Category Archives: Managed IT Services

ACS
Posted on By Author Robbie Garner Categories Managed IT Services

What to Expect in Your First 90 Days With a New MSP

The short answer: Switching managed IT providers is a transition, not a flip of a switch. In a well-run 90-day onboarding, week one is discovery and documentation, month one is security tool deployment and access handover, month two is stabilization and learning your environment, and month three is a performance review against the commitments made at signing. Expect some bumps in weeks 2 to 4 — that’s normal. Equipment shouldn’t be replaced for the first 90 days unless absolutely necessary.

If you’ve signed with a new MSP, you’ve already done the hard part: picking the right partner. The next 90 days is about the partner earning the trust you’ve given them. Here’s what should happen, when, and what to watch for.

Why 90 Days Matters

An MSP transition isn’t like a software subscription. The new team is inheriting an environment they didn’t build, documentation that may not exist, and a user base that’s used to calling whoever they’ve always called. Rushing past discovery, swapping tools out the gate, or replacing hardware before anyone understands the environment is how good transitions go sideways.

A 90-day window gives the incoming MSP time to actually learn your business, establish baselines, and earn the right to recommend changes — instead of making changes they can’t defend yet. Done right, by day 91 you have a provider that understands your operation better than the one they replaced.

Week One: Discovery and Documentation

The first week isn’t about fixing anything. It’s about understanding everything.

What should be happening:

  • Kickoff meeting** with your leadership and any internal IT staff to confirm priorities, pain points, and the handful of things that absolutely cannot break during transition
  • Environment discovery** — mapping your network, servers, workstations, cloud services, line-of-business applications, vendors, and existing security tools
  • Credential handover** — domain admin, firewall, O365/Google Workspace, backup systems, VPN, anything mission-critical
  • Stakeholder interviews** — a few short conversations with people in different roles so the MSP hears what “slow” and “broken” actually means to your team
  • Ticketing and communication channels set up** — email addresses, phone lines, portal access, so your team knows exactly how to reach the new support team

What you should feel: A lot of questions, a lot of note-taking, not a lot of action. That’s correct. If your new MSP is making major changes in week one, they’re moving too fast.

Common friction: Credentials nobody has. Old admin accounts belonging to people who left. Documentation that doesn’t exist. Budget a few hours of your time to help track these down — it’s painful once, and then it’s done forever.

Month One: Tool Deployment and Baseline

Weeks 2 through 4 are where the new provider’s management layer goes in.

What should be happening:

  • Remote monitoring and management (RMM) agents** deployed to every managed endpoint so the MSP can see health, patch status, and alerts in real time
  • Endpoint detection and response (EDR) / antivirus** replaced or layered onto the existing tool — without disabling what’s currently protecting you until the new tool is verified active
  • Email and identity security** — MFA enforcement, phishing protection, DNS filtering, reviewed and brought up to modern standards
  • Backup verification** — confirming that what you think is backing up actually is, and that a restore works
  • Patch management cycle** established with a documented maintenance window
  • User training** if MFA or new tools are being introduced, so your team isn’t blindsided

What you should feel: Some short, scheduled interruptions as agents install and reboots happen. A noticeable increase in security prompts (MFA especially) for a week or two while users adjust. Tickets starting to route through the new team’s system.

Commitment from a responsible MSP: No equipment replacement in the first 90 days unless something is genuinely failing. The incoming team doesn’t yet know your environment well enough to recommend hardware changes. Any MSP pushing replacement in month one is either over-selling or under-assessing.

Common friction: One or two applications will have compatibility quirks with the new security tools. Expect 1-3 days of tuning. This is normal and doesn’t mean the transition is failing.

Month Two: Stabilization and Institutional Knowledge

By week 5 or 6, the new infrastructure is in place. Month two is about learning your environment deeply enough to support it without constantly asking you questions.

What should be happening:

  • Ticket patterns reviewed** — which users call most, which applications cause the most tickets, where the hidden complexity is
  • Documentation written** — the runbooks, vendor contact lists, system diagrams, and recovery procedures that didn’t exist before
  • Vendor coordination** — line-of-business software vendors, phone/internet providers, and facility vendors all know who the new IT partner is
  • Baseline reporting** — uptime, security posture, patch compliance, ticket volume, all being tracked so there’s data to point to at the 90-day review
  • First proactive recommendations** — the MSP should start surfacing small improvements they’ve noticed. Small. The big stuff comes at the 90-day review

What you should feel: Things getting quieter. Fewer surprises. Tickets resolving faster because the team knows your environment. Your internal point person spending less time on IT coordination than they did in month one.

Common friction: This is when inherited problems surface — a weak backup that’s been weak for years, a firewall rule nobody understood, a legacy server on borrowed time. A good MSP flags these with a recommendation and a priority level, not a panic.

Month Three: The 90-Day Review

At the end of 90 days, the new MSP should sit down with you — ideally in person — and have a structured review.

