The Cost of Managed IT Services: A Comprehensive Breakdown

How are Managed IT Services Priced?

The short answer is it depends. There are many variables…

In the IT Services industry, there is a wide range of pricing and programs available under the umbrella of “Managed IT Services”.

Why aren’t IT Services Standardized?

One factor is the operational maturity of the IT Service Provider. Newer businesses are more likely to be figuring out their costs and how to translate that into the packaging and pricing of their services.

Some IT Service businesses are founded by technical people who may lack a formal business background. In any business, it’s vital to understand costs and how to manage them effectively.

Here are some primary factors that impact the cost of providing IT Services:

Labor

A quick search shows service-based businesses should aim for payroll costs between 15-30% of gross revenues. In the IT Service Industry, the average salary is significantly higher. It’s common to see mature businesses at 50% payroll costs relative to gross revenue. When it goes above that for prolonged periods, profitability begins to suffer, which can be the start of major problems for the business.

The more experienced and skilled the employee, the higher the wage. Most companies now offer virtual positions which means Service Providers in smaller markets must compete with large market wages to attract and retain top talent.

Another element of labor costs is how service is delivered. If the service provider is more reactive, they will need to hire MORE employees to deal with the larger number of reactive issues. This drives up labor costs and reduces profitability.

If you’re always in fire-drill mode, employee satisfaction will dip, which can lead to a revolving door of employees. This will add to the Service Providers HR & Recruiting costs which further erode profitability.

Insurance / Liability

You may have noticed that the costs of business insurance, particularly cyber insurance, have skyrocketed, providing you’re even able to obtain coverage.

Consider that the average cost of a single data breach event in 2021 is $4.24 million (source: https://www.ibm.com/security/data-breach) which is up 10% from 2020. The current cost for cyber insurance for Managed IT Service Providers is around $7,000 per $1 million of coverage. Proper insurance coverage can now cost as much as 2-3 FTE’s (full-time employees).

We will leave it to the reader to decide if doing business with a Service Provider that is not insured or deemed uninsurable is a good business decision.

Tools

There are hundreds of tools on the market today that IT Service Providers can choose as part of their “service stack”. It would take dozens of pages to list them all but here are some of the main tools commonly used in the industry:

• PSA: Professional Service Automation – these are the ticketing systems used by MSPs.
• RMM: Remote Monitoring and Management – this tool is used to alert the service provider when something is wrong, assuming it’s been configured properly and allows the service provider to remotely connect to your systems. This tool can be a security risk if it’s not deployed, configured, and secured properly.
• Endpoint Protection: Most people know this as “Anti-Virus”, but it has been replaced by a variety of tools monitor for and prevent security issues. These can consist of:
  • AI-based behavioral monitoring
  • Threat Hunting
  • Detection and Response solutions
  • Application Ringfencing
  • Software firewalls
• Backup and Recovery: Backing up data and systems is NOT the same as IT Continuity. When you have a data backup only, things like recovery time and retention aren’t part of the equation. There’s even a difference between backing up data and backing up an entire system.That doesn’t even consider cloud-based systems like Office 365 where despite Microsoft’s vast array of geo-redundant data centers, they offer no guarantees around data backup or recovery so special tools and services are needed to protect that ecosystem.The general rule of thumb is, the greater the number of systems and data to protect plus the shorter the desired recovery time is, costs increase.
• CX: These tools are designed to improve the customer experience. They can tie into the Service Provider's other tools and some even use artificial intelligence to help reduce wait times and provide real-time status of client issues. They can also help streamline the quoting and ordering processes and even provide end-user training.

People, devices, and locations to be supported

All of these “counts” factor into the cost of providing service to the client as they can consume licensing and require proactive maintenance and reactive service (labor costs) to support them. “HOW” the service is structured and delivered is critical to keeping those labor costs down to a reasonable level.

These are the most common types of service pricing that are available:

Time & Materials / Block Time: Time and Materials (or T&M for short) have been around the longest and in essence, it’s trading dollars for hours of technician time. Most providers have moved away from this model because of the inefficiencies it has coupled with the fact it provides no incentive to keep the client’s environment working and up to date.

