How Much Does IT Support Cost for a Small Business in 2024?

Since this is such a common question — and a critical one to address for small business owners today because technology is fundamental to running day-to-day operations, we decided to write this article and video for three reasons:

1. We wanted an easy way to answer this question and educate business owners, financial controllers, or IT Managers on the most common ways IT and Cybersecurity services are packaged and priced, as well as the pros and cons of each approach.
2. We wanted to bring to light a few "industry secrets" about IT service contracts and SLAs (service level agreements) that most businesses don't think about or know to ask about when evaluating IT service providers that can end up burning you with hidden fees and locking you into a long-term contract when they are unwilling or unable to deliver the quality of service you need.
3. We wanted to educate businesses on how to pick the right IT services company for their specific situation, budget and needs based on the VALUE the company can deliver, not just the cost, high OR low. At the end of the day, if you value the service or product to help your business improve productivity, reduce security risks, and grow more clients, cost is going to be secondary or not the only major deciding factor.

In the end, our purpose is to help you make the most informed decision possible so you can work with someone who can solve your problems and accomplish what you want in a time frame, manner, and budget that is right for you.??

Comparing Apples to Apples:?The Predominant IT Service Models Explained

???? Before you can accurately compare the fees, services, and deliverables of one IT services company to another, you must understand the three predominant service models most companies fit within. Some companies blend all three, while others are strict about offering only one service plan. The three predominant service models are:

1. Time and Materials: We call this a "break-fix" service in the industry. Essentially, you pay an agreed-upon hourly rate for a technician to "fix" your problem when something "breaks." Under this model, you can negotiate a discount based on buying a bank of hours. The scope of work may be to resolve a specific problem (like removing a virus or setting a new computer), or it may encompass a large project like a computer network upgrade or move with a specific result and end date clarified. Some companies will offer staff augmentation and placement under this model as well.
2. Managed IT Services:?This is a model where the IT services company takes the role of your "IT department" and not only installs and supports all the devices and PCs that connect to your server(s) or cloud services but also offers phone and on-site Support, antivirus, security, backup and a host of other services to monitor and maintain the health, speed, performance and security of your computer network.
3. Vendor-Supplied IT Services: Many software companies will offer IT Support for their customers in the form of a help desk or remote support for an additional fee. However, these are typically scaled-back services, limited to troubleshooting their specific application and NOT your entire computer network and all the applications and devices connected to it. If your problem resides outside of their specific software or the server it's hosted on, they can't help you and will often refer you to "your IT department." While buying some basic-level support package with a critical software application you use to run your business is often a good idea, this is not enough to provide the full IT services and support most businesses need to stay up and running. For example, if you have QuickBooks, they can troubleshoot their software if it does not run.

When looking to outsource your IT support, the two service models you will most likely have to choose between are the "break-fix" or "managed IT services" models. Therefore, let's dive into the pros and cons of these two options, as well as the typical fee structure for both.

Managed IT Services Vs. Break-Fix:? Which Is the Better, More Cost-Effective Option??

You've probably heard the famous Benjamin Franklin quote, "An ounce of prevention is worth a pound of cure," or "An ounce of data loss prevention is worth a pound of cure."

We couldn't agree more — and that's why it's our sincere belief that the managed IT approach is, by far, the most cost-effective, smartest option for any business. The only time we would recommend a "time and materials" approach is when you already have a competent IT person or team proactively managing your computer network and simply have a specific IT project to complete that your current in-house IT team doesn't have the time or expertise to implement (such as a network upgrade, installing a backup solution, etc.). Outside of that specific scenario, we do not think the break-fix approach is a good idea for general IT support for one very important, fundamental reason: you'll ultimately end up paying for a pound of "cure" for problems that could have easily been avoided with an "ounce" of prevention.

Why Regular Monitoring and Maintenance Is Critical for Today's Computer Networks

Imagine your computer network as a bustling city. It’s where information flows like traffic, and everything runs smoothly when the roads are well-maintained and monitored. But just like a city, it’s not immune to threats.

Cybercriminals are the digital equivalent of thieves and vandals, always looking for a chance to cause chaos. They’re like crafty foxes, constantly trying to sneak past the city’s defenses, which include antivirus software and email security. They’re after the city’s treasure—financial information, passwords, and more—using them for all sorts of mischief, from theft to creating fake identities for credit card fraud.

But threats don’t just come from outside. Sometimes, they’re homegrown. Disgruntled employees, lost devices, hardware failures, and even accidental deletions can cause as much damage as any cybercriminal. And let’s not forget about natural disasters – they’re like the unpredictable weather that can wreak havoc on our city.

So, how do we keep our city safe and functioning? The answer is simple – managed IT services. They’re not just the city’s maintenance crew, but also the architects, the security guards, and the emergency responders. They work round the clock to prevent problems and keep everything running smoothly. They’re the unsung heroes who ensure that the city is much better off preventing problems than dealing with the aftermath.

In short, our digital city thrives when we’re proactive, not reactive. Let’s not wait for the storm to hit, but appreciate our IT heroes who keep our city secure. Because a stitch in time, indeed, saves nine!

