What is Managed IT Services? How Much Does IT Support Cost in 2023?
“What is Managed IT Service vs. What is IT outsourcing? How Much Does IT Support Cost Per Hour or Month?”Since these are such common questions, critical ones to address for many buyers, we decided to write this article for three reasons:
- We wanted an easy way to answer this question and educate business owners, financial controllers, or IT Managers on the most common ways IT and Cybersecurity services are packaged and priced, plus the pros and cons of each approach.
- We wanted to bring to light a few “industry secrets” about IT service contracts and SLAs (service level agreements) that most businesses don’t think about or knows to ask about when evaluating IT service providers that can end up burning you with hidden fees and locking you into a long-term contract when they are unwilling or unable to deliver the quality of service you need.
- We wanted to educate businesses on how to pick the right IT services company for their specific situation, budget, and needs based on the VALUE the company can deliver, not just the cost, high OR low. At the end of the day, if you value the service or product to help your business improve productivity, reduce security risks, and grow more clients, cost is going to be secondary or not the only major deciding factor.
In the end, our purpose is to help you make the most informed decision possible so you end up working with someone who helps you solve your problems and accomplish what you want in a time frame, manner, and budget that is right for you.
What is IT Outsourcing (T&M) vs. Managed IT Services?
Before you can accurately compare the fees, services, and deliverables of one IT services company to another, you need to understand the three predominant service models most of these companies fit within. Some companies offer a blend of all three, while others are strict about offering only one service plan. The three predominant service models are:
1. Time and Materials (T&M): In the industry, we call this “break-fix” support or “IT Outsourcing” service. Essentially you pay an agreed-upon hourly rate for a technician to “fix” your problem or solve specific IT tasks when something “breaks.” Under this model, you might be able to negotiate a discount based on buying a block of hours. The scope of work may be simply to resolve a specific problem (like removing a virus or setting a new computer), or it may encompass a large project like a computer network upgrade or cloud migration to Microsoft. Some companies will offer staff augmentation and placement under this model as well.
2. Managed IT Services (MSP): This is a model where the IT services company takes the role of your “IT department” and not only installs and supports all the devices and PCs that connect to your server(s) or cloud services, but also offers phone and on-site support, antivirus, security, backup and a host of other services to monitor and maintain the health, help desk support, and security of your computer network. This service is offered by Managed Service Providers (MSP) and they usually have a team of specialists to keep your IT environment running and secure.
3. Vendor-Supplied IT Services: Many software companies will offer IT Support for their customers in the form of a help desk or remote support for an additional fee. However, these are typically scaled-back services, limited to troubleshooting their specific application and NOT your entire computer network and all the applications and devices connected to it. If your problem resides outside of their specific software or the server it’s hosted on, they can’t help you and will often refer you to “your IT department.” While it’s often a good idea to buy some basic-level support package with a critical software application you use to run your business, this is not enough to provide the full IT services and support most businesses need to stay up and running. For example, if you have QuickBooks, they can provide basic troubleshooting for their software if it does not run.
When looking to outsource your IT support, the two service models you are most likely to end up having to choose between are the “break-fix” or “managed IT services” models. Therefore, let’s dive into the pros and cons of these two options, and then the typical fee structure for both.
Managed IT Services Vs. Break-Fix:
Which Is the Better, More Cost-Effective for You?
You’ve probably heard the famous Benjamin Franklin quote, “An ounce of prevention is worth a pound of cure” or “an ounce of data loss prevention is a worth a pound of cure.”
We couldn’t agree more — and that’s why it’s our sincere belief that the managed IT approach is, by far, the most cost-effective, smartest option for any business. The only time we would recommend a “time and materials” approach is when you already have a competent IT person or team proactively managing your computer network and simply have a specific IT project to complete that your current in-house IT team doesn’t have the time or expertise to implement (such as a network upgrade, installing a backup solution, etc.). Outside of that specific scenario, we do not think the break-fix approach is a good idea for general IT support for one very important, fundamental reason: you’ll ultimately end up paying for a pound of “cure” for problems that could have easily been avoided with an “ounce” of prevention.
