Skip to content
← All service tiers

Service tier 5 of 5

Premium

Defence-in-depth. Human SOC, application allowlisting, after-hours response.

$329 / user / month inc-GST

Minimum 10 users. All prices include GST.

Who it's for

Mature SMB 8-15 staff who need premium-grade security with around-the-clock threat detection

  • Allied health or medical practice handling patient records
  • Financial services firm under AFSL / ASIC obligations
  • Legal practice with confidentiality and matter-data exposure
  • Government supplier with security clearance or contractual cyber obligations
  • Any business that has lost a client to a competitor over 'cyber maturity' on their RFP

Why Premium

Premium is where IT becomes a continuous-defence function instead of an availability function. The headline additions are Huntress (24/7 human SOC reviewing every alert Defender for Business raises) and application allowlisting (only software you approve can run, full stop — the single highest-impact ransomware control there is).

Premium also unlocks the security and compliance work that lives outside business hours — incident response if something happens at 9pm on Saturday, threat-hunting if Huntress sees something subtle, and after-hours best-effort response to genuine emergencies.

If you're handling client data that matters — financial, medical, legal, government — Premium is the floor. The cost is real ($329/user/month inc-GST), but so is the protection. Compare against the cost of one ransomware event hitting a client whose endpoint had Solo Secure when it needed Premium.

What's included

Everything in Premium, by category.

Bundled price; no separate line items. The list below is the full scope of what we deliver at this tier.

Everything in Standard
  • All Standard inclusions, plus:
Endpoint security
  • Huntress Managed AV + Process Insights — 24/7 human SOC reviewing alerts
  • Huntress ITDR (Identity Threat Detection and Response) — M365 identity layer
  • Application allowlisting (ThreatLocker-class) — only approved apps can run
Email security
  • Phishing simulation + awareness training platform
Web / Zero Trust
  • Cloudflare Zero Trust full suite — Tunnel + Access + Browser Isolation + WARP
Support
  • After-hours best-effort response (Saturday 9am-5pm; Sunday 1pm-5pm; outside hours we triage to next business day)
  • Quarterly Business Review (QBR) — strategic + tactical roadmap session
Compliance
  • Essential Eight assessment (annual)
  • Active policy enforcement and remediation
  • SMB1001 certification support (assessment + gap-fix + maintenance) — bundled

What's NOT included

Honest about the boundaries.

Other MSPs leave this off their service pages and then surprise you with line items. Here's the explicit list of what you don't get at Premium.

  • After-hours on-call retainer — separate add-on at $500/month (priority after-hours response, honestly framed — see FAQ)
  • On-site visits beyond the standard included travel (Ipswich-Toowoomba corridor); travel outside corridor at $1.20/km + travel time
  • Hardware procurement margin (we sell at cost + small handling fee; not a profit centre)
  • Strategic projects beyond vCIO scope (separate project quotes — e.g. M365 migration from a legacy system, on-prem-to-cloud project)

FAQ

Common questions — Premium

Why is application allowlisting such a big deal?
Most ransomware works by tricking a user into running an executable. If only approved applications can run, ransomware doesn't run. The control is binary and brutal: yes or no. That's why it's the #1 Essential Eight Maturity Level 2 control. Premium ships it.
What does '24/7 human SOC' actually mean?
Huntress runs a 24/7 Security Operations Center. When Defender for Business raises an alert, a human at Huntress reviews it within 15 minutes typically (often faster). They investigate, escalate to us if action is needed, or close it if it's benign. You're not relying on automated triage; humans are looking.
Do I get 24/7 response from Outlaw IT directly?
No — and we won't pretend otherwise. Outlaw IT is a one-engineer practice. What runs 24/7 at Premium is the Huntress Security Operations Centre: human analysts detecting, triaging and containing threats around the clock, including isolating a compromised machine. For priority after-hours response from us, the on-call retainer ($500/month, Premium-only) means issues raised before 9pm are picked up the same evening, and anything later by 8am the next day. Most clients don't need it; the ones who do get the honest version of it.
Is the SMB1001 work really bundled?
Yes for Bronze. Silver and higher tiers involve more evidence-collection work and are scoped as add-on projects. The bundled scope: initial assessment, gap-fix project (up to 20 hours), annual maintenance.
What's the 10-user minimum about?
Premium's cost stack only pays back at 10+ users. Below that, the per-user fee is mathematically the same but the absolute spend is too high relative to the size of business at risk. Standard is the right answer for 5-9 staff. For genuine edge cases — a 7-person legal practice that needs Premium's defence-in-depth — we apply a $50/mo flat sub-minimum tenant fee on top of the per-user rate to cover the fixed per-tenant overhead.
Onboarding fee and contract term?
Premium carries a $5,000 inc-GST one-off onboarding fee (~32-40 hours of setup labour — Standard scope plus application allowlisting deployment, phishing simulation platform standup, after-hours rollout briefing, Essential Eight Level 1 baseline, first QBR scheduled, active policy enforcement framework). 12-month commitment is the default at the published $329/user/mo rate. Month-to-month is available at $362/user/mo. 24-month earns 5% off list ($313), 36-month earns 8% off ($303); onboarding waivable on 24-month at our discretion and waived by default on 36-month.

Ready to talk about Premium?

30-minute discovery call. We'll confirm fit and quote your specific scenario. No sales script.

Book a 30-min discovery call