Should You Hire a Full-Time IT Person?

???? In most cases, it is not cost-effective for companies with under 45 employees to hire a full-time IT person, because you can outsource this function of your business far cheaper and with a lot less work. The cost hiring an IT person in-house can vary depending on location, experience, and skill requirements, etc.? The average salary range for a systems administrator in Silicon Valley is usually between $72,800 and $130,443 per year.?

In addition, you need to have someone to supervise the IT person to have quality control and prioritize the needs of the business.

Finally, you need to provide on-going training, network management tools or software (patching, vulnerability scanning, anti-virus, email anti-spam, backup, etc.).? And don't forget to factor the time and cost when the IT person goes on vacation or get sick.

If you truly understand the cost of your TIME and factor in employee productivity, the managed IT services model is considerably less expensive over time than the "break-fix" model or hiring an in-house IT person.

Why "Break-Fix" Works Entirely In The Consultant's Favor, Not Yours

?? ??Under a "break-fix" model, a fundamental conflict of interest exists between your firm and your IT provider. The IT services provider has no incentive to stabilize your computer network or to resolve problems quickly because they are getting paid by the hour; therefore, the risk of unforeseen circumstances, scope creep, learning curve inefficiencies, and outright incompetence are all shifted to YOU, the customer. Essentially, the more problems you have, the more they profit, precisely what you DON'T want.

???? Under this model, the IT consultant can take the liberty of assigning a junior (lower-paid) technician to work on your problem, which may take two to three times as long to resolve an issue that a more senior (and more expensive) technician may have resolved in a fraction of the time. There is no incentive to manage the time of that technician or their efficiency properly, and there is every reason for them to prolong the project and to find MORE problems than solutions. Of course, if they're ethical and want to keep you as a client, they should do everything possible to resolve your issues quickly and efficiently; however, that's akin to putting a German shepherd in charge of watching over the ham sandwiches. Not a good idea.

???? Second, it creates a management problem for you, the customer, who must keep track of their work hours to ensure you aren't getting overbilled. Since you often have no way of really knowing if they've worked the hours they say they have, it creates a situation where you truly need to be able to trust they are being 100% ethical and honest AND tracking THEIR hours properly (not all do).

???? And finally, it makes budgeting for IT projects and expenses a nightmare since they may be zero one month and thousands the next.?

What To Look For in A Managed IT Services Agreement and What You Should Expect to Pay

???? Important! Please note that the following price quotes are industry averages based on a recent IT industry survey conducted of over 750 different IT services firms. We are providing this information to give you a general idea of what most IT services firms charge and to help you understand the VAST DIFFERENCES in service contracts that you must be aware of before signing on the dotted line.?

Please understand that this does NOT reflect our pricing model or approach, which is simply to understand exactly what you want to accomplish FIRST and then customize a solution based on your specific needs, budget and situation.

?

Hourly Break-Fix Fees:?

Most IT companies selling break-fix services charge between $135 and $350 per hour with a one-hour minimum. In most cases, they will give you a discount of 5% to as much as 20% on their hourly rates if you purchase and pay for a block of hours in advance or purchase hardware from them.

???? If they are quoting a project, the fees range widely based on the scope of work outlined. If you are hiring an IT consulting firm for a project, we would suggest you pay close attention the following:

• A very detailed scope of work that specifies what "success" is. Make sure you detail your expectations in performance, workflow, costs, security, access, etc. The more detailed you can be, the better. Detailing your expectations upfront will go a long way in avoiding miscommunications and additional fees later to give you what you REALLY wanted.
• A fixed budget and time frame for completion. Agreeing to this up front aligns both your agenda and the consultant's. Be very wary of loose estimates that allow the consulting firm to bill you for "unforeseen" circumstances. The bottom line is this: it is your IT consulting firm's responsibility to be able to accurately assess your situation and quote a project based on their experience. You should not have to pick up the tab for a consultant underestimating a job or for their inefficiencies. A true professional knows how to take into consideration those contingencies and bill accordingly.

?

Managed IT Services Flat Rate:?

Most managed IT services firms will quote you a MONTHLY rate based on the number of users or devices, and the complexity of your environment they need to maintain, backup, and support. Some businesses must comply with HIPAA, CMMC, California Consumer Privacy Act (CCPA), or Cyber Insurance security measures. ??In Silicon Valley, for businesses with 30 users, that fee is somewhere in the range of $179 to $499 per user per month.? Each business is unique, and the cost can vary depending on the complexity of the environment and risk factors.

Co-Managed IT Services:?

For businesses with an internal IT manager, it makes sense to hire an IT consultant to manage only specific services of your company.? This model is called co-managed IT services. For example, we often work with businesses with an internal staff that handles the basic tasks for setting up desktops or printers or purchasing the hardware, and outsource the management the network security, application support, or specific projects.? The monthly cost can be less if you have an internal IT person working with an outsourced IT provider.