Why Regular Monitoring and Maintenance Is Critical for Today's Computer Networks
The fact of the matter is, computer networks absolutely, positively need ongoing maintenance and monitoring to stay secure. The ever-increasing dependency we have on IT systems and the data they hold — not to mention the type of data we’re now saving digitally — has given rise to very smart and sophisticated cybercrime organizations and who work around the clock to do one thing: compromise your networks for illegal activities.
In most cases, their intent is to access financial information and passwords to rob you (or your clients), create fake identities for credit card fraud, etc. In other cases, they may want to use your computer network to send illegal spam, host pirated software, spread viruses, etc. And some do it just for the “fun” of being able to make computer systems inoperable. These criminals work around the clock in teams, constantly finding and inventing new ways to get around your antivirus software and email security; that’s why you have to remain ever vigilant against their attacks.
Of course, this doesn’t even take into consideration other common “disasters” such as rogue employees, lost devices, hardware failures (which are the #1 reason for data loss), accidental deletion (human errors), natural disasters, and a host of other issues that can interrupt or outright destroy your IT infrastructure and the data it holds. Then there’s regulatory compliance for any business hosting or touching credit card or financial information, medical records, and even client contact information such as email addresses.
Preventing these problems and keeping your systems up and running (which is what managed IT services is all about) is a LOT less expensive and damaging to your organization’s reputation than waiting until one of these things happens and then paying for emergency IT services to restore your systems to working order (break-fix).
Should You Just Hire a Full-Time IT Person?
In most cases, it is not cost-effective for companies with under 45 employees to hire a full-time IT person, because you can outsource this function of your business far cheaper and with a lot less work. The cost hiring an IT systems administrator or help desk technicians in-house can vary depending on location, experience, and skill requirements, etc. The average salary range for a systems administrator in Silicon Valley is usually between $72,800 and $130,443 per year, excluding benefits and time off.
In addition, you need to have someone to supervise the IT person to have quality control and prioritize the needs of the business.
Finally, you need to provide on-going training, network management tools or software (patching, vulnerability scanning, anti-virus, email anti-spam, backup, etc.). And don’t forget to factor the time and cost when the IT person goes on vacation or get sick.
If you truly understand the cost of your TIME and factor in employee productivity, the managed IT services model is considerably less expensive over time than the “break-fix” model or hiring an in-house IT person.
Why “Break-Fix” Works Entirely In The Consultant’s Favor, Not Yours
Under a “break-fix” model, there is a fundamental conflict of interest between your firm and your IT provider. The IT services provider has no incentive to stabilize your computer network or to resolve problems quickly because they are getting paid by the hour; therefore, the risk of unforeseen circumstances, scope creep, learning curve inefficiencies, and outright incompetence are all shifted to YOU, the customer. Essentially, the more problems you have, the more they profit, which is precisely what you DON’T want.
Under this model, the IT consultant can take the liberty of assigning a junior (lower-paid) technician to work on your problem which may take two to three times as long to resolve an issue that a more senior (and more expensive) technician may have resolved in a fraction of the time. There is no incentive to properly manage the time of that technician or their efficiency, and there is every reason for them to prolong the project and to find MORE problems than solutions. Of course, if they’re ethical and want to keep you as a client, they should be doing everything possible to resolve your issues quickly and efficiently; however, that’s akin to putting a German shepherd in charge of watching over the ham sandwiches. Not a good idea.
Second, it creates a management problem for you, the customer, who now has to keep track of their work hours to make sure you aren’t getting overbilled. Since you often have no way of really knowing if they’ve worked the hours they say they have, it creates a situation where you truly need to be able to trust they are being 100% ethical and honest AND tracking THEIR hours properly (not all do).
And finally, it makes budgeting for IT projects and expenses a nightmare since they may be zero one month and thousands the next.
What Is Included In A Managed IT Services and What You Should Expect to Pay for Support?
Important! Please note that the following price quotes are industry averages based on a recent IT industry survey conducted of over 750 different IT services firms. We are providing this information to give you a general idea of what most IT services firms charge and to help you understand the VAST DIFFERENCES in service contracts or IT agreement that you must be aware of before signing on the dotted line.
Please understand that this does NOT reflect our pricing model or approach, which is simply to understand exactly what you want to accomplish FIRST and then customize a solution based on your specific needs, budget and situation.
Hourly Break-Fix Fees:
Most IT services companies selling break-fix services charge between $135 and $350 per hour with a one-hour minimum. In most cases, they will give you a discount of 5% to as much as 20% on their hourly rates if you purchase and pay for a block of hours in advance or purchase hardware from them.
