Microsoft 365 has become the default productivity platform for UK businesses. From email and calendars to file storage, video conferencing, and collaboration, it provides virtually everything a modern business needs to operate — all under a single subscription. For a new business, setting up Microsoft 365 correctly from the start saves enormous time and avoids the painful migration and reconfiguration work that businesses face when they outgrow a poorly planned initial setup.
Yet despite Microsoft's efforts to make the setup process accessible, getting it right involves far more than just signing up and creating user accounts. There are decisions about licensing, domain configuration, security settings, data organisation, and compliance controls that have long-term implications for how your business operates, communicates, and protects its data.
This guide walks you through the complete process of setting up Microsoft 365 for a new UK business, from choosing the right plan to configuring the security settings that will keep your data safe.
Step 1: Choose the Right Microsoft 365 Plan
Microsoft offers several 365 plans for businesses, and choosing the right one at the outset avoids unnecessary costs or disruptive mid-term upgrades. The main options for UK SMEs are Microsoft 365 Business Basic, Business Standard, and Business Premium.
Microsoft 365 Business Basic (£4.60/user/month): Includes Exchange Online email with a 50GB mailbox, OneDrive with 1TB storage, Teams for chat and video conferencing, and web versions of Word, Excel, PowerPoint, and Outlook. It does not include desktop applications — users can only access Office apps through a web browser.
Microsoft 365 Business Standard (£9.40/user/month): Everything in Business Basic plus full desktop and mobile versions of all Office applications. This is the most popular choice for UK SMEs because it provides the full Office experience that staff expect, along with all the cloud collaboration tools.
Microsoft 365 Business Premium (£16.60/user/month): Everything in Business Standard plus advanced security features including Microsoft Defender for Office 365, Intune device management, Azure Information Protection, and conditional access policies. This plan is strongly recommended for any business handling sensitive data or subject to regulatory requirements.
| Feature | Business Basic | Business Standard | Business Premium |
|---|---|---|---|
| Monthly cost per user | £4.60 | £9.40 | £16.60 |
| Exchange Online email (50GB) | Yes | Yes | Yes |
| OneDrive (1TB) | Yes | Yes | Yes |
| Teams | Yes | Yes | Yes |
| Desktop Office apps | No | Yes | Yes |
| Intune device management | No | No | Yes |
| Defender for Office 365 | No | No | Yes |
| Conditional access | No | No | Yes |
| Max users | 300 | 300 | 300 |
While Business Standard is the most popular choice, we strongly recommend starting with Business Premium for any business that will handle personal data, financial information, or work with larger organisations that require you to demonstrate security compliance. The advanced security features — particularly Intune for device management and Defender for email security — are significantly cheaper to implement through Business Premium than to add retrospectively as standalone products.
Step 2: Register Your Domain
Your Microsoft 365 tenant will initially be set up with a default domain in the format yourcompany.onmicrosoft.com. While this works technically, it is not suitable for business use. You need to add and verify your own custom domain (for example, yourcompany.co.uk) so that your email addresses, SharePoint URLs, and Teams identifiers all use your professional business domain.
If you already own a domain, you will need to verify ownership by adding a TXT record to your domain's DNS settings. Microsoft provides the specific record to add, and most domain registrars — including GoDaddy, Namecheap, 123 Reg, and Fasthosts — support this process. Verification usually takes a few minutes to a few hours, depending on DNS propagation times.
If you do not yet have a domain, you can purchase one through Microsoft directly during the setup process, or through any domain registrar. For UK businesses, a .co.uk domain is the standard choice for domestic-facing businesses, while .com is preferable if you operate internationally.
Step 3: Configure DNS Records for Email
Once your domain is verified, you need to configure DNS records to route email through Microsoft 365. This involves setting up MX records (which tell the internet where to deliver email for your domain), SPF records (which specify which servers are authorised to send email on your behalf), DKIM records (which add a digital signature to outgoing emails to prove they are genuine), and DMARC records (which tell receiving servers what to do with emails that fail SPF or DKIM checks).
Getting these records right is critical for email deliverability and security. Incorrectly configured DNS records can cause emails to be rejected by recipients, land in spam folders, or leave your domain vulnerable to spoofing attacks where criminals send emails that appear to come from your domain.
