"Managed IT" is one of the most common phrases in the technology industry. It's also one of the least specific. Two providers can both call themselves a "managed IT" firm and deliver wildly different services at wildly different prices.
This guide breaks down what actually belongs inside a modern managed IT engagement. so you can compare apples to apples, ask better questions, and know exactly what you are paying for.
The seven pillars of managed IT
A complete managed IT program covers seven areas. Missing any of them is not automatically disqualifying. it just needs to be a conscious choice, not a surprise.
1. Help desk & user support
The most visible piece. When staff have a problem, they need a real person who answers, triages, and either resolves the issue or coordinates whoever can.
- Channels: phone, email, and ideally a ticket portal.
- Documented response and resolution targets.
- A named team, not a rotating call center pool.
2. Endpoint management
Every laptop, desktop, and mobile device is a small system that needs updates, protection, and consistent configuration. Endpoint management typically includes:
- Automatic operating-system patching.
- Endpoint protection (modern antivirus / EDR).
- Encryption enforcement and lock-screen policies.
- Remote monitoring and diagnostics.
3. Identity & access management
Modern breaches happen at the identity layer, not the network perimeter. A serious managed IT provider treats accounts as a first-class system:
- Microsoft 365 or Google Workspace administration.
- Multi-factor authentication enforced for every user.
- Documented onboarding and offboarding procedures.
- Regular review of who has access to what.
4. Backup & business continuity
Backups only matter when they work. That means verified restores, not just successful copy jobs.
- Cloud data (Microsoft 365, Google Workspace) backed up to a separate system.
- Critical files and servers backed up on a defined schedule.
- Documented recovery time and recovery point targets.
- Recovery testing on a real cadence. not just when disaster hits.
5. Vendor & platform management
Most organizations rely on dozens of vendors: ISPs, SaaS platforms, phone systems, printers, cloud providers. Someone needs to own the relationship between them.
- A single point of contact when an issue crosses vendors.
- Documentation of accounts, licenses, and renewal dates.
- Escalation paths owned by your provider, not by your staff.
6. Documentation & continuity of knowledge
The dirty secret of most IT relationships is that knowledge lives in one technician's head. A serious managed IT engagement documents:
- Network diagrams and cloud tenants.
- Admin accounts and where they live.
- Standard procedures for onboarding, offboarding, and common changes.
- A recovery runbook for high-impact incidents.
7. Strategy & advisory
Managed IT is operational by nature, but it should still include a regular pulse of strategic conversation. quarterly at minimum:
- Review of risks, incidents, and trends.
- Budget planning for the next 12 months.
- Upcoming projects, renewals, and vendor changes.
If your organization needs deeper leadership than a quarterly review, that's the moment a Fractional CTO engagement belongs alongside managed IT.
What managed IT usually doesn't include
Even a strong managed IT program has natural edges. These are almost always priced separately:
- Large-scale project work (major migrations, office moves, new systems).
- Custom software development.
- Formal compliance audits (HIPAA, SOC 2, PCI). though preparation is fair game.
- Hardware, licenses, and third-party SaaS subscriptions themselves.
- Website development and marketing systems ( separate service).
How F.Y.I. structures a managed IT engagement
F.Y.I. Technologies bundles all seven pillars into a single managed IT relationship, sized to your organization. rather than forcing a rigid package. For the full breakdown, see the Managed IT service page, or start with a strategy call.
Not sure whether managed IT is the right fit yet? Start with Managed IT vs. Break-Fix to see which model your organization actually needs.
