Things people usually ask us

Before getting in touch, most people have a few of the same questions. Here are honest answers to the ones that come up most often.

About the work

No — and that's a deliberate choice. Your IT provider keeps the infrastructure running: laptops, servers, connectivity, accounts. That's their job and they do it well.

Our work sits at a different layer — how your organisation uses Microsoft 365, how work flows, and whether your security and governance posture is where it needs to be. We work alongside your IT provider, not instead of them. Anything that needs admin-level infrastructure access goes through them, with clear instructions from us.

In practice, most clients find the two relationships complement each other well. We handle the strategy and way-of-working. They handle the platform.

For the M365 Health Check, we use a read-only account. We can see everything in your tenant — security settings, sharing configuration, licensing, usage data — but we cannot make any changes. Your IT provider stays in control of the environment throughout.

For implementation work, the highest permission we'd typically hold is SharePoint site admin — the same level a confident business user could hold. We never hold global admin or infrastructure-level keys to your environment.

Our report is built on 30 years of technology experience, backed by system configuration data pulled directly from your tenant.

Most of our clients are small — between 5 and 50 people. In our experience, the smaller the team, the more visible the waste is, and the faster you see the benefit of fixing it.

A team of five people each spending two hours a week on things that shouldn't take that long is 500 hours a year. That's a meaningful number for any organisation.

We don't work to a minimum headcount. If you're paying for Microsoft 365 and not getting full value from it, that's worth looking at regardless of your size.

Microsoft 365 works on Mac — but with some nuances worth knowing about. The desktop Office apps (Word, Excel, Outlook) are fully supported on macOS. Teams and OneDrive work well. Where we occasionally see friction is with Mac users running Apple Mail instead of Outlook, or with OneDrive sync behaviour that differs slightly from Windows.

Where your team is mixed Mac and Windows, we factor that into our review and any recommendations we make. It's rarely a blocker — just something to account for.

We can help you evaluate whether Microsoft 365 is the right fit for your organisation, and if it is, get you set up properly from day one rather than plugged in and left to figure it out.

Getting the foundations right early — security defaults, file structure, email authentication, licensing — is considerably cheaper than untangling a poorly configured tenant eighteen months later. That's a lesson most organisations learn the hard way.

The M365 Health Check

In one working day, we review your Microsoft 365 tenant against six areas: security and identity (MFA, admin accounts, conditional access); licensing (what you're paying for versus what's actually in use); storage and sharing (where files live and who can see them); Teams and SharePoint configuration; email security (SPF, DKIM, DMARC — whether your domain can currently be impersonated); and usage and adoption across the tenant.

You receive a plain-English report with a prioritised action plan — written for business leaders, not IT teams. No jargon, no appendices full of screenshots. Just a clear picture of where you stand and what to do about it.

No. The Health Check stands entirely on its own. The report will give you a prioritised list of actions — some of which you or your IT provider can act on directly, and some of which we can help with if you want us to.

If the report reveals things you'd like us to help fix, we'll discuss what that looks like and give you a clear scope and cost before anything moves forward. There's no automatic next step and no obligation to continue.

If it turns out that everything is in good shape, we'll tell you that too.

Within three working days of completing the review. We'll agree a start date with you, carry out the review remotely on that day, and deliver the written report shortly after.

Probably not. Most IT audits focus on infrastructure — hardware inventory, network security, backup status, compliance posture. They typically don't go deep on how Microsoft 365 is actually configured or used day to day.

The Health Check is specifically focused on your M365 tenant: what's switched on, what isn't, what's misconfigured, what's being paid for but unused, and where the security gaps are. It's complementary to a general IT audit, not a replacement for it.

Licensing and cost

This is one of the most common findings in a Health Check. Licensing waste typically shows up in two ways: licences assigned to people who've left, and licences at a higher tier than the user actually needs — someone on Business Premium when Business Basic would do everything they use.

We look at actual usage data across the tenant — not just what's assigned, but what's being used — and give you a clear recommendation on right-sizing. For most small organisations, there's a meaningful saving to be found.

We don't resell licences, so our recommendation is based purely on what's right for your organisation — not on what earns us a margin.

It's a cost and a risk. If you're already paying for Microsoft 365, you're already paying for OneDrive and SharePoint — tools that do everything Dropbox does, with better permission controls, better integration with the rest of your workflow, and proper governance when people leave.

The bigger concern with Dropbox is access control. Links shared eighteen months ago to contractors who no longer work with you are almost certainly still active. Microsoft 365 lets you set expiry dates on links, limit sharing to named individuals, and revoke access instantly when a project ends. Dropbox doesn't.

Migration from Dropbox to SharePoint or OneDrive is straightforward — Microsoft provides a built-in migration tool that handles folder structure intact.

Security and data

Microsoft 365 is built on enterprise-grade infrastructure with data centres across the UK and EU. Microsoft is responsible for keeping the platform available and secure. That's not the same as your data being safe — that depends on how the tenant is configured.

