Ask most NZ business owners how they should handle IT and they'll frame it as a two-way choice: hire someone in-house, or outsource it to a provider. That framing quietly skips the model most growing Kiwi SMEs actually end up needing. There are really three options — in-house, outsourced break/fix, and managed services — and they differ far more than the headline price suggests. The cheapest-looking one on paper is almost never the cheapest once you account for downtime, security, and the cost of your own time.

This is a vendor-neutral walk through all three, with realistic NZ numbers and a decision framework you can apply to your own business today.

The Three Models, Defined Properly

1. In-House IT

You employ your own IT person or team. For a NZ SME that usually means a single "IT person" wearing every hat — helpdesk, servers, security, procurement, projects, and vendor management — or, in larger firms, a small internal team.

2. Outsourced Break/Fix

You have no internal IT and you call a provider when something breaks. You pay by the hour or by the ticket. Nothing is monitored or maintained proactively — the provider only shows up when you're already having a bad day.

3. Managed Services (Outsourced IT Department)

You outsource to a provider on a fixed monthly per-user or per-device fee. They proactively monitor, patch, secure, and support everything — and they're financially motivated to prevent problems rather than bill for them. This is effectively renting an entire IT department for less than the cost of one salary. It's the model most of our clients across the Waikato and Bay of Plenty run on, and it's what our IT consulting and support engagements are built around.

The Honest Cost Comparison

Here's the part most comparisons get wrong: they compare a salary against a monthly fee and stop there. The real comparison has to include coverage, security tooling, downtime risk, and single-person-dependency. For a typical 20-person NZ business:

Factor In-House (1 person) Break/Fix Managed Services
Direct annual cost $75k–$110k salary + on-costs $8k–$20k (variable) $24k–$40k ($100–$165/user/mo)
Security tooling included Extra — you buy it separately No Usually bundled (EDR, backup, patching)
Coverage when they're sick / on leave None — you're exposed Whenever they're free Team-based, always covered
After-hours / weekend cover Rare / goodwill only Premium hourly rates Typically included or optional add-on
Proactive maintenance If they have time None Core of the model
Breadth of expertise One person's knowledge Reactive only Whole team: network, cloud, security
Cost when something big breaks Included, but slow if it's outside their depth Uncapped hourly — worst when you can least afford it Fixed — no surprise invoice

The headline numbers make break/fix look cheapest and in-house look "just one salary." Both are misleading. Break/fix is cheapest right up until the day it isn't — the ransomware event, the failed server, the week your one contact is on holiday. In-house is one salary plus the security tools, backup, monitoring platform, and training that a managed provider buys at scale and spreads across hundreds of clients.

The Single-Person Risk Nobody Prices In

The most common IT failure mode we get called into isn't a hacker — it's a business that depended on one person. Either an in-house "IT guy" who left three years ago with all the passwords in his head and no documentation, or a one-man-band contractor who got too busy with bigger clients to return calls. When your entire technology operation lives in one person's head, you don't have an IT strategy — you have a key-person risk.

Managed services spreads that across a team with shared documentation, so no single person's absence takes you offline. That resilience is the real product — the monthly fee is almost incidental.

A Decision Framework by Size and Stage

1–10 staff

Managed services, almost always. You can't justify a full-time salary, and break/fix leaves you exposed on security — which now matters even at this size because of the Privacy Act 2020 and cyber insurance requirements. A managed agreement gives you enterprise-grade tooling and a whole team for a predictable monthly cost.

10–30 staff

Managed services is the sweet spot. This is where the "one salary vs a monthly fee" comparison is most tempting and most wrong. A single hire can't cover helpdesk, security, cloud, and projects — and can't be in two places at once. A managed provider covers all of it with depth and redundancy. This is the band most of our NZ SME clients sit in.

30–75 staff

Consider co-managed IT. At this size an internal IT coordinator or systems administrator starts to make sense for day-to-day, floor-walking, and business-specific knowledge — backed by a managed provider for security, infrastructure, out-of-hours cover, and specialist projects. You get the best of both: someone on-site who knows your business, plus a team behind them so you're never one resignation away from chaos.

