Microsoft 365 Setup
Complete Microsoft 365 tenant configuration following Microsoft best practices: identities, core services, security and documentation. Trusted by Italian companies — starting right makes a difference for years.
100%
of configured tenants pass the Microsoft Secure Score baseline
1
week for a complete, documented setup
0
security issues in the first 4 weeks post go-live
Full
documentation and IT team handover included
The challenge
The challenges companies face today.
Tenant configured 'quickly' at launch
Most companies configure the Microsoft 365 tenant on their own, without following best practices. The problems don't show up immediately — they arrive 6 months later as security issues, disorganised licences and avoidable tickets.
Uncontrolled identities and access
Users without MFA, poorly structured security groups, admin permissions handed out informally. Without correct Entra ID configuration, the risk of unauthorised access is real and growing.
Services not integrated with each other
Exchange, Teams, SharePoint and OneDrive overlap and complement each other — but only when configured coherently. Wrong initial choices translate into tool confusion and duplicated data.
No environment documentation
An IT team that doesn't know how the tenant is configured. No policy documentation, no operational procedures. When something goes wrong, nobody knows where to start.
How we work
A structured path for measurable results.
Initial Assessment
We analyse the starting point: existing tenant to optimise or setup from scratch. We define objectives, security requirements, organisational structure and legacy system integrations with the IT team.
Identity Configuration
Entra ID, user and group structure, licence assignment, administrative roles with least-privilege principle. On-premise Active Directory sync if required.
Services and Security Setup
Exchange Online, Teams, SharePoint, OneDrive — configured in an integrated, coherent way. MFA, Conditional Access, external sharing policies, DLP. Optimised Microsoft Secure Score.
Documentation and Handover
Complete environment documentation: architectural choices, configurations, operational procedures for recurring activities. The IT team receives everything needed to manage the environment independently.
What we do
What we concretely build for you.
Identity Configuration on Entra ID
User structure, security and distribution groups, thoughtful licence assignment, administrative roles. On-premise Active Directory synchronisation and custom domain configuration.
- Entra ID
- Active Directory Sync
- Licences
- Admin Roles
Exchange Online and Email Setup
Mailboxes, distribution groups, aliases, shared calendars, anti-spam and anti-phishing rules. Zero-downtime migration from current mail with full history preservation.
- Exchange Online
- MX Records
- Anti-spam
- Mail Migration
Teams and SharePoint Configuration
Teams and channel structure, meeting and recording policies, SharePoint sites and document libraries. Consistent permissions and governance between Teams and SharePoint.
- Teams
- SharePoint
- Meeting Policies
- Governance
Security and Access Policies
Mandatory MFA, Conditional Access for roles and devices, external sharing policy appropriate to the sector. Optimised Microsoft Secure Score baseline and DLP configuration for sensitive data.
- MFA
- Conditional Access
- DLP
- Secure Score
Case studies
See how we delivered results for companies like yours.
200+ implementations across Microsoft 365, Azure, Power Platform and SharePoint.
Deep dive
Starting right makes a difference for years
A poorly configured Microsoft 365 tenant doesn’t show itself immediately. It shows up six months later, when security problems arise, when licences are disorganised, when the IT support team is overwhelmed with tickets that could have been avoided.
Dev4Side configures the Microsoft 365 tenant following Microsoft best practices from day zero: clean digital identities, integrated services, proactive security, complete documentation. A solid starting point that reduces future problems and accelerates your team’s adoption.
Digital Identity Configuration on Entra ID
Identities are the foundation of Microsoft 365. On Entra ID we configure access, permissions, group and department structure to reflect the actual organisation of the company. We assign licences thoughtfully and configure administrative roles following the principle of least privilege.
Includes: company domain configuration, user creation and management, Microsoft 365 licence assignment, administrative roles, department and security group structuring, on-premise Active Directory synchronisation where required.
Core Services Setup
Exchange Online, Teams, SharePoint and OneDrive are not separate tools — they communicate with each other, overlap, complement each other. The consistency of initial choices determines how well they work together. We configure each service in an integrated way, with clear logic that your IT team can understand and manage independently.
Security Policies
A tenant without defined security policies is an exposed environment. We configure conditional access based on roles, devices and geographic locations. Mandatory MFA for all users. External sharing policies appropriate to your sector.
Includes: Multi-Factor Authentication (MFA), Conditional Access policies, external sharing policies, global security settings, granular SharePoint and OneDrive permissions, Microsoft Secure Score baseline configuration.
Microsoft 365 Setup for Italian Companies
We configure Microsoft 365 tenants for Italian companies of all sizes — from 20-person professional firms to 500-person manufacturing organisations. Italian companies often have specific requirements: custom domain configuration for Italian TLDs (.it), integration with Italian HR and payroll systems, GDPR-compliant data retention aligned with Italian data protection authority (Garante) guidelines, and Teams and SharePoint configured for Italian language and regional settings.
