Frequently Asked Questions

  1. How much service time is needed?

Service time is the time necessary for managed IT service companies (MSPs) to resolve issues and maintain your infrastructure. To evaluate your business’ service needs, ask the following questions: 

  • What’s the size of your IT footprint (how many users, workstations, servers, printers, locations, etc.)?

  • What level of support do you need, and what types of support?  (preventative maintenance, full services, or something in-between?  Regular on-site visits (keep in mind 80-90% of IT can be done remotely)? Cybersecurity scans and monitoring?

  • Hours of operation?  If you’re a 24/7 operation, you will need to estimate unexpected downtime and determine if you want that covered inside or outside the contract.  

  • How complex are your IT issues and how often do they occur?  Are most of your issue password resets? Or do have more robust needs such as penetration testing, PCI/HIPAA/CMMC Compliances to maintain?

Service time may be billed hourly or included in a recurring plan. Hourly rates tend to range from $120 to $250. Recurring MSP plans normally go between $50 and $150 per user per month, with infrastructure requirements necessitating additional fees.  This all equates into complexity and the knowledge base the MSP must be able to provide.  Tier 1 technicians don’t cost as much as tier 3 cyber security experts.

2. How many users Does my Business have?

The cost of managed IT services is directly influenced by the number of users. A thorough user count should encompass workstations, mobile devices, and tablets. Allowing employees to use personal devices may incur additional expenses, such as enhanced security protocols and mobile device management services.

Costs per user can drastically vary from $50 to $400, which includes options for one-time payments or recurring monthly fees. Ask the MSP which pricing model is used, per user or per device.  This model can drastically affect what you pay.

3. How many servers does my business have or need?

Similar to how the number of users impacts costs, an increase in servers can significantly raise expenses due to factors like hardware acquisition, space allocation (including necessary planning and renovations), and ongoing maintenance. Servers are critical for businesses that manage data, and the installation of a single server can cost $3,000 or more. Additionally, the number of servers required often depends on the processing and storage demands specific to your industry’s regulations, such as HIPAA compliance.

Many MSPs may offer reduced upfront server costs by spreading expenses over monthly fees i.e. a lease style program, typically ranging from $185 to $500 per month. Be sure to clarify whether your MSP will solely manage your servers or also include data security features like backups and security operations, as these services can further influence pricing.

4. How much data does my business work with?

Data management and backup needs play a significant role in determining overall costs.

Larger volumes of data require additional equipment for storage and processing, as well as specialized expertise to manage both the data and the equipment. Investing in the necessary hardware and technical skills is essential to protecting your company’s network from threats such as hardware failures, cyberattacks, employee mistakes, and natural disasters.

The price for data management ranges from $5 per month for basic cloud storage to $500+ for maintained data storage with backups. Be sure to ask how backups are managed, monitored and the capabilities. 

Not all backup systems are created equal. In fact, very few are truly made for small businesses (10+ employees) and larger.

5. What services & improvements Will I need?

After evaluating the previous factors, identify the specific services you require from an MSP. These may include cloud solutions, IT infrastructure setup, network security, VoIP services, managed print services, mobile device management and more, each of which can add to the overall cost.

Also, consider expenses related to onboarding new employees and implementing technological upgrades to support business growth.  How easy does the MSP make it for on-boarding new staff as you evolve and grow as a company?

6. What should i expect in terms of pricing?

Here are three pricing tiers for managed IT services and what services each tier includes: 

Tier 1

Preventative Maintenance - this generally is a monitoring and alerting service.  While it may include some cybersecurity such as Anti-Virus, End Point Detection and Response or even SOC (Security operations service) or Managed Detection and Response, the response portion will usually be billed hourly at a preset rate.

The hourly rates at this tier typically range between $100 and $350 per hour, depending on your region and the complexity of the work being completed.

Tier 2 

In the mid-to-high range, managed IT services offer proactive monitoring, problem-solving, and prevention.  This usually will have an limited built-in number of hours for troubleshooting issues, assisting users with daily problems, responding to alerts from the infrastructure being monitored.  This may or may not include after hours support into the contracted rate.

Pricing can be based on devices or per user. Per device pricing ranges from $100 to $400 per server, $55 to $100 per workstation, $30 to $75 per firewall, and $15 to $40 per switch. Per user charges vary from $150 to $175 per user based on services included. Ask the MSP about their pricing model.

Tier 3 

This often is an all encompassed approach.  The MSP will manage your infrastructure in whole whether on premise or cloud hosted.  Your monthly fee will generally reflect the range of IT services from CTO/CISO all the way to Support Desk.  It will cover all devices for support and monitoring, and may include after-hours support as part of the package.

Additionally, it may include Cloud infrastructure fees or on-premise device leasing.  Expect this to range from $250-$550 per device/user after all services are averaged. It may even include your own support phone number you can publish internally so your staff feels they are speaking with another company employee, or has the simplicity of just dialing an extension and getting a support person.

7. Anything else I should consider?

Security should always be a top concern. Some services that should be recommended and discussed:

  • End Point Detection and Response (EDR) – required by most cyber insurance policies

  • Anti-phishing andante-spam services with phishing simulation testing and training – required/recommended by cyber insurance policies

  • SOC (Security Operation Center) - a service that monitors your devices beyond EDR looking for activity or evidence of a breach, and alerting staff to the potential for quick remediation – required by some cyber insurance policies

  • MDR (Managed Detection and Response) Automated SOC - required by some cyber insurance policies

  • Firewall management – often required by cyber insurance. Ask what is set up on the firewall and what services are included in it.  Some services to ensure will be configured and managed are:  IDS\IPS (Intrusion Detection\Prevention System), Gateway Anti-virus, Web site reputation scanning, website filtering, and geo IP filtering.  (Geo IP filtering is not as important as it once was, but is still an added security measure we recommend.)

  • Backup and Disaster Recovery is a critical item for both servers and hosted service. Don’t go without it, and make sure it’s great.  Your business will literally hang in the balance of survival if a critical incident occurs. Look for the following items in your checklist:

    • Air Gapped system

    • Different operating system for your primary servers

    • 1 year retention

    • Off site retention and in-transit encryption

    • Ability to virtualize your backed up devices quickly (less than 2 hours, preferably 1 hour or less). This allows you to continue working while the MSP repairs faulty hardware on a server (which may takes days). 

    • Cloud system backup (think email and cloud files as the hosting providers do not backup your files/emails and can’t be held liable for lost data).

    • SLA and Response time. Make sure the MSP has Service Level Agreements built into the contract(s) with minimum response times for critical incidents (total company outage\down), high-level incidents (single server or service outage), intermediate incidents (single user completely down), and low-level incidents (partially impaired work for a single user). 

      • Ensure you are comfortable with the SLA in the contract.  Keep in mind, the faster the requirement of the SLA, the higher the price for services will be.

      • This is critical as it sets the standard into the contract, if the MSP is not fulfilling the standards set, your business has legal grounds to exit the contract, and often without penalty.

      • Ask for recommendations, case studies, and client stories.

      • Just as you would hire a new staff member, interview your MSP.  Why trust your IT to just anyone? You are effectively hiring for an entire department.