What should be on the agenda:

  • Against the commitments made at signing** — did the MSP deliver what they said they would, on the timeline they promised? If not, why?
  • Security posture snapshot** — what was the baseline on day one, what is it now, what’s still open
  • Ticket metrics** — volume, response time, resolution time, trends over the 90 days
  • Documentation deliverables** — what’s been written down, where it lives, what’s left to finish
  • Your team’s experience** — what’s better, what’s worse, what’s the same
  • Strategic roadmap** — the MSP’s recommendations for the next 12 months, prioritized by impact and cost
  • Adjustments to the agreement** if anything isn’t working

This is the checkpoint where you decide if the fit is right. At ACS, the 90-day review isn’t a contract renewal — it’s an honest conversation about performance. Renew by performance, not penalty.

What You Should Commit to As the Client

A good transition requires both sides. Here’s what your new MSP is counting on from you:

  • One empowered point of contact** on your side for the first 90 days. Someone who can make decisions, not just pass messages.
  • Timely feedback.** If something’s off, tell the MSP in week two, not week twelve. Small course corrections are easy. Silent resentment is not.
  • Your team uses the new ticketing system.** Phone calls and hallway asks in week one are fine. By week four, everyone should be using the new intake channel.
  • Reasonable access to your environment.** If the MSP is being blocked from doing their job because nobody can find a password, the transition stalls.
  • Willingness to accept recommendations.** The MSP can’t protect you from risks you won’t let them address.

What Good and Bad Look Like at Day 91

    Good transitions look like this at day 91:

    1. Every user has a clear way to get support and uses it
    2. Monitoring is in place and someone is actively responding to alerts
    3. MFA is on for every account that matters
    4. Backups work and a test restore has been completed
    5. You have written documentation of how your environment is configured
    6. The MSP can answer questions about your environment without calling you

    Bad transitions look like this at day 91:

    1. Your team still calls the old provider or a random technician for help
    2. Tools from the old MSP are still installed and competing with the new tools
    3. Nobody has tested a backup restore
    4. Tickets are piling up and resolution time is getting worse, not better
    5. Recommendations from the MSP feel like upsells, not improvements

    If your 90-day review matches the bad list, that’s important information. A good MSP will acknowledge it. A bad one will blame you.

    A Realistic Expectation

    Transitions are bumpy in weeks 2 to 4. That’s normal. What matters is whether the bumps are getting smaller and whether the MSP is communicating through them. By week 6, things should feel calmer than before you switched. By day 91, they should feel significantly better.

    If you’re in month one of an MSP transition right now and something feels off, the right move is to say so out loud — to them and to us if you’d like a second opinion. Schedule a conversation and we’ll walk you through what good looks like at your specific stage.

    Posted on By Author Robbie Garner Categories Managed IT Services

    Reasons Managed IT Might Not Be Right for Your Business

    The short answer: Managed IT works well for most small and mid-size businesses, but not all of them. If you’re very small with minimal technology needs, have zero compliance requirements, run a simple setup that rarely breaks, or you’re unwilling to follow the security recommendations that come with a managed agreement — a month-to-month break/fix relationship or a light support plan is probably a better fit. We’d rather tell you that than sell you a contract you’ll resent in six months.

    Most IT companies will take any business that walks through the door. We’ve made a different call. Our job is to match you with the right level of support, even when that means pointing you somewhere else. Here’s when managed IT doesn’t make sense, and what to do instead.

    Why an MSP Would Ever Say “No”

    Managed IT is a commitment on both sides. You pay a predictable monthly fee. We commit to proactively monitor, patch, secure, and support your environment, and we’re accountable for outcomes. That model works when there’s enough complexity, risk, or opportunity cost in your business that ongoing management pays for itself.

    When those conditions aren’t there, a managed agreement becomes expensive insurance you’ll never cash in. You’ll feel it on the invoice, and we’ll feel it when you cancel. Neither of us wants that.

    Scenarios Where Managed IT Is Probably Overkill

    1. You’re a Very Small Team With Simple Needs

    If you’re a 1 to 3 person company running laptops, a few cloud apps, and maybe a printer — and technology rarely causes you problems — a managed contract is heavier than what you need. You don’t have servers, you don’t have a shared network anyone’s depending on, and your biggest tech decision this year is which Zoom plan to pay for.

    For companies at that size, a break/fix relationship with a trusted local technician or a light-touch support plan usually makes more sense. Call when you need help. Pay for the hour. Move on.

    Signs this is you: No server. No internal file share. Fewer than 5 users. You can’t remember the last time a computer problem actually cost you a workday.

    2. You Have Zero Compliance or Regulatory Requirements

    A big chunk of the value of managed IT is security posture and documentation. If you’re in a regulated industry — healthcare (HIPAA), defense contracting (CMMC), finance (FINRA or PCI), legal (client confidentiality) — you need continuous oversight, documented controls, and someone on the hook for audits.

    If none of that applies to you, and your data is limited to basic business communications and files you wouldn’t mind losing if something went sideways, you have more room to operate with lighter security. We’d still recommend some baseline protection, but it doesn’t need to be managed 24/7 by an outside team.

