Self-Hosting vs. Microsoft 365: When Running Your Own Servers Pays Off

“Should we actually move away from Microsoft 365?” is one of the most common strategic questions reaching DATAZONE SMB advisory. The honest answer is: it depends — and more on employee count, IT staffing, compliance and workflow depth than on licence costs.

This article delivers a sober comparison matrix. We deliberately skip specific euro amounts — prices change, depend on region and customer, and marketing tables with exact figures are stale within months. Instead: orders of magnitude, structures and decision axes.

What we compare

“Microsoft 365” is more than a mailbox. An honest comparison should cover the full functional scope an SMB employee typically uses:

Function	Microsoft 365	Self-hosting equivalent
Email	Exchange Online	Mailcow, Mailu, Postfix+Dovecot
Internal file sharing	OneDrive for Business / SharePoint	Nextcloud, Seafile
External file sharing	Sharing links via OneDrive	TrueNAS WebShare, Nextcloud public links
Office applications	Word, Excel, PowerPoint, Teams	LibreOffice + browser editor (Collabora/OnlyOffice)
Calendar / contacts	Exchange calendar	Nextcloud CalDAV/CardDAV, SOGo
Video / chat	Teams	Nextcloud Talk, Element/Matrix, Jitsi
Identity management	Entra ID (Azure AD)	Authentik, Keycloak, OpenLDAP

Important: not every self-hosting setup covers all these functions at the same maturity. Mailcow is a mature mail package; Nextcloud Talk is solid for internal meetings but no 1:1 Teams replacement for complex workflows. Honest comparisons should be made functionally, not “software vs. software”.

The order-of-magnitude rule of thumb

From our advisory practice the following heuristic has held up:

Employee count	Typical recommendation
< 10 staff	Microsoft 365 — self-hosting rarely pays off
10–30 staff	Differentiated assessment, often hybrid makes sense
30–100 staff, IT person available	Self-hosting becomes strategically attractive
100+ staff, dedicated IT team	Clear strategic decision, both paths viable

This is a probability statement, not a law of nature — there are 8-staff companies that must run on-prem for regulatory reasons, and 50-staff companies that thrive on M365.

What an honest cost discussion must include

The “M365 costs X EUR per user per month” vs. “a server costs Y EUR once” calculation is the most common trap. An honest 5-year TCO for self-hosting must include:

1. Hardware acquisition (server + storage + UPS + possibly backup hardware)
2. Hardware depreciation over 4–5 years (typical server lifecycle)
3. Power and cooling (often underestimated for own server rooms)
4. Software subscriptions: Nextcloud Enterprise, OnlyOffice/Collabora support, Mailcow update repos — not everything is “free”
5. Internet connectivity with SLA (mail receipt without sufficient bandwidth and IP reputation does not work reliably)
6. Staff cost: realistic estimate of IT effort for maintenance, updates, backup monitoring, incident response — typically 0.2 to 1.0 FTE depending on complexity
7. External backup (GDPR and NIS2 demand off-site)
8. Security work: regular updates, patch management, monitoring, possibly penetration tests

An honest M365 cost position must include:

1. Licence fees per user per month (variable bundles)
2. Add-ons for compliance/archiving/backup retention
3. Third-party backup (M365’s own backup features often do not cover compliance)
4. Integration and migration costs if existing third-party systems need to be connected
5. Training (typically small, not zero)

The break-even point between M365 and self-hosting typically sits somewhere between 20 and 80 staff — and the spread is so wide because items 6 (staff cost) and 8 (security cost) make the biggest difference for self-hosting.

When Microsoft 365 is the rational choice

There are very clear cases where we recommend M365 — even though we lean open-source in general:

• Small with no dedicated IT person (< 10 staff, IT as a side role). Self-hosting would be fragile — a failed mail infrastructure on a weekend with nobody on call is genuinely business-threatening.
• Heavily Microsoft-centric workflow landscape (PowerPoint with complex animations, Excel with Power Query/Power BI, Teams channels as collaboration backbone). Here self-hosting alternatives are objectively weaker.
• Internationally networked companies with frequent external Teams meetings where counterparts expect M365.
• Compliance setups built on M365 compliance SKUs (e.g. Purview/eDiscovery for legal departments).

Hybrid setups are often attractive here: M365 for mail and office, an own solution for file sharing with external partners or sensitive areas.

When self-hosting becomes genuinely attractive

Running it yourself becomes strategically interesting when several of these factors line up:

• More than 30 staff with relatively homogeneous office workflows
• IT person or small IT team available internally — part-time is fine, but not “the boss does it on the side”
• Existing virtualisation platform (Proxmox/VMware) — server operations is not new
• TrueNAS or similar storage in-house — file hosting solves itself elegantly
• Data sovereignty arguments are defensible in your sector (law firms, healthcare, public sector suppliers, research)
• Will to be strategically independent of individual cloud providers

With these conditions a self-hosting stack is realistically operable — and can reach a noticeably cheaper long-term cost position.

