Managed IT Services
Your IT department, delivered as a service. Four published tiers, contracted SLAs, and a single founder-owned team that does not change because we got acquired this quarter. Powered by GITD — our AI-augmented delivery platform.
Most MSP Quotes Are Custom Builds
The largest providers in the market today gate their pricing, customize every SOW, and rebrand the firm you signed with two years after the deal. We publish our rate card. We ship four tiers. We deliver one product on one platform.
Pick the Tier. The Tier Is the Quote.
Inclusions are fixed per tier. SOW is a one-page selector, not a custom build. Annual escalator is 3% or CPI, whichever is greater. Default term is 36 months; 12-month terms available at +15%.
Standard
Established firms ready to outsource the IT department
From 50 users
From $5,750/month
- Endpoint management, patching, and EDR deployment
- Helpdesk Mon–Fri 7a–9p CST
- 24/7 environment monitoring
- M365 and Google Workspace administration included
- Vendor management and SLA accountability
- Monthly business review and reporting
Advanced
Security-conscious firms in regulated or high-trust industries
From 50 users
From $8,250/month
- Everything in Standard
- 24/7 GSOC L2 monitoring and response
- XDR with extended detection and response
- Identity and access management hardening
- vCIO Lite — quarterly strategy and roadmap
Premier
Firms running a formal compliance program
From 75 users
From $16,125/month
- Everything in Advanced
- 15-minute P1 response
- vCIO Pro — weekly cadence with KPI dashboard
- Compliance program with monthly review
- Dedicated Customer Success lead
Enterprise
Multi-site, multi-country, complex regulatory footprint
From 250+ users
- Everything in Premier
- Dedicated GSOC pod
- Named vCIO with executive cadence
- On-site presence at HQ
- Quarterly business reviews with leadership
- Custom contracting and procurement
What's Included — and What's Not
We tell you up front what is in the per-user rate, what is pass-through, and what is project work. No surprise line items.
Included in the per-user rate
Service desk & operations
- •Unlimited helpdesk tickets within tier hours
- •On-call after-hours support for P1/P2 incidents
- •Endpoint provisioning, lifecycle, and decommissioning
- •Patch management for Windows, macOS, and third-party apps
Microsoft 365 & Google Workspace administration
- •User lifecycle, license assignment, group and team management
- •Mailbox, Teams, SharePoint, OneDrive, and Drive administration
- •MFA, SSPR, conditional access policy operation within current architecture
- •Monthly tenant hygiene review and license rightsizing
Security & monitoring
- •Endpoint detection and response (EDR) deployment and management
- •24/7 environment monitoring with automated remediation
- •Identity threat monitoring and alerting
- •Quarterly security posture review
Strategy & reporting
- •Monthly business review with measured KPIs
- •Asset and license inventory kept current
- •Documentation maintained in our customer-accessible platform
- •vCIO touchpoints per tier (Lite quarterly, Pro weekly)
Pass-through or scoped separately
- •Endpoint security licenses (CrowdStrike Falcon Pro or equivalent) — billed at MSRP pass-through, or BYOL if you have entitlement
- •Microsoft 365 and Google Workspace licenses — Managed customers consolidate Microsoft licensing through ICS as their CSP
- •Backup licenses (M365 backup, endpoint backup) — pass-through at MSRP
- •Hardware procurement (workstations, servers, networking) — quoted per project
- •Tenant migrations, M&A merges, conditional access redesign, Intune greenfield, Purview rollout, eDiscovery — scoped as fixed-bid projects
- •After-hours non-P1/P2 incidents on Standard and Advanced — billed at advisory rates
Pass-through items are billed at vendor MSRP or your existing license entitlement. Project work is scoped as fixed-bid or T&M against published advisory rates.
Microsoft 365 and Google Workspace day-to-day administration are included in every tier — there is no separate admin retainer for Managed IT customers. Project work and architecture changes are scoped as fixed-bid against our published advisory rate card (provided with proposals).
Both Platforms Supported. Admin Is in the Rate.
Microsoft 365 and Google Workspace day-to-day administration are included in the per-user rate — no separate admin retainer. Project work, tenant migrations, and major architecture changes are scoped separately.
