You know you should have better IT. You know your passwords are probably not great. You suspect your Microsoft 365 setup is held together with string and hope. And you're fairly sure that if someone actually tried to hack your business, they'd get in without much trouble.
But nothing's happened yet, so it stays on the to-do list. Somewhere between "fix the aircon" and "update the website."
If that sounds familiar, you're in good company. Most small businesses in Perth are in exactly the same position. The problem isn't that people don't care about IT security — it's that the barriers to getting it sorted feel impossibly high.
Let's talk about what those barriers actually are and what you can do about them.
Barrier 1: "I don't know where to start"
This is the big one. IT feels overwhelming because there's so much of it. Passwords. Backups. Firewalls. Antivirus. Cloud storage. Email security. Multi-factor authentication. Device management. The list goes on.
When you don't have a technical background, it all blurs together into one big, intimidating wall of things you probably should be doing but aren't.
The fix: You don't need to do everything at once. Start with the three things that have the biggest impact:
- Turn on multi-factor authentication (MFA) for every account, especially email. This alone blocks the vast majority of account takeovers.
- Check who has access to what. When was the last time you reviewed who can access your business email, files, and financial systems? Former employees, old contractors — they might still have access.
- Make sure your data is backed up somewhere that isn't just "the same computer." If your laptop dies tomorrow, can you get everything back?
Those three things will put you ahead of most small businesses in Perth.
Barrier 2: "I can't afford proper IT"
This one's partly true and partly a perception problem. Enterprise-grade IT infrastructure is expensive, but you don't need enterprise-grade. You need small-business-appropriate.
The reality is that most Perth small businesses are already paying for tools that include security features they're not using. Microsoft 365 Business Basic, for example, comes with MFA, data loss prevention basics, and secure cloud storage — most businesses just haven't turned those features on.
The fix: Before you spend money on new tools, audit what you've already got. You might be surprised at how much security you're paying for but not using. A quick review of your existing Microsoft 365 or Google Workspace setup often uncovers security features that are sitting there waiting to be switched on.
Barrier 3: "I had a bad experience with an IT provider"
Perth has its fair share of IT companies, and not all of them are great at working with small businesses. Common complaints we hear:
- "They talked over my head and made me feel stupid"
- "They tried to sell me a massive package I didn't need"
- "They set things up and then I never heard from them again"
- "I couldn't get hold of anyone when something went wrong"
If you've been burned before, it makes sense that you'd be hesitant to try again. But the right IT support for a small business isn't about enterprise contracts and locked-in agreements. It's about someone who explains things plainly, does what you actually need, and is there when things go sideways.
The fix: Look for someone who'll have a conversation first, not someone who leads with a quote. If a provider can't explain what they're recommending in plain language, they're not the right fit.
Barrier 4: "We're too small to be a target"
This is the most dangerous assumption a small business can make. Cyber attacks on small businesses in Australia have been increasing year on year. The Australian Cyber Security Centre (ACSC) reports that small businesses are frequently targeted precisely because they tend to have weaker security.
Attackers aren't personally targeting your plumbing business or your café. They're running automated scans looking for easy entry points — weak passwords, unpatched software, email accounts without MFA. If your door is unlocked, it doesn't matter how small your house is.
The fix: Accept that security isn't optional, but it doesn't have to be complicated. The basics — MFA, strong passwords, regular updates, and backups — cover the majority of risk. You don't need a security operations centre. You need good habits and the right setup.
Barrier 5: "I don't have time to deal with this"
You're running a business. You've got clients to serve, staff to manage, bills to pay. Sitting down to figure out IT security is genuinely hard to prioritise when there are a hundred other things demanding your attention.
The irony is that a security incident will take far more of your time than getting set up properly would. A ransomware attack on a small business typically takes weeks to recover from — if recovery is even possible. Data breaches require notification under Australian privacy law, and the reputational damage can be lasting.
The fix: Outsource the thinking. You don't need to become an IT expert. You need someone who can review your setup, tell you what needs fixing, fix it, and then check in periodically to make sure things are still on track. A one-off IT health check takes about 30 minutes of your time and gives you a clear picture of where you stand.
Getting your IT sorted in Perth
The pattern we see with Perth small businesses is almost always the same: they know their IT isn't right, they've been meaning to fix it, and something eventually forces their hand — either a security scare, a compliance requirement, or just the frustration of things not working properly.
The earlier you deal with it, the cheaper and less stressful it is. Starting with a conversation about where you are now and what actually needs attention is always better than waiting for something to go wrong.
We offer a free 30-minute IT health check for Perth small businesses — no obligation, no jargon, just a straightforward look at your setup and practical recommendations for what to fix first.