Our Milan and Pesaro offices mean we can work on-site when required, and our consultants communicate in Italian throughout the project.
What a Good Setup Looks Like
A properly configured Microsoft 365 tenant has several characteristics that are easy to verify: a Microsoft Secure Score above 70%, MFA enforced for all users, no admin accounts with active licences, external sharing limited to specific domains, SharePoint and OneDrive storage governed by retention policies, and complete documentation that the IT team can reference without calling us.
We deliver this baseline in one week for most organisations. For companies starting from scratch, we also recommend spending a further two weeks on SharePoint information architecture — establishing the document library structure, metadata taxonomy and site hierarchy that will serve the organisation for years.
Why us
Microsoft Gold Partner for 15 years. Vertical on your industry.
Microsoft best practices from the start
We don't configure the tenant based on what seems convenient today. We follow documented Microsoft best practices — the same ones Microsoft recommends to reduce risk and maximise licence value.
Full documentation included
Every setup closes with detailed documentation: choices made, configurations adopted, operational procedures for recurring activities. The IT team doesn't depend on us to understand how their own tenant works.
Real handover, not symbolic
We don't hand over a PDF and disappear. We do a technical handover with the IT team, answer questions, train the administrators. The IT team must be able to manage the environment independently.
Technologies
The technologies we use.
Entra ID
Identities, users, groups, licences, MFA and conditional access
Exchange Online
Email, calendars, contacts and anti-spam
Microsoft Teams
Teams, channels, meeting policies and collaboration governance
SharePoint Online
Sites, document libraries, permissions and governance
OneDrive for Business
Personal storage, sharing policies, backup
Microsoft Defender
Email, endpoint and identity threat detection
Purview / DLP
Data Loss Prevention and sensitive data classification
Microsoft Intune
Mobile device management and compliance policies
FAQ
Frequently asked questions
How long does a complete Microsoft 365 setup take? +
A complete tenant setup — identities, Exchange Online, Teams, SharePoint, security policies, documentation and IT team handover — takes approximately one week for a company of up to 200 users. Larger organisations or those with complex Active Directory migrations may require 2 to 4 weeks. The setup project has a fixed scope and fixed price: no surprises.
Can you migrate our email from a different provider? +
Yes. We manage email migrations from on-premise Exchange, Google Workspace (Gmail), Aruba, GoDaddy, OVH and other hosting providers to Exchange Online. Migration is planned to minimise downtime: typically a staged migration where email flows to both old and new systems during transition, with a final cutover during low-traffic hours.
What is Microsoft Secure Score and what score should we aim for? +
Microsoft Secure Score is a measurement of your organisation's security posture in Microsoft 365, on a scale from 0 to 100%. Most unmanaged tenants score between 20% and 40%. After our setup, tenants typically score 70–80%. The most impactful improvements are enabling MFA, configuring Conditional Access, and applying SharePoint external sharing policies.
Do you set up Microsoft Intune for device management? +
Yes. We configure Microsoft Intune for mobile device management and compliance policies. This includes: device enrolment for Windows, iOS and Android, compliance policies requiring MFA and encryption, conditional access policies that block non-compliant devices, and application management restricting company data to managed apps on mobile devices.
What documentation do you provide at the end of the project? +
We deliver a complete tenant documentation package including: architectural decisions log, configuration reference, operational procedures for common tasks, and a security baseline report. The IT team receives a handover session and can call us for 30 days post-handover with questions at no additional charge.
Can you reconfigure a tenant that was set up badly? +
Yes. Remediation of an existing tenant is one of our most common engagements. We start with an assessment that identifies security risks, governance gaps and configuration issues. We then prioritise and implement remediation in order of risk, documenting every change. The result is effectively equivalent to a fresh setup — without losing existing data or users.
Do you manage Microsoft 365 ongoing after the setup? +
Yes. Our Governance & Support service and Cloud Operations service provide ongoing management, monitoring and support after the initial setup. Most clients who start with a setup project continue to a governance contract to protect their investment and keep the tenant aligned with Microsoft's evolving best practices.
What is the difference between Microsoft 365 Business Premium and E3? +
Business Premium (max 300 users) includes Intune, Defender for Business and Azure AD P1. E3 (unlimited users) adds advanced compliance, eDiscovery and unlimited archive storage. E5 adds Defender for Office 365 P2, Purview advanced compliance, and Power BI Pro. For most Italian SMEs, Business Premium is the right choice. We help clients choose the right plan mix before purchase.
Get started
Ready to bring Microsoft 365 Setup to your company?
Microsoft Gold Partner for 15 years, with over 200 successful implementations. Contact us for a free, no-obligation evaluation.