CSP consolidation included
Standard, Advanced, and Premier Managed IT customers consolidate Microsoft 365 licensing through ICS as their Cloud Solution Provider. You get licensing-level support escalation with Microsoft, same-day license adjustments without filing a ticket, and a single invoice for software and services.
Google Workspace, fully managed
ICS is a Google Cloud Partner. Workspace IAM, messaging, mobile management, and security are first-class on every tier — at the same per-user rate. Hybrid M365 + Workspace environments are supported with no premium.
Stack What You Need On Top of the Base Tier
Add-ons are named SKUs with published pricing — not custom line items. Your account team can model the monthly impact in minutes, not weeks.
Email Signature Management
From $3/user/moBranded, compliance-ready email signatures across Microsoft 365 and Google Workspace, centrally managed.
Managed File Fabric
From $20/user/moEgnyte deployment, governance, and ongoing administration for content collaboration and DLP.
Conditional Access Hardening
Fixed-bid projectPolicy redesign and enforcement pack — phishing-resistant MFA, device compliance, legacy auth shutdown.
Information Protection / DLP
Fixed-bid + monthlyMicrosoft Purview or Google DLP rollout, label taxonomy, and ongoing classification operations.
Phishing Simulation & Training
From $4/user/moMonthly campaigns, role-based training assignments, and risk-scored user reporting.
Microsoft 365 + Endpoint Backup
From $5/user/moIndependent backup of Exchange, SharePoint, OneDrive, Teams, and endpoints with restore SLA.
Compliance Program Operation
From $2,500/moSOC 2, HIPAA, or PCI program operation with monthly evidence collection and annual audit support.
On-Site Presence
From $1,500/moScheduled or dedicated on-site analyst hours at your HQ or remote sites.
AI Readiness & Copilot Rollout
Fixed-bid projectMicrosoft 365 Copilot or Gemini for Workspace readiness assessment, governance, and pilot operation.
Pricing is indicative. Exact rate depends on user count, license entitlement, and term. We will publish your add-on totals in the one-page proposal.
Beyond steady-state ops
Every managed services contract — ours and every reputable competitor's — carves out specific categories of work that sit outside the monthly rate. Here is exactly when you will see a separate quote. We disclose this before you sign so it is never a surprise.
New deployments and migrations
Standing up something new, or moving from one platform to another. Defined deliverable, defined start and finish.
Typical examples
- ›Tenant migrations (M365 to M365, Google to M365, or vice versa)
- ›M&A tenant merges and divestitures
- ›Intune greenfield deployment, autopilot rollout, kiosk programs
- ›New office build-outs, network refreshes, firewall replacements
- ›Backup product implementations, SIEM onboarding
How it's priced
Fixed-bid against a written SOW, with milestone billing on multi-month projects.
Major redesigns of an existing platform
Re-architecting something you already run. Steady-state operations stay in MRR — the redesign itself is project work.
Typical examples
- ›Conditional Access policy overhaul or zero-trust redesign
- ›Active Directory to Entra ID consolidation
- ›Network re-segmentation, VLAN cleanup, IP plan rework
- ›Email security gateway swap (e.g., Proofpoint to Defender)
- ›Purview / Information Protection label taxonomy rollout
How it's priced
Fixed-bid against a written SOW. Steady-state operation of the new design returns to MRR after go-live.
Incident response beyond a defined runbook
Confirmed breach, ransomware, business email compromise, insider investigations, or anything that crosses into legal hold or forensics.
Typical examples
- ›Ransomware containment, eradication, and recovery
- ›Business email compromise investigations
- ›Forensic image collection and chain-of-custody work
- ›Sustained P1 after-hours work outside the published SLA window
- ›Data exfiltration assessments
How it's priced
Hourly at published incident-response rates with a documented retainer option. Routine helpdesk and ordinary P1 SLA response stay in MRR.
Hardware, licenses, and third-party services
Anything we buy on your behalf or anything you buy yourself that we operate. Goods are not service fees.