??? If you hire an IT provider and sign up for a managed IT services contract, here are some things that SHOULD be included (make sure you read your contract to validate this):

Managed IT Support Plan

• "Unlimited" remote helpdesk?
• Onsite Support As-Needed
• 24x7x365 network and critical device monitoring
• Computer Update and Patch management
• Automated trouble ticket generation
• Spyware scan and removal on desktops
• Spam protection
• Antivirus monitoring
• Data Backup and Recovery Testing
• Vendor management
• Firewall Management
• Project management
• General Password Policies
• Basic Event Logging of Failed and Successful Access
• Secure Remote Access
• File Storage and Group Sharing
• Business Email and Calendar
• Cloud Workspace with Virtual Desktop and Applications
• Active Directory User and Computer Management or Azure AD ("Entra" Identity Management)
• VoIP Business Phone System
• Asset Tracking and Inventory Management
• Monthly Executive Utilization Reports

?

Advanced Cybersecurity Protection (Add-On)

• Privilege Access Management
• Data Backup for Cloud Applications or Computer Systems
• Advanced Email Threat Protection
• Microsoft 365 Hardening for Email or Cloud Services
• Advanced Enterprise Level Firewall with Cybersecurity
• Endpoint Detection and Response (EDR / NGAV)
• Data Encryption
• Employee Cybersecurity Awareness Training
• IT Security Policies and Procedures
• Dark Web Monitoring and Scanning?
• Web Gateway Security
• Password Management
• Conditional Access Log on
• Mobile Device Management
• Routine Security Assessments
• Quarterly Executive Risk Review
• C-Level Consulting (vCIO, vTCO or CISO)

?

???? The following services may NOT be included and will often be billed separately or add-on. This is not necessarily a "scam" or unethical UNLESS the managed IT services company tries to hide these fees when selling you a service agreement. Make sure you review your contract carefully to know what is and is NOT included!

• Hardware Warranty
• Software licenses such as Microsoft 365 or EDR (Nex-Gen Antivirus)
• Onsite Support
• New Hire Setup and Configuration
• Office Setup or Add/Move/Changes
• Phone System Support
• IT Policies and Procedures
• 24 x 7 Security Operations Center
• Security Expert Team On Standby
• Advanced Cyber Threat Hunting
• Machine-learning algorithms examining end user behavior, flagging irregular activity
• Network Segmentation
• Technology “cyber-sweeps”

???? Warning! Gray areas of "all-inclusive" service agreement. To truly compare the "cost" of one managed IT services contract to another, you need to make sure you fully understand what IS and ISN'T included AND the "SLA" or "service level agreement" you are signing up for. It's VERY easy for one IT services provider to appear far less expensive than another UNTIL you look closely at what you are getting.??

So, how much does my IT services cost?

For a business with 11 employees or more, IT support is a crucial investment to ensure smooth operations and data security. This support includes system maintenance, cybersecurity measures, help desk services, data backup, and software updates.?

As the business owner, founder, controller, or IT manager, allocating a reasonable budget for IT support is essential:

• to prevent downtime,
• protect against cyber threats, and
• ensure the firm’s efficiency and
• success in the digital era.

Neglecting technology support and cybersecurity can lead to potential vulnerabilities and higher costs in the long run. Thus, viewing IT support as a necessary investment is vital for sustaining your firm’s operations effectively and securely.

According to industry experts and research such CompTIA, the IT budget for small and medium-sized businesses can range from 5- 7% of revenue.

Because not all technology environments are the same,? you need to speak to a qualified IT provider or consultant to get an accurate assessment of your business needs to know your IT cost or help you budget.

?

The following questions can guide you to finding a more accurate answer to your IT needs and cost:

• How Many Employees/Contractors Use a computer or mobile device to access your company data and applications?
• Do you have an In-house IT Staff that can provide the basic help desk support??
• How complex is your network environment? (This can a challenging question to answer; it’s not uncommon for a prospect to say that we have a simple IT network, but only for us to find out that the company’s needs are MUCH more complex after an assessment.)
• Do you need onsite and remote support?
• Is your system in the Cloud or On-premise?
• If you have a mobile workforce or employees working from home, do you provide company devices?
• Are your software applications or computer systems (PC, server, firewall, wireless) under the manufacturer's warranty or support plan?
• How many locations do you have?
• Do you need 24/7 or weekend support?
• Do you have compliance requirements such as HIPAA, CMMC, ISO 27001, or Cyber insurance?

A Final Word and Free Risk Assessment Offer to Show You How to Protect Your Data and Customer Information

We hope this guide is helpful in shedding some light on what to look for when hiring a professional firm to outsource your IT support in Silicon Valley. As we stated in the opening of this article, our purpose in providing this information was to help you make an informed decision and avoid getting burned by incompetent or unethical firms luring you in with cheap prices.

?If you need help deciding or have any questions, contact us for a free consultation and see how eSudo can help make technology work seamlessly for your firm.?

Or if you like to discover Weak Points in Your IT Security and Protect Your Business Against Cyber threats, click here to Take a Free Self Security Assessment .