In this model, the service provider only gets paid when there are problems. On the client-side people can be reluctant to report issues because there’s a cost in doing so each time. On the provider side, it’s not uncommon to have to charge the client multiple times to fix the same issue. This is due to the fact no root cause analysis is being done, no data points are being collected, and generally, the service provider does not have higher-level technicians due to their cost plus the lack of reliable revenue streams to support the hires.

Typical pricing can range from as low as $50/hr. up to several hundred dollars per hour.

Managed IT Services: This is the standard model most IT Service Providers use, and it is also where you see wide swings in pricing depending on service structure and the operational maturity of the service provider.

Mature providers have a good understanding of their costs, lean heavily towards the proactive end of the spectrum, and structure their fees according to the value they deliver and so they can attract and maintain top levels of talent needed to deliver consistent service.

This assumes a basic level of security is provided in the service offerings. Managed Security Services has evolved to a separate business service/model.

Managed IT Services typically includes:

• Help Desk: This can include remote, onsite, or a combination of both and can be 8x5 or 24x7. An important question to ask if you see 24x7 is whether that is Monitoring Only or actual Live Support. Another question is whether you need to pay for 24x7 Live Support or would some form of emergency support suffice.
• Proactive Alignment: Mature IT Service Providers know this role is critical to controlling their labor costs. Typically, they will assign a dedicated engineer or two to the client’s account and those engineers will become SMEs (Subject Matter Experts) along with performing regular (at least monthly) proactive maintenance and audits of the client’s current technology stack and infrastructure.
• Strategic Guidance: Some providers call this a vCIO (short for Virtual CIO) or Fractional CIO. The purpose of this role is to dedicate a resource to help the client navigate technology planning, decision making, and budgeting. This is usually driven by findings from the proactive team where technology is either out of alignment or no longer serving the business purpose it was originally intended to. Ideally, your advisor will help create a 12–18-month technology roadmap that is reviewed and updated every 90 days to ensure goals are being hit and measured.

Items that are sometimes included in an “All-You-Can-Eat” style of service include:

• Professional Services (Project Work)
• Security Services
• Backup Services
• Licensing such as Office 365

Here are the most popular ways Managed IT Services are priced. Pricing estimates are shown and can vary based on the service provider offering:

• Device-Based Pricing: In this model, the client is charged for each device managed by the Service Provider. Typically, servers are priced higher than regular endpoints (desktops, laptops, etc.). Service providers may undercharge in this model if they don’t factor in labor costs needed to manage and maintain the infrastructure and the people using it.Pricing ranges from $5 - $150 per endpoint and $50 - $1000 per server.
• User-Based (Seat) Pricing: In this model, the client is charged a fixed fee based on the number of users being supported. This is the most common pricing model but also has the widest variance of services included in the seat fee.Pricing can range from $50 to $500 or more per seat.The costs depend on what the Service Provider includes with their service. On the high end, it typically includes some advanced levels of IT Security and/or Compliance along with more frequent scheduled onsite visits and strategy review sessions.

A note about seat pricing for part-time or volunteer employees:

It typically takes the same amount of work to secure and maintain infrastructure and systems being used by a company resource regardless of their number of working hours. There’s a lot that goes into maintaining and securing systems – tools, time, experience, etc. Even something as “simple” as patch management is an involved process. Typically, users (even part-timers) have on average at 3 devices to manage so even if their time footprint is smaller, their support and risk factors remain on par with full-time resources.

• Hybrid Model: In this model, there is a combined approach used where pricing is based both on the number of users and number of devices supported and the pricing can vary within the ranges stated above and is dependent on what is included with the service offering(s). One of the reasons behind a hybrid approach is to establish value around supporting infrastructure and people separately. This can sometimes lead to billing confusion and more complexity around decision making but it also can have benefits around cost certainty for both the client and service provider.

That was a lot of information to cover. Hopefully, this has been educational for you as you make your decision to work with a Managed IT Service Provider.

At the end of the day, the value a business receives from any relationship is ultimately based on getting things done and achieving goals and desired outcomes.