Typical examples
- ›Workstations, servers, switches, firewalls, access points
- ›Microsoft 365 and Google Workspace licenses (CSP)
- ›EDR licenses (CrowdStrike Falcon Pro or equivalent)
- ›Backup, phishing simulation, and DLP product subscriptions
- ›ISP, MPLS, and SD-WAN circuits
How it's priced
Pass-through at vendor MSRP or your existing entitlement (BYOL). No hidden markup on hardware against the per-user rate.
On-site dispatch outside contracted scope
Truck rolls beyond what your tier or add-on includes. Most corporate Managed customers do not need on-site — when you do, it is scheduled and quoted.
Typical examples
- ›Cabling pulls and structured wiring
- ›Hardware refresh tours across multiple sites
- ›After-hours physical equipment swaps
- ›Conference room AV troubleshooting beyond remote support
How it's priced
Quoted as scheduled visits or via the On-Site Presence add-on. No surprise truck-roll fees — we agree on it before we drive.
Compliance audits and assessments
Defined assessments with defined deliverables. Operating a compliance program day-to-day is the Compliance Program add-on; the audits themselves are project work.
Typical examples
- ›SOC 2 Type II readiness assessments
- ›HIPAA risk assessments
- ›PCI ROC support and gap assessments
- ›IT due diligence for M&A buy-side or sell-side
- ›Insurance-driven security control assessments
How it's priced
Fixed-bid against a written SOW. Includes the assessment, the report, and one round of findings remediation guidance.
Industry-standard practice: every reputable managed services contract carves out these categories of work. We disclose ours up front, in writing, before you sign — so the first time you see a separate invoice is never the first time you hear about it. Advisory rate card provided with proposals.
Published, Contracted, Measured
Every tier is backed by the same SLA matrix — written into the agreement, reported on monthly, and enforced.
| Severity | Definition | Standard / Advanced | Premier / Enterprise |
|---|---|---|---|
| P1 — Critical | System down, loss of operations, security incident | 30 minutes | 15 minutes |
| P2 — High | Significant operational impact; could lead to outage or breach | 1 hour | 30 minutes |
| P3 — Moderate | Moderate loss of functionality | 4 hours | 2 hours |
| P4 — Low | Information / behavior notification | 8 hours | 4 hours |
| Service request | Non-incident standard request | 4 hours | 2 hours |
Tickets in "Awaiting Client Response" auto-close after 3 business days across all tiers.
A Predictable First 90 Days
Onboarding is a fixed scope with a fixed fee — one month of MRR. You see the project plan before you sign, not after.
Discovery & access
- •Tenant access, network discovery, asset inventory
- •Risk register, license posture, identity audit
- •Runbook drafting in our documentation platform
- •Onboarding fee billed: 1× monthly recurring revenue
Tooling & baseline
- •Endpoint agents deployed; EDR coverage live
- •Patch policy, MFA posture, and backup posture set to baseline
- •Service desk live; tickets routed through ICS portal
- •First monthly business review and reporting pack
Steady state & first QBR
- •Tier SLA in full effect (no soft launch)
- •vCIO touchpoint cadence locked
- •Documentation 100% complete and customer-accessible
- •First quarterly business review with executive sponsor
What This Looks Like in Production
Anonymized snapshots from current ICS clients. Logo case studies are released as clients approve them — these outcomes are verified in our reporting platform.
76% of tickets resolved in under 24 hours
60 tickets across the trailing 90 days, 3-hour median resolution. Six months under continuous ICS coverage. M365 admin, backup, and EDR operations all included in the per-user rate — no separate retainers.
Zero P1 incidents in the last 90 days
Steady-state Managed contract since early 2025. All tickets in the period closed inside SLA. The customer pays the published per-user rate plus EDR pass-through — nothing else.
29 tickets in 90 days · mature environment
Low ticket volume is the result, not the goal — a stable identity baseline, hardened endpoints, and a defined change-control process. Compliance Program add-on supports regulator-facing evidence collection.
Why ICS — Different from a PE-Backed MSP
The MSP industry is consolidating. Most of the largest providers you will evaluate are private-equity-backed platforms that have acquired dozens of regional MSPs in the last three years. When you sign with one of those firms, you often inherit a brand change, a playbook change, and a billing system change inside 24 months. We do not work that way.
Founder-owned
We are not part of a private equity rollup. The vCIO who writes your roadmap is the same vCIO running your QBR three years from now.
Single brand, single playbook
Every client is delivered on the same platform with the same team structure. No acquired sub-brands, no inherited toolchains, no rebrand churn.
Published rate card
Our pricing, SLAs, and inclusions are on this page. You will not be quoted differently than the next buyer.
Measured monthly
Response times, ticket volumes, and resolution metrics are reported every month. The agreement and the dashboard match.
Managed IT — Frequently Asked Questions
Do you include endpoint security (EDR) licenses in the per-user rate?+
No. EDR is a required component of the service, but the license is billed as a pass-through at vendor MSRP — typically CrowdStrike Falcon Pro or an equivalent business-grade EDR. We deploy, tune, and operate it as part of every tier. If you already have entitlement (BYOL), we can use yours and skip the license line item.
Are Microsoft 365 and Google Workspace administration charged separately?+
No. Day-to-day M365 and Google Workspace administration — user lifecycle, license assignment, mailbox and Teams and SharePoint admin, MFA support, conditional access operation within the current architecture — is included in the per-user tier rate. Project work like tenant migrations, M&A merges, conditional access redesign, Intune greenfield, or Purview rollout is scoped separately as fixed-bid.
Do I have to switch to ICS as my Microsoft Cloud Solution Provider (CSP)?+
Yes, on Managed IT (Standard, Advanced, Premier) we consolidate Microsoft licensing through ICS as your CSP. This gives us licensing-level support escalation with Microsoft, single-pane invoicing, and same-day license adjustments without your team filing a ticket. On Co-Managed IT it is recommended but not required — we will work with your existing reseller.
Do you support Google Workspace as well as Microsoft 365?+
Yes. ICS is a Google Cloud Partner. Google Workspace administration, IAM, mobile management, and security operations are first-class on every Managed IT tier. Many of our hospitality and creative clients run Google Workspace as their primary platform; corporate clients often run a hybrid posture.
Is the 50-user floor strict?+
Yes for Standard and Advanced. Premier requires 75 users. Enterprise targets 250+. The floors exist because below ~50 users our delivery model carries margin we are not willing to underwrite — and because smaller environments are better served by our per-project advisory and Microsoft 365 Management offerings rather than a full Managed IT contract.
How is hardware procurement handled?+
Hardware (workstations, servers, networking, AV) is quoted per project at our negotiated distributor rates. We do not mark up hardware against the per-user rate. If you have an existing procurement source, we will receive, image, and deploy your hardware under our standard build process at advisory rates.
What if I already have a CSP relationship I want to keep?+
On Managed IT we require CSP consolidation through ICS. On Co-Managed IT we keep your existing reseller. If your existing CSP relationship is contractual and unbreakable, the Co-Managed line is the right fit. We will document the boundary in the SOW so there is no ambiguity about who handles licensing.
How does onboarding work and how long does it take?+
Onboarding is a fixed-fee project at one month of MRR. The standard plan is 90 days: 30-day discovery and access, 30-day tooling and baseline, 30-day steady state and first QBR. You see the full project plan in the proposal — not after you sign. SLAs are in full effect at day 61, not soft-launched.
When will I see fees on top of my monthly per-user rate?+
Six categories of work sit outside steady-state operations and are quoted separately: (1) new deployments and migrations like tenant migrations or Intune greenfield, (2) major redesigns of an existing platform like a Conditional Access overhaul, (3) incident response beyond a defined runbook — ransomware, BEC, forensics, (4) hardware and license pass-throughs at vendor MSRP, (5) on-site dispatch outside contracted scope, and (6) compliance audits and assessments. We disclose all six in writing before you sign and quote each one as fixed-bid against published advisory rates. This is industry standard — every reputable MSP carves out the same buckets, and the ones that say they don't are usually quietly absorbing them into the next renewal price increase.
Ready to See the Rate Card?
Tell us how many users you have and which tier fits. We will send a one-page proposal — not a 40-page custom SOW.