If they are quoting a project, the fees range widely based on the scope of work outlined. If you are hiring an IT consulting firm for a project, we would suggest you pay close attention the following:
- A very detailed scope of work that specifies what “success” is. Make sure you detail your expectations in performance, workflow, costs, security, access, etc. The more detailed you can be, the better. Detailing your expectations upfront will go a long way in avoiding miscommunications and additional fees later to give you what you REALLY wanted.
- A fixed budget and time frame for completion. Agreeing to this up front aligns both your agenda and the consultant’s. Be very wary of loose estimates that allow the consulting firm to bill you for “unforeseen” circumstances. The bottom line is this: it is your IT consulting firm’s responsibility to be able to accurately assess your situation and quote a project based on their experience. You should not have to pick up the tab for a consultant underestimating a job or for their inefficiencies. A true professional knows how to take into consideration those contingencies and bill accordingly.
Managed IT Services Flat Rate:
Most managed IT services firms will quote you a MONTHLY rate based on the number of users or devices, and the complexity of your environment they need to maintain, backup and support. Some businesses must comply with HIPAA, CMMC, California Consumer Privacy Act (CCPA), or Cyber Insurance security measures. In Silicon Valley, for businesses with 30 users, that fee is somewhere in the range of $185 to $499 per user per month. Each business is unique, and the cost can vary depending on the complexity of the environment and risk factors.
Co-Managed IT Services:
For businesses with internal IT manager, it makes sense to hire an IT consultant to manage only specific services of your company. This model is called co-managed IT services. For example, we often work with businesses with an internal staff that handles the basic tasks for setting up desktops or printers or purchasing the hardware, and outsource the management the network security, application support, or specific projects. The monthly cost can be less if you have an internal IT person working with an outsourced IT provider.
If you hire an IT provider and sign up for a managed IT services contract, here are some things that SHOULD be included (make sure you read your contract to validate this):
Managed IT Support Agreement Includes:
- “Unlimited” remote helpdesk
- Onsite Support As-Needed
- 24x7x365 network and critical device monitoring
- Computer Update and Patch management
- Automated trouble ticket generation
- Spyware scan & removal on desktops
- Spam protection
- Antivirus monitoring
- Data Backup and Recovery Testing
- Vendor management
- Firewall Management
- Project management
- General Password Policies
- Basic Event Logging of Failed and Successful Access
- Secure Remote Access
- File Storage and Group Sharing
- Business Email and Calendar
- Cloud Workspace with Virtual Desktop and Applications
- Active Directory User and Computer Management or Azure AD (“Entra” Identity Management)
- VoIP Business Phone System
- Asset Tracking and Inventory Management
- Monthly Executive Utilization Reports
Advanced Cybersecurity Protection (Add-On)
- Privilege Access Management
- Data Backup for Cloud Applications or Computer Systems
- Advanced Email Threat Protection
- Microsoft 365 Hardening for Email or Cloud Services
- Advanced Enterprise Level Firewall with Cybersecurity
- Endpoint Detection and Response (EDR / NGAV)
- Data Encryption
- Employee Cybersecurity Awareness Training
- IT Security Policies and Procedures
- Dark Web Monitoring and Scanning
- Web Gateway Security
- Password Management
- Conditional Access Log on
- Mobile Device Management
- Routine Security Assessments
- Quarterly Executive Risk Review
- C-Level Consulting (vCIO, vTCO or CISO)
The following services may NOT be included and will often be billed separately or add-on. This is not necessarily a “scam” or unethical UNLESS the managed IT services company tries to hide these fees when selling you a service agreement. Make sure you review your contract carefully to know what is and is NOT included!
- Hardware Warranty
- Software licenses such as Microsoft 365 or EDR (Nex-Gen Antivirus)
- Onsite Support
- New Hire Setup and Configuration
- Office Setup or Add/Move/Changes
- Phone System Support
- IT Policies and Procedures
- 24 x 7 Security Operations Center
- Security Expert Team On Standby
- Advanced Cyber Threat Hunting
- Machine-learning algorithms examining end user behavior, flagging irregular activity
- Network Segmentation
- Technology “cyber-sweeps”
Warning! Gray areas of “all-inclusive” service agreement. To truly compare the “cost” of one managed IT services contract to another, you need to make sure you fully understand what IS and ISN’T included AND the “SLA” or “service level agreement” you are signing up for. It’s VERY easy for one IT services provider to appear far less expensive than another UNTIL you look closely at what you are getting.
