Atlantic Canada IT

Ten Questions to Ask Before Signing With a Managed IT Provider

The questions that separate a real managed IT provider from an invoice with a logo — on backups, response times, offboarding, and ownership — plus the red flags hiding in the answers.

July 10, 2026 5 min read managed ITMSPsmall businessIT supportAtlantic Canada

Most businesses choose a managed IT provider once every five to ten years, usually under pressure, usually by comparing two quotes they cannot quite decode. The provider does this dance every week. That asymmetry is why the questions below matter: each one is easy for a good provider to answer and awkward for a weak one to dodge.

Ask all ten. Write the answers down — you will want them at renewal time.

The questions

1. “When did you last restore one of your clients’ backups — not run one, restore one?” The single most revealing question in IT. Everyone runs backups; the only proof they work is a restore. A good provider has a recent, specific answer and a schedule. A weak one talks about their backup software.

2. “What exactly do we own, and what do we rent through you?” Licences, domains, hardware, the password vault, the documentation itself. You want every answer to be “you own it, we manage it.” Anything owned by the provider is friction the day you leave — and they know it.

3. “If we leave, what does offboarding look like — and is it in the contract?” The confident answer is a process: credentials returned, access revoked, documentation handed over, in writing. A provider who bristles at the question is answering it. (We wrote a whole guide on switching without an outage — the offboarding you should expect is in there.)

4. “What are your actual response times, and what happens when you miss them?” Not the marketing number — the contractual one, by severity, with a remedy. “Best effort” is not a commitment. Neither is a service level agreement with no consequence attached.

5. “Who, specifically, works on our account?” A named human or a small team beats a queue. Ask how many clients that person carries. You are buying attention; find out how thinly it is sliced.

6. “How do you manage our devices — and what happens when an employee leaves?” Listen for enrollment, encryption, and a same-day offboarding process — accounts disabled, device wiped or reassigned. If the answer is “we come by and set up new laptops,” device management is not really being done. (What managed devices actually involve.)

7. “What is in the monthly report, and can we see a real one?” A provider doing the work has artifacts: patch status, incidents, changes, upcoming risks. A redacted sample tells you what you will actually receive. No report means no visibility into whether the retainer does anything.

8. “How is our price structured, and what triggers a change?” Per user, per device, or flat — each is legitimate; what matters is that you can predict the invoice. Ask what is outside the retainer (projects, on-site visits, after-hours) so the first surprise invoice is not your discovery process. (What managed IT actually costs in Canada — ranges and the factors that move them.)

9. “What security baseline do you apply to every client, by default?” Multi-factor everywhere, patched systems, encrypted disks, tested backups, no shared admin passwords — as a floor, not an upsell. A provider who sells security as an add-on tier is telling you what the base tier is missing.

10. “Can we talk to two clients who have been with you for over two years?” References filter for the thing no contract captures: what the provider is like in month eighteen, after the courtship. A confident provider has them ready.

The red flags hiding in the answers

  • They own your credentials “for convenience.” The keys belong to the business. Always.
  • Everything requires an upgrade. If patching, backups, or multi-factor live in the premium tier, the standard tier is negligence with a lower price.
  • No written artifacts. No reports, no documentation, no offboarding process in the contract — you are buying a phone number, not a service.
  • They cannot say no. A provider who has never told