Step 4: Create User Accounts and Assign Licences
With your domain configured, you can create user accounts for your team. Each user needs an account in Microsoft Entra ID (the identity service behind Microsoft 365) and an assigned licence that determines which services they can access.
When creating accounts, use a consistent naming convention for email addresses. The most common format in the UK is firstname.lastname@company.co.uk, which is professional, easy to remember, and scales well as the business grows. Avoid using first names only, initials, or inconsistent formats that will cause confusion.
Consider creating shared mailboxes for generic addresses like info@, accounts@, and support@. Shared mailboxes do not require a licence, making them a cost-effective way to manage departmental email without paying for additional users.
Step 5: Configure Security Settings
This is the step that too many new businesses skip or defer — and it is arguably the most important. Microsoft 365 provides powerful security tools, but many of them are not enabled by default. You need to actively configure them.
Multi-Factor Authentication (MFA)
MFA should be enforced for every user from day one. Microsoft's Security Defaults feature provides a basic level of MFA enforcement at no additional cost. For Business Premium subscribers, conditional access policies offer more granular control, allowing you to require MFA based on factors like location, device compliance, and risk level.
Security Defaults
At a minimum, enable Security Defaults in your Microsoft Entra ID tenant. This enforces MFA for all users, blocks legacy authentication protocols (which are frequently exploited by attackers), and requires administrators to authenticate with MFA every time they sign in. Security Defaults are free and take less than a minute to enable.
Day-One Security Settings
- Enable Security Defaults or conditional access
- Enforce MFA for all users — no exceptions
- Disable legacy authentication protocols
- Configure anti-phishing policies in Defender
- Enable audit logging
- Set strong password policies (minimum 12 characters)
- Configure data loss prevention for sensitive content
Common Security Mistakes to Avoid
- Leaving MFA as optional — staff will not enable it voluntarily
- Using the global admin account for daily work
- Not configuring SPF, DKIM, and DMARC records
- Sharing a single admin account among multiple people
- Not reviewing sign-in logs for suspicious activity
- Leaving external sharing in SharePoint and OneDrive unrestricted
- Not training users on phishing recognition
Step 6: Set Up SharePoint and OneDrive
SharePoint and OneDrive are your file storage and collaboration platforms within Microsoft 365. OneDrive provides each user with 1TB of personal cloud storage, while SharePoint provides shared document libraries for teams, departments, and projects.
For a new business, establish a clear file structure from the outset. Create SharePoint sites for each department or team and set appropriate permissions. Enable versioning on document libraries so that previous versions of files can be recovered. Configure sharing settings to prevent users from inadvertently sharing sensitive documents externally.
Set up OneDrive Known Folder Move on all company laptops, which automatically redirects the Desktop, Documents, and Pictures folders to OneDrive. This ensures that locally created files are automatically backed up to the cloud without users having to remember to save files in the right place.
Step 7: Configure Teams
Microsoft Teams is the hub for communication and collaboration within Microsoft 365. For a new business, configure Teams thoughtfully rather than allowing a chaotic proliferation of channels and teams.
Create a Teams structure that mirrors your organisation — a team for each department, with channels for specific topics or projects. Set clear naming conventions and configure guest access policies if you need to collaborate with external partners. Consider configuring Teams calling if you want to use Teams as your phone system, which can save the cost of a separate telephony solution.
Step 8: Plan for Backup
A common misconception is that because Microsoft 365 is a cloud service, your data is automatically backed up. While Microsoft provides infrastructure redundancy and some data retention capabilities, it does not provide comprehensive backup in the traditional sense. Microsoft's shared responsibility model makes clear that protecting and backing up your data is your responsibility.
We recommend implementing a third-party backup solution for Microsoft 365 from day one. Solutions like Veeam Backup for Microsoft 365, Datto SaaS Protection, or Acronis Cyber Protect back up your Exchange mailboxes, OneDrive files, SharePoint sites, and Teams data to an independent location, giving you the ability to recover from accidental deletion, malicious destruction, or ransomware attacks. Typical costs range from £2 to £4 per user per month — a small price for the protection it provides.
Need Help Setting Up Microsoft 365?
Cloudswitched is a Microsoft Partner specialising in Microsoft 365 setup, migration, and management for UK businesses. We handle the technical configuration so you can focus on running your business from day one.
GET IN TOUCH
CloudSwitched
Centrally located in London, Shoreditch, we offer a range of IT services and solutions to small/medium sized companies.