Typical self-hosting stack for 30–100 staff

A recurring pattern from our customer projects:

Layer	Component
Hypervisor	Proxmox VE 9.x in 2- or 3-node cluster
Storage backend	TrueNAS as external ZFS storage
Backup	Proxmox Backup Server 4.x + off-site replication
Mail server	Mailcow on LXC or VM, with MX backup at the provider
File sharing	Nextcloud on VM, storage via NFS from TrueNAS
Office editing	Collabora Online or OnlyOffice in containers
Video / chat	Nextcloud Talk for internal; Jitsi for external meetings
Identity	Authentik or Keycloak as central SSO
Reverse proxy	Nginx as TLS terminator with Let’s Encrypt
Firewall / VPN	OPNsense for VPN access and filtering
Monitoring	Zabbix or Grafana/Prometheus

This setup is not trivial — but well manageable for a competent IT team. Migration is typically planned over 6–9 months. It replaces M365 functionally to 80–90% — the remaining gaps (see above) need to be consciously accepted or covered hybrid.

Hybrid setups — the pragmatic middle ground

Pure “either/or” is rarely optimal. In SMB consulting we see these hybrid patterns succeed:

Pattern 1: mail on-prem, office in the cloud

• Email via Mailcow / Postfix on-prem (data sovereignty, stable costs)
• Office 365 (just office apps) for Word/Excel/PowerPoint
• Internal file sharing: Nextcloud or TrueNAS SMB
• Rationale: mail is the most stable self-hosting element, office apps are hard to replace

Pattern 2: M365 as default, self-hosting for sensitive material

• M365 for 90% of staff and daily workflows
• Own file server (TrueNAS) for sensitive data classes (HR records, contracts, IP)
• Own mail server only for compliance mailboxes
• Rationale: broad comfort, targeted sovereignty

Pattern 3: self-hosting core, M365 for external collaboration

• Full internal infrastructure self-hosted (Nextcloud, Mailcow, Authentik)
• Small M365 licence island for Teams meetings with customers who only speak Teams
• Rationale: maximum independence without blocking external collaboration

Underestimated risks on both sides

Risks with M365:

• Lock-in: data migration from SharePoint, Teams, Exchange Online is possible but expensive — budget the exit strategy
• Price escalation: subscriptions can rise; see the adjacent example of the VMware Broadcom situation
• Data residency: for German customers under GDPR the EU Data Boundary matters — clarify contractually
• Microsoft availability: M365 outages happen and hit many customers at once; no local failover possible

Risks with self-hosting:

• Personnel dependency: when the “one IT person” leaves, a self-built setup quickly becomes a burden
• Security as a continuous task: every open mail server, every Nextcloud instance is a potential target — updates and monitoring must work
• Reputation and spam topics with mail hosting: IP reputation, SPF/DKIM/DMARC, greylisting — all solvable but operationally demanding (see our mail security article)
• Scaling with employee growth: a setup built for 50 staff does not automatically last for 200

Decision matrix

Situation	Recommendation
5–10 staff, no IT staff	M365
10–30 staff, Microsoft workflows central	M365 or hybrid (file sharing self-hosted)
30–80 staff, IT person available, no dominant Microsoft workflow	Hybrid or full self-hosting
50+ staff, dedicated IT, regulated industry	Self-hosting worth considering
Law firm, healthcare, public-sector supplier	Self-hosting for sensitive data (at least hybrid)
Sales- and service-driven with heavy external Teams collaboration	M365 (or hybrid with M365 as frontend)

DATAZONE recommendation

We advise vendor-neutrally — and recommend M365 for our smaller customers more often than self-hosting vendors would suggest. At the same time, we operate several SMB self-hosting stacks that have been stable for years.

Concrete recommendation: start an honest assessment with three questions:

1. How many employees will you have in 3–5 years? Plan a setup that grows with you.
2. How much IT staffing can you realistically keep long-term? Self-hosting without staff is risky.
3. Which workflows are so critical that a self-hosting outage hits the business? These workflows need redundancy or a cloud anchor.

We help with assessment, design hybrid setups and support migrations both ways — from M365 to self-hosting and vice versa. More under contact.

Related articles

• TrueNAS for SMBs — storage base for self-hosting
• Vaultwarden — self-hosted password manager — example of sensible self-hosting
• Nginx reverse proxy for self-hosting services
• Let’s Encrypt for automated certificates
• Email security with SPF, DKIM, DMARC
• NIS2 for SMBs — compliance impact on the cloud question
• VMware license costs 2026 — parallel cloud-vendor topic