The most common security gaps we find are: MFA not enabled for all users (which means a compromised password is enough to access the whole account); overly permissive external sharing settings; admin accounts without appropriate protection; and sensitive documents sitting in locations accessible to far more people than intended.

A properly configured M365 tenant is highly secure. An improperly configured one is a meaningful risk. The Health Check tells you which one you have.

This is one of the most important questions to ask — and most organisations don't think to ask it until something goes wrong.

Microsoft keeps the platform running, but protecting your data is your responsibility. What you get out of the box is a recycle bin: 93 days for SharePoint and OneDrive, 14 days for deleted email. After that, deleted items are gone.

Microsoft now offers a native backup add-on — launched in 2024 — that covers Exchange, SharePoint, and OneDrive at around £0.12 per GB per month. For a 25-person organisation, that's typically in the region of £25-40 a month. For most organisations, that's very reasonable insurance.

We can advise on whether the native backup is appropriate for your situation, or whether a third-party backup solution is a better fit.

More than most organisations realise. Disabling or deleting a Microsoft 365 account immediately revokes access to email, files, Teams, and SharePoint — which is the right outcome. But there are several things to do before that happens.

Their OneDrive should be preserved and handed to their manager before the account is closed — Microsoft gives you 30 days by default, but this can be extended. Any files stored only in their personal OneDrive (rather than in shared SharePoint sites) will otherwise be at risk. Their email should be forwarded or their mailbox converted to a shared mailbox so important correspondence isn't lost. And any external sharing links they created should be reviewed.

A simple offboarding checklist — which we can help you build — makes this a two-minute process rather than a stressful scramble.

Copilot and AI

Possibly — but the more useful question to ask first is whether you're ready for it. Copilot works by reasoning across everything in your Microsoft 365 tenant: emails, documents, Teams conversations, calendar. In a well-organised environment, that's powerful. In a poorly organised one, it surfaces the wrong version of things, superseded policies, and documents that were never meant to be seen beyond one person.

The question worth asking before you buy a licence is: would we be comfortable if an intelligent system could read everything we have and answer questions about it? If that gives you pause, the pause is telling you something — and the things it's pointing to are fixable.

Our Copilot Readiness Review is a half-day assessment that gives you an honest answer to that question before you spend the money.

Copilot respects Microsoft 365 permissions — it will only surface content that the person asking has access to. That sounds reassuring until you consider that in many organisations, permissions have drifted significantly from what was intended.

Sensitive HR documents in a SharePoint site that's technically accessible to the whole organisation. Financial data in a folder shared broadly for convenience years ago. A draft that was never meant to leave one person's inbox.

Copilot doesn't create these problems. It makes them visible — at exactly the moment someone asks a question they probably shouldn't have a full answer to. Getting permissions right before deploying Copilot isn't optional; it's the work that makes it safe to use.

Working with us

Business transformation is hard to reduce to a single number — and we won't pretend otherwise. What we can tell you is that if a team of five people each get ten hours a month back from a recurring process that's been redesigned, that's 600 hours a year returned to your business. At any reasonable value of your team's time, that pays for itself many times over.

Before we start any piece of work, we agree with you what success looks like — which processes we're targeting, what the current pain is, and what good looks like in practice. That gives both of us something concrete to measure against.

One thing we're direct about upfront: we can lead, coach, and design the right way of working. The commitment to change has to come from the top of your organisation. Every transformation we've seen succeed has had visible leadership behind it.

We don't disappear after the work is done. If something isn't working as expected in the first weeks after a change, we're still available. That's built into how we work, not an add-on.

It's also worth noting that we work at the application layer — Teams, SharePoint, OneDrive, Exchange — the same layer any business user operates at. We don't touch infrastructure. The kinds of changes we make are reversible, and we document what we've done so that anyone can see exactly what changed and why.

Both. The M365 Health Check and Copilot Readiness Review are fully remote — there's no need for us to be on-site for a tenant review. For SharePoint Intranet projects and ongoing IT Director on Call engagements, we work primarily remotely but can attend on-site for key conversations, workshops, or board sessions where it makes sense.

We're based in Spennymoor, County Durham, and work with organisations across the North East and Tees Valley in person, and with clients further afield remotely.

Yes — and this is a significant part of what we do. Charities and social enterprises often have the most to gain from getting Microsoft 365 working properly, because every hour saved on avoidable admin is an hour that goes back to the work the organisation exists to do.

It's also worth knowing that eligible charities can access Microsoft 365 Business Premium at significantly reduced cost through the Microsoft for Nonprofits programme — up to ten free licences and heavily discounted additional seats. If you're not already taking advantage of this, it's one of the first things we'd raise.

Still have a question we haven't answered?

Book a free 20-minute call — no pitch, no agenda, just a straight conversation about whether we can help.

Book a free 20-minute call