Part 5: Paying too much or too little – Evaluating IT Providers (Value and cost)

Part 5: Evaluating Providers: Getting Value for Your Money

Pricing aside, how do you choose the right Managed IT provider or MSP? Once you have a few proposals or are in discussions, consider these factors to ensure you’re getting a good partner, not just a good price:

1. Reputation and Experience: Do they have a proven track record? Check the company’s online reviews (Google, BBB, etc.) and testimonials. Look at case studies or ask for references from clients in a similar industry or of similar size. How long have they been in business? An established provider likely has more refined processes and stable service.

2. Scope of Services (What’s Included): Make sure you fully understand what you’ll get. Do they cover:

• Unlimited support requests, or is there a cap or extra charge after a certain number of hours?
• On-site visits if needed, or is it all remote unless you pay extra?
• After-hours support / 24×7 emergency response as part of the plan, or only during business hours?
• Security services: Do they include advanced cybersecurity tools (and will they tell you which ones)? Do they have a Security Operations Center (SOC) watching for threats, or is it just basic antivirus?
• Backups: Are they backing up your data/systems? How frequently? How much data is included in the base price?
• Vendor management: Will they liaise with your other tech vendors (Internet provider, software companies) on your behalf? Many MSPs do this as part of their service.
• Hardware and software procurement: Do they assist in purchasing new equipment and software licensing, and is that included or separate?
• Projects: If you need a major upgrade or migration, is that within scope or will it be billed separately? (Many MSP contracts exclude big projects, or give a discounted project rate.)

Essentially, a provider might look inexpensive until you realize half the things you assumed were included are actually add-ons. On the flip side, a more expensive provider might include far more, making them a better value.

3. Transparency and Communication: Good MSPs are transparent about their processes and what tools they use. Some things to think about:

• Do they openly talk about the vendors/technologies they use for security, backups, monitoring? (Beware if it’s all behind a black box – trust is key, and you should know if they are using reputable solutions or not.)
• Will they provide regular reports or reviews of your IT health, ticket metrics, security status, etc.?
• Are they clear about which scenarios would incur extra costs? Get clarity in writing on things like on-site visits, emergency after-hours work, or projects.
• When you ask “Why choose you over others?”, do they give a convincing answer beyond just “we’re cheaper” or “we provide great service”? They should articulate their value proposition (e.g., faster response times, higher client retention, specific expertise, etc.).

4. Team and Support Structure: Inquire about who and how:

• How many technicians do they have and what are their skill levels? A larger team can mean more depth, but even a small team can be efficient if experienced.
• Do they use offshore support or is it all local/in-house? Again, offshore isn’t automatically bad, but you want to know if the person answering the phone at 2 AM is a seasoned engineer locally or a call center operator following a script. The level of expertise on first contact can greatly affect resolution time.
• Do they provide a dedicated account manager or vCIO for strategic guidance? Higher-end MSPs will have regular meetings with you to discuss alignment of IT with your business goals.
• What is their escalation process if you have a critical issue? (How quickly can they bring in senior engineers, etc.)
• Ask about their staff turnover as well; a company that churns through techs might struggle with consistency.

5. Process and Best Practices: A mature MSP follows industry best practices:

• Do they adhere to a framework like ITIL for service management or NIST/CIS controls for security? They don’t have to throw acronyms at you, but they should demonstrate structured processes (for example, having documented Standard Operating Procedures for common tasks, a routine maintenance schedule, etc.).
• How do they handle onboarding of a new client? (This can tell you a lot about their thoroughness — e.g., do they start with an in-depth audit of your systems? Do they document your network?)
• What tools do they use for things like remote monitoring and management, ticketing, etc.? Leading tools in the industry (ConnectWise, Datto, Microsoft, etc.) often indicate they invest in their own operations.
• Do they offer any guarantees or Service Level Agreements (SLAs) on response times or resolution times? And what happens if they miss an SLA?

6. Culture and Fit: Since an IT partner relationship is often long-term and close, consider softer factors:

• Is their communication style and responsiveness meeting your expectations during the sales process? That often reflects how it will be later.
• Do they seem to understand your business and show interest in helping it improve, or are they just pushing a generic solution?
• Are they flexible to tailor services to your needs, or very rigid in what they offer? You want a partner that will meet you where you are.

7. Long-Term Value: Finally, ask about things that indicate long-term partnership value:

• Client Retention: How long do clients typically stay with them? A low churn rate is a good sign (happy customers).
• Growth: Can they support you as you grow? If you plan to double in size or expand to new locations, can they handle that?
• Continuous Improvement: Do they stay up-to-date with technology? For instance, do they discuss new ideas like cloud migration, or improving cybersecurity with new tools, etc., or do they seem stuck in old ways?

Red flags to watch out for include very vague proposals, unwillingness to provide references, no clear answer on what exactly is included, or pressure to sign a long contract quickly without due diligence. Also, if their pricing is high but they can’t clearly explain the added value, that’s a warning sign.

Conclusion: Finding the Right Balance

In the end, what you should pay for managed IT and cybersecurity services comes down to the value provided and the needs of your organization. There’s no one-size-fits-all dollar amount, but there are fair ranges and clear indicators of what’s reasonable.

Key takeaways:

• Understand the Model: Opt for a support model that aligns with your needs and risk tolerance. In most cases, a flat-rate managed service will provide better stability and overall value than a purely hourly break-fix arrangement.
• Know What’s Included: A price is just a number – it’s what’s behind it that matters. Always evaluate quotes in terms of scope, quality of service, and coverage. The cheapest quote might leave you exposed, and the most expensive quote should justify itself with superior service.
• Budget for the Extras: Don’t forget things like compliance, hardware upgrades, or extra projects. Either choose a plan that includes these or plan for them in your IT budget.
• Evaluate the Provider: You’re not just buying a service, you’re hiring a strategic partner. Do your homework on their reputation and make sure they practice what they preach in terms of security and service.
• Think Long-Term: The right IT partner should grow with you, keep your systems robust and secure, and ultimately save you money by preventing problems and driving productivity. That partnership is worth the investment.

By considering all the factors outlined above, you can approach IT services pricing with confidence. When you find a provider that checks all the boxes – transparent, capable, reliable, security-focused, and within your budget – you’ll know your technology (and money) are in good hands.

Learn More:

• Part 1: We compare Break-Fix vs Flat-Rate (Managed) support models and why proactive flat-rate plans often deliver better value.
• Part 2: We break down pricing per device, per user, per location, and per organization (domain), including typical cost ranges and what features influence those prices.
• Part 3: Deeper dive into IT pricing models where we discuss how bundling vs. line-item pricing works, and how contract terms or volume can affect your rates.
• Part 4: We cover the special case of compliance services (e.g. regulatory or security compliance support) – why they can be costly and what they include.
• Part 5: Finally, we provide tips on evaluating IT service providers – what to look for in their reputation, transparency, and service offerings – so you know you’re getting a fair deal for the price.
• Bonus: Is a ball park estimate good enough?