff range, and for good reason. It resolves the main weaknesses of both pure approaches.
The in-house coordinator — who might be an IT manager, an IT coordinator, or even a technically capable office manager — handles what benefits most from internal presence: understanding the business, supporting users directly, managing hardware procurement, and maintaining vendor relationships. They are embedded in the business context in a way no external provider can be.
The MSP provides what the internal person cannot cost-effectively provide alone: remote monitoring infrastructure, security tooling (EDR, backup, email security), after-hours escalation and response, access to specialist engineering capability for projects, and a security baseline that is maintained and reported on.
The cost structure reflects this. Instead of 15 users × $120/month for a fully managed service, the hybrid model might be 15 users × $60/month for a co-managed service (monitoring, tooling, escalation, and after-hours, without primary helpdesk), plus the employment cost of a part-time or full-time internal coordinator.
For businesses in this range, the hybrid model often delivers the best outcome across both cost and capability dimensions. It is worth modelling explicitly when you are evaluating your options.
How to Make the Decision for Your Business
No general comparison resolves the question for a specific business. Here is a decision framework you can apply to your own situation.
Step 1 — Count your current and projected headcount. As a starting guide: under 20 staff, managed IT is almost always more cost-effective than a full-time hire. 20–50 staff, assess the hybrid model. 50+ staff, model a full-time IT manager against managed IT or co-managed IT. Project out two to three years — the answer that is right at 18 staff may be wrong at 35.
Step 2 — List what you actually need IT to do. If your IT needs are primarily user support, Microsoft 365 management, device management, and security baseline maintenance, an MSP is likely more cost-effective than a hire. If you need internal software development, deep integration work with proprietary systems, or someone embedded in strategic planning, internal capability becomes more important.
Step 3 — Calculate total cost honestly. Use the framework in this article. Include all employment on-costs, tooling, training, leave cover, and recruitment amortisation. Then get a real quote from one or two managed IT providers and compare scope carefully. An apples-to-apples comparison requires knowing exactly what each option includes. For detailed guidance on what to look for in a provider, see our guide on how to choose a managed IT provider.
Step 4 — Assess your security requirements. If your industry has compliance obligations — healthcare (My Health Records Act, Privacy Act), legal (trust account obligations, Law Society requirements), financial services (AFSL obligations, APRA guidance) — an MSP with a documented security capability and compliance reporting may be a materially better fit than a generalist hire. Review the Essential Eight framework as a starting point for what a security baseline should look like.
Step 5 — Consider transition cost. Switching from in-house to managed IT — or vice versa — is not seamless. There is a knowledge transfer process, a tooling transition, and a period of adjustment. Factor this into the decision, particularly if you are considering switching from an existing model rather than starting fresh.
For a broader view of what managed IT services include and how to evaluate them, see our guide to managed IT services for small business in Australia.
How Pickle Approaches Managed IT for Australian SMBs
Pickle provides fully managed IT services for Australian SMBs, strata buildings, and commercial properties — priced per user with clearly defined scope, SLAs, and a security baseline that covers the core of what the Essential Eight recommends.
The pricing model is designed to make the cost comparison straightforward: you know what you are paying, you know what is included, and you are not hit with unexpected charges for standard managed IT activities. Project work and hardware are quoted separately, and we will tell you that upfront.
We work with businesses across Sydney, regional New South Wales, and nationally. If you are evaluating your IT options and want an honest conversation about whether managed IT is the right fit for your business — including cases where we think it is not — we are happy to have it.
Call 1300 688 588 or email [email protected] to talk through your situation.
Frequently Asked Questions
Q: At what staff headcount does in-house IT become more cost-effective than managed IT?
A: The crossover point depends on salary levels, tooling costs, and the scope of what you need IT to do, but as a general guide, 50 staff is roughly where a full-time IT manager becomes cost-justifiable on a pure cost basis. Below that threshold, the total cost of employment — including on-costs, tooling, training, and leave cover — typically exceeds the cost of a fully managed IT service. Between 30 and 50 staff, the hybrid model (an internal coordinator supported by an MSP) often delivers better value than either pure option.
Q: Can I use both — an in-house IT person and a managed IT provider?
A: Yes, and many Australian SMBs in the 20–100 staff range do exactly this. The model is called co-managed IT. The internal person handles day-to-day user support and vendor relationships; the MSP provides remote monitoring, security tooling, after-hours escalation, and specialist project capability. MSP pricing for co-managed arrangements is typically lower than fully managed pricing because the helpdesk workload is shared. It requires clear role delineation to avoid gaps and duplication.
Q: What happens to managed IT costs as my business grows?
A: Per-user managed IT pricing scales linearly — add a user, add a licence fee. This is predictable, which has real value for budgeting. At sufficient scale, the per-user cost of managed IT may exceed what an in-house team would cost to operate, particularly if the in-house team can be structured efficiently. Most MSPs will model this with you transparently if you ask. Some businesses at 60–80 staff find that transitioning to a co-managed model (internal team plus MSP tooling and security) is more cost-effective than continuing on a fully managed basis.
Q: Is managed IT a long-term commitment or can I switch back to in-house?
A: Managed IT agreements typically run for 12–24 months, after which they roll over or are renegotiated. Switching back to in-house IT at the end of a contract is entirely possible — you would need to recruit, procure tooling, and manage a knowledge transfer process, but none of that is structurally prevented. The more relevant question is whether the managed IT provider documents your environment thoroughly throughout the engagement. A good MSP maintains documentation that makes transitions manageable; a poor one creates dependency through opacity. Ask about documentation practices before you sign.
Q: Does a managed IT provider replace the need for a CTO or IT manager?
A: No, and it is important to understand the distinction. A managed IT provider handles operational IT — keeping systems running, users supported, security maintained, and infrastructure patched. A CTO or IT manager is a strategic function: setting technology direction, evaluating new platforms, aligning IT investment with business goals, and representing technology in leadership decisions. These are different roles. For most SMBs under 30 staff, the CTO function is carried by the business owner or CFO with advice from the MSP. At 50+ staff, an internal IT manager becomes valuable for exactly this strategic coordination — often working alongside an MSP rather than replacing one.