So, how much does my IT services cost?
For a business with 11 employees or more, IT support is a crucial investment to ensure smooth operations and data security. This support includes system maintenance, cybersecurity measures, help desk services, data backup, and software updates.
As the business owner, founder, controller, or IT manager, allocating a reasonable budget for IT support is essential:
- to prevent downtime,
- protect against cyber threats, and
- ensure the firm’s efficiency and
- success in the digital era.
Neglecting technology support and cybersecurity can lead to potential vulnerabilities and higher costs in the long run. Thus, viewing IT support as a necessary investment is vital for sustaining your firm’s operations effectively and securely.
According to industry experts and research such CompTIA, the IT budget for small and medium-sized businesses can range from 5- 7% of revenue.
Because not all technology environments are the same, you need to speak to a qualified IT provider or consultant to get an accurate assessment of your business needs to know your IT cost or help you budget.
The 10 key questions you need to answer in determining your Managed IT Support Cost
A Final Word and Free Risk Assessment Offer to Show You How to Protect Your Data and Customer Information
We hope you have found this guide helpful in shedding some light on what to look for when hiring a professional firm to outsource your IT support in Silicon Valley. As we stated in the opening of this article, our purpose in providing this information was to help you make an informed decision and avoid getting burned by incompetent or unethical firms luring you in with cheap prices.
Frequently Asked Questions
eSudo is a local managed IT & Cybersecurity services (MSP/MSSP) company that helps businesses make technology seamlessly work over the last 22+ years in Silicon Valley. What sets eSudo apart is we focus on security first, and IT support happens to be part of the security services.
Our team of experienced and certified computer engineers understands that no two businesses are alike, that’s why we partner with our clients to develop efficient and cost effective computer networks, cloud solutions, network security, and phone solutions that help you run your business.
As a local Microsoft Partner and Cloud Technology Specialist, eSudo has the knowledge, skills, and commitment to help you implement modern technology solutions that match your exact business needs.
Our goal is to Keep your IT Systems running and data Secure (KISS) so you can focus on running your business safely!
We specialize in working with professional service organizations like law firms, accounting firms (CPAs), and wealth management. However, eSudo have helped other business such as non-profit organizations, manufacturing and other small businesses after we have reviewed their needs and determined if they are good fit for our services.
eSudo is not a traditional IT support company; we focus on security first, and IT support happens to be part of the security services. In the dynamic landscape of network security, a proactive approach is key to safeguarding your business. It’s not a one-time event but an ongoing commitment to keep your systems resilient against evolving threats. With the rise of a mobile workforce and the omnipresence of phishing attempts or social engineering or AI, educating your employees, continuous monitoring and proactive support are vital to prevent data breaches.
If your business is looking for break-fix support or hourly IT services, we may not be for you because we cannot fully manage your risks and more importantly, it creates a trust issue in our relationship. Under a “break-fix” model, there is a fundamental conflict of interest between your business and eSudo.
“Over 97% of American businesses in 2023, operating in a digitally-driven landscape, heavily rely on the Internet for essential functions such as productivity, performance optimization, streamlined communication, bolstered sales, and various other facets of their daily operations. This heightened dependence on digital infrastructure, however, comes with a notable caveat: more than 87% of small businesses are entrusted with customer data that could be potentially compromised in the event of a cyberattack.”
We keep your IT Systems running and data secure with our proven IT Strategy, Managed Security, and Proactive Support & End User Management. Our Strategy focuses on identifying, prioritizing, and recommending the right technology for your organization. Our Managed Security includes data backup, device encryption, zero-trust access management, and policies & procedures. Our Support includes a live phone help desk, 24/7 monitoring, on-site support as needed, employee onboarding, and asset procurement.
Click here to learn more.
You may also want to look at some of these great resources:
- Is Managed IT Services a Good Fit for Law firms or other small businesses?
- Get Peace of Mind with Our Free Cybersecurity Risk Assessment!
- Do You Know What a Data Breach Could Cost You?