    Signs this is you: No regulated data. No client contract clauses about how you protect information. No cyber-insurance policy with real security requirements.

    3. Your Setup Almost Never Breaks

    Some small businesses have genuinely stable environments. A couple of workstations, well-chosen cloud software, no custom systems, no legacy hardware. Things just work, and they have for years.

    If you’re in that category and you don’t anticipate growth or new technology needs in the next 12 months, a managed contract is paying for a problem you don’t have. A scheduled check-in once or twice a year — or an hourly call when something comes up — covers it.

    Signs this is you: You haven’t had an unplanned IT issue in the last 12 months. Your software is all cloud-based. You’re not planning any meaningful changes.

    4. You’re Not Willing to Follow Security Recommendations

    This one is blunt but important. Managed IT isn’t just tools we install. Our Cybersecurity Solutions page gives you an overview of the tools we use. It’s a partnership that only works if you’ll act on what we surface. That includes enabling multi-factor authentication, approving patches during maintenance windows, replacing end-of-life hardware on a reasonable timeline, and not disabling the security software we deploy because it asked you for a password once.

    If you want someone to keep the lights on without any changes to how you operate — no new policies, no MFA, no training for your team — you’re looking for a maintenance contract, not a managed services agreement. We’re not the right fit, and we’ll say so on the first call.

    Signs this is you: You’ve already told us you won’t do MFA. You want antivirus and nothing else. You’ve pushed back on a recommendation before you’ve heard the reason.

    5. You’re Fully Covered by Your Software Vendors

    Some businesses run almost entirely on one or two vertical applications — a property management platform, a medical EHR, a construction-specific ERP. When the vendor handles hosting, security, and support for the core system, and the rest of your environment is a handful of laptops, your IT surface is small.

    In those cases, your vendor’s support contract may cover 90% of what you’d call IT for. Adding a full managed agreement on top can mean paying for services you’ll rarely use.

    Signs this is you: A single SaaS platform runs your business. Your vendor handles the heavy lifting. You’d mostly be paying us to manage laptops.

    When Managed IT *Is* the Right Call

    Most businesses we talk to don’t fit the above. If any of these apply, a managed agreement is usually the better financial decision:

    • You have 5 or more employees relying on shared technology daily
    • An outage or data loss would cost you real money or reputation
    • You’re subject to any industry regulations or contract security requirements
    • You want to plan for growth and don’t have internal IT to guide that
    • Your current reactive setup has left you with slow response, surprise bills, or lingering issues

    If you recognize yourself in that list, managed IT services will pay for themselves. If you don’t, keep reading.

    What We Actually Do When It’s Not a Fit

    If we hear enough during a discovery call to think managed IT isn’t right for you, one of three things happens:

    1. We recommend a break/fix shop or independent technician we trust locally, and we’ll tell you who. We’d rather you get good support from someone else than mediocre coverage from us.

    2. We quote a one-time project — security assessment, cloud migration, email setup — without asking you to sign a managed agreement. Some businesses need a cleanup, not ongoing support.

    3. We suggest a lighter-touch path, like a security review or monitoring-only package, to cover the baseline without the full cost of managed services.

    None of these options include trying to convince you that you need something you don’t.

    A Couple of Real Examples

    A long-time Wilmington small business called us recently to talk about their security posture. After walking through their environment, we put together a one-time cleanup project and recommended a security suite they could install and manage themselves. A full managed services agreement would have priced them out of the value they’d get. They solved the problem they actually had, we didn’t sign a contract that wasn’t a fit, and the relationship stayed healthy.

    A local nonprofit reached out for a cabling project in a new office. As their director walked us through the scope, it became clear a couple of other local providers could execute that specific job more efficiently than we could. We referred them to a local break/fix company who finished the work on time and within their budget. We didn’t earn revenue on the project — we earned a referral partner who now sends us the work we’re actually the right fit for.

    Both of those calls ended without a signed agreement. Neither felt like a loss.

    How to Decide Without Calling Us

    If you want a quick self-check before you reach out, these three questions usually settle it:

    If your primary computer died tomorrow, how long before your business felt it? 

    Under an hour means you need active management. A few days means you probably don’t.

    Are you responsible for protecting someone else’s data – patients, clients, employees, regulated records ?

    If yes, you need managed security whether you want it or not.

    Do you actively want to do the things a good security posture requires — MFA, patching, training, policy?

    If no, you don’t want managed IT. You want maintenance.

    If you answered honestly and you’re still not sure, that’s worth a 20-minute conversation. We’ll be straight with you about whether you need us. Schedule a discovery call and we’ll figure it out together.

    The Bottom Line

    Managed IT makes sense when your technology is complex enough, risky enough, or central enough to your business that ongoing management pays for itself. It doesn’t make sense when your setup is small, simple, and low-risk — or when you’re not willing to change how you work to get the value of the service.

    We’d rather have the honest conversation now than write you into an agreement that doesn’t fit. If we’re not the right call for your business, we’ll say so and point you somewhere better.

    1 2