75+ staff

In-house team plus specialist outsourcing. A genuine internal team becomes viable, but even then most NZ firms this size outsource specific functions — cybersecurity operations, cloud architecture, or after-hours monitoring — rather than trying to hire every specialism. Very few businesses under a few hundred staff can afford a full-time security specialist, so that piece stays outsourced.

What "Co-Managed" Actually Looks Like

Co-managed IT is the fastest-growing model we see, and it's worth understanding because it dissolves the false binary. In a co-managed arrangement:

  • Your internal person handles user onboarding, day-to-day requests, and business-specific systems they know intimately.
  • The provider handles the security stack, patching, backup, monitoring, and the projects that are too big or too specialised for one person.
  • Documentation, tooling, and escalation are shared — so when your internal person is on leave, nothing stops.

It costs more than pure managed services but less than a second in-house hire, and it removes the key-person risk that sinks so many internal IT setups.

Red Flags in Each Model

In-house red flags: no documentation, one person holds all the passwords, security tooling is whatever came free, and there's no plan for when they're sick, on leave, or resign.

Break/fix red flags: your provider only ever appears when something's already broken, there's no monitoring, no patching, no backup verification, and every serious problem comes with an uncapped hourly invoice at the worst possible moment.

Managed services red flags: vague scope ("all your IT" with no specifics), no named security inclusions (EDR, third-party backup, patching, MFA), lock-in contracts that bundle a "free" migration into three years of fees, and per-user pricing that isn't broken out so you can't compare like-for-like. If you're evaluating providers, our guide to choosing an IT partner walks through the questions to ask.

How This Interacts With Your Wider IT Decisions

Your support model doesn't sit in isolation. If you're weighing up on-prem versus cloud or planning a cloud migration, the right support model often becomes obvious: a cloud-first business is far easier to support remotely under a managed agreement, while heavy on-prem infrastructure raises the case for either co-managed or in-house hands on site.

Frequently Asked Questions

Is outsourced IT cheaper than hiring in-house in NZ?

For businesses under about 30 staff, yes — almost always. A single in-house hire costs $75k–$110k in salary plus on-costs, and you still have to buy security tooling, backup, and monitoring separately. A managed services agreement covers a whole team plus the tooling for roughly $24k–$40k a year for a 20-person business.

What's the difference between break/fix and managed services?

Break/fix is reactive — you call and pay by the hour when something breaks. Managed services is proactive — a fixed monthly fee for continuous monitoring, patching, security, and support designed to stop problems before they happen. Break/fix looks cheaper until you total up the downtime and emergency invoices.

What is co-managed IT?

Co-managed IT combines an internal IT person with an external provider. Your staffer handles day-to-day and business-specific systems; the provider handles security, infrastructure, out-of-hours cover, and specialist projects. It suits businesses of roughly 30–75 staff and removes the key-person risk of relying on one internal person.

At what size should a NZ business hire in-house IT?

A full-time internal hire typically only becomes cost-effective around 75+ staff — and even then, most firms keep cybersecurity and specialist work outsourced. Below that, managed or co-managed services give you more coverage and depth for the money.

Can I switch from break/fix to managed services easily?

Yes. A good provider starts with a discovery and onboarding phase — documenting your environment, closing security gaps, and setting up monitoring — before moving you onto a monthly agreement. The transition is usually straightforward and often surfaces long-standing issues that break/fix never addressed.

The Bottom Line

For most NZ small and medium businesses, the honest answer is managed services up to around 30 staff, co-managed from there, and a hybrid in-house-plus-specialists model only once you're genuinely large. The trap to avoid is the false choice between "hire one person" and "call someone when it breaks" — both leave you carrying risk that a proper managed arrangement removes for a predictable monthly cost.

If you'd like a straight answer about which model fits your specific business — including an honest "you don't need us yet" if that's the reality — Tryzee offers a free initial consultation. We work with businesses across Matamata, the Waikato, and the Bay of Plenty, and we'll tell you plainly which approach makes sense for where you are now and where you're heading. Learn more about our IT consulting or get in touch for a no-obligation chat.