So you’ve decided to handle your own IT. Good — for a lot of small businesses, that’s the right call. But “handling your own IT” and “doing it properly” are two different things. Most business owners skip steps they don’t know exist, and those gaps are where the problems creep in.
This is the step-by-step guide I’d give you if you sat down in my office and said “show me how to do this right.” No gatekeeping, no holding back — everything you need to set up and maintain your business IT yourself.
Step 1: Set up your business email properly
If you haven’t already, stop using your personal email for business. Get Microsoft 365 Business Basic (€5.60/user/month) or Google Workspace (similar price). Here’s the process:
Buy your domain (yourbusiness.ie) if you haven’t already — IE Domain Registry or any registrar. Sign up for Microsoft 365 or Google Workspace. Add your domain and verify it (they’ll walk you through adding a DNS record). Create mailboxes for each team member.
Critical step most people skip: Set up SPF, DKIM, and DMARC records. These are DNS records that prove your emails are really from you. Without them, your emails will land in spam. Microsoft and Google both have setup wizards for this — follow them exactly. If you get stuck, this is one of the things worth getting help with because a misconfigured DMARC record can block all your email.
Step 2: Secure your accounts
Turn on MFA for every single account — email, cloud storage, banking, CRM, everything. This is the single most impactful security measure you can take. Even if someone gets your password through a phishing email, they can’t get in without your phone.
Next, set up a password manager. Bitwarden is free for personal use and the business plan is €3/user/month. Generate a unique, random password for every account. No more reusing passwords, no more Post-it notes.
While you’re at it, review who has admin access to your Microsoft 365 or Google Workspace. The fewer admins, the smaller your attack surface. Your sales team doesn’t need admin rights.
Step 3: Set up cloud storage
Pick OneDrive (comes with Microsoft 365) or Google Drive (comes with Workspace). Don’t use both — it creates confusion. Create a logical folder structure: one top-level folder per department or function, clear naming conventions, and set sharing permissions so people only see what they need.
Train your team to save everything to the cloud, not to their local desktop. The desktop should just be shortcuts, not the actual files. This means if a laptop dies, gets stolen, or gets hit with ransomware, no business data is lost.
Turn on version history (it’s on by default in both OneDrive and Google Drive). This means if someone accidentally deletes or overwrites a file, you can roll back to a previous version.
Step 4: Configure proper backups
This is the step everyone skips because they think “it’s in the cloud, so it’s backed up.” It’s not. Microsoft 365 and Google Workspace have retention policies, not backups. If data is deleted beyond the retention period, or if your account is compromised and data is wiped, it’s gone.
Get a third-party backup solution. Options like Backupify, Spanning, or Veeam for Microsoft 365 cost from €3/user/month. Set it up, run a test restore, and then forget about it. That test restore is critical — a backup you haven’t tested isn’t a backup, it’s a hope.
If you have any data on local machines or a NAS, back that up too. An external drive with automated backup software, or a cloud backup service like Backblaze (€7/month per machine).
Step 5: Device management basics
Keep everything updated. Turn on automatic Windows updates. Set browsers to auto-update. Update your router firmware quarterly. Yes, updates are annoying. But unpatched systems are how ransomware gets in.
Use built-in security. Windows Defender is genuinely good now — leave it on, make sure real-time protection is active, and run a full scan monthly. On Mac, keep XProtect and Gatekeeper enabled.
Enable disk encryption. BitLocker on Windows Pro, FileVault on Mac. If a laptop is stolen, the thief can’t read the data. This takes 5 minutes to enable and is a GDPR requirement if you hold personal data on portable devices.
Step 6: Wi-Fi and network basics
Change the default admin password on your router. This sounds obvious but I’d estimate 70% of small businesses in Ireland haven’t done it. The default password is printed on a sticker that anyone who walks into your office can read.
Set up a guest network. This keeps visitors’ devices separate from your business network. Most modern routers support this — it’s usually a toggle in the settings.
If you have coverage issues, invest in a mesh Wi-Fi system. Ubiquiti, TP-Link Deco, or Netgear Orbi. €150–300 for a setup that covers a decent-sized office or premises. Much better than boosters or repeaters.
Step 7: Create a process for new starters
When someone new joins, you need a repeatable process. I’ve written a full IT onboarding checklist that covers everything: email account, cloud storage access, MFA setup, laptop configuration, software installs, and security training.
Write it down once, follow it every time. This prevents the “oh, we forgot to set up their email” panic on day one, and makes sure security isn’t skipped in the rush to get someone productive.
Step 8: Know your limits
There are things you should absolutely handle yourself. And there are things where the risk of getting it wrong outweighs the cost of getting help:
Security incidents — if you suspect a breach, get professional help immediately. The first few hours matter enormously. Don’t try to figure it out yourself while the attacker is still in your systems. Read our guide on what to do when you’ve been hacked.
Email deliverability — if emails are going to spam, don’t guess at DNS records. One wrong DMARC record can block all your outgoing email.
Compliance — GDPR isn’t optional and the penalties are real. If you’re unsure about your obligations, get advice.
The hybrid approach works well for most businesses I support across Tuam, Claremorris, Claregalway, and Athenry. You handle the daily stuff, and you have someone to call when you’re out of your depth.
Running your own IT and hit a wall? WhatsApp me. I’ll help you unstick it without trying to take over your whole setup.