If you've ever gotten a quote from a managed IT provider and walked away more confused than when you started, you're not alone. "Managed IT" means different things to different companies, and contracts can be written in ways that make it genuinely hard to understand what you're actually buying.
This article breaks down what a typical managed IT contract covers, where the gaps are, and what to ask before you sign anything.
What is a managed IT contract?
A managed IT contract is a flat monthly agreement where a technology provider — called a Managed Service Provider, or MSP — takes responsibility for keeping your technology running. Instead of calling someone when something breaks and paying by the hour, you pay a predictable monthly fee and the MSP handles the ongoing maintenance, monitoring, and support.
The core idea is proactive vs. reactive. A good MSP catches problems before they cause downtime. A break-fix technician shows up after something is already broken.
What's typically included
Remote monitoring and management (RMM)
The MSP installs a lightweight agent on your computers, servers, and network equipment. This lets them see the health of your systems in real time — disk space, CPU load, failed services, unusual network traffic — without being physically on-site. Most problems are caught and resolved before you even notice them.
Patch management
Windows updates, software updates, firmware updates. Left unpatched, these are the most common entry points for ransomware and malware. A managed contract means someone is responsible for keeping everything current on a schedule — not just when it's convenient.
Helpdesk support
This is usually what people think of first. You have a problem, you call or submit a ticket, and someone helps you. The key questions are: what are the hours? (business hours only vs. 24/7), what's the response time?, and is on-site support included or extra?
Antivirus and endpoint security
Most contracts include a managed antivirus or endpoint detection and response (EDR) tool on every covered device. The MSP monitors alerts centrally rather than relying on each employee to notice a pop-up.
Backup monitoring
Many contracts include verifying that your backups are running and completing successfully. Note: this is different from providing backup infrastructure — see exclusions below.
Email and productivity platform support
Configuration, troubleshooting, and user management for Microsoft 365 or Google Workspace is usually included. New user setup, password resets, shared mailbox creation, and similar tasks fall under this.
What's typically NOT included
This is where contracts get tricky. Here are the most common exclusions:
| Item | Why it's usually excluded |
|---|---|
| Hardware replacement | If a hard drive fails or a switch dies, the hardware cost is yours. Labour to swap it may or may not be included. |
| New infrastructure projects | Setting up a new office, migrating to a new server, or rolling out a new phone system is project work — usually quoted separately. |
| Backup storage costs | The MSP monitors backups, but the storage (cloud or physical) is often a separate line item. |
| Software licensing | Microsoft 365 subscriptions, antivirus licenses, and similar costs are typically passed through at cost or invoiced separately. |
| After-hours emergencies | Some contracts cover 9–5 only. After-hours support may be available at an additional rate. |
| Out-of-scope devices | If you add a new server or open a second location mid-contract, that usually needs to be added to the contract separately. |
How pricing works
Most MSPs use one of two pricing models:
Per-user
A flat rate per employee per month. Simple to understand, scales naturally as your team grows. Typical range for SMBs in BC: $89–$169/user/month depending on the service tier.
Per-device
A rate per managed device (workstation, server, network device). Works well if you have lots of devices per user (e.g. a retail environment). Can get complicated to track.
Some providers offer tiered plans — an Essential tier that covers monitoring and helpdesk, a Professional tier that adds security tools and backup, and a Complete tier that includes on-site visits and a faster response SLA.
Questions to ask before signing
- What's the response time SLA, and does it differ by severity? A critical outage should be treated differently than a password reset.
- Is on-site support included, or is it extra? Remote-only contracts are cheaper but leave you stuck for hardware problems.
- What happens if I need to cancel? Look for notice periods, early termination fees, and what happens to your data and configurations.
- Who actually answers the phone? Ask if support goes to a local technician or a shared offshore help desk.
- What's the onboarding process? A legitimate MSP documents your environment thoroughly before taking over. No documentation means no accountability.
- What cybersecurity tools are included? At minimum: managed antivirus, MFA support, and patch management. Better contracts include EDR and dark web monitoring.
- How are after-hours emergencies handled? Even if it costs extra, there should be a process.
Is it actually worth it?
For most small businesses, yes — with the right provider. The math is straightforward: an employee earning $25/hour who spends two hours a week dealing with IT issues costs you $2,600/year in lost productivity before you've paid a single tech bill. Add one ransomware incident or a day of downtime and the numbers get much worse.
The real question isn't whether managed IT is worth it — it's whether the specific contract you're looking at is priced fairly and covers what your business actually needs.
Start with an assessment. Any reputable MSP will assess your environment before quoting. If they won't, that tells you something.
SecureDeer offers free site assessments for small businesses in Langley and across the Fraser Valley. Book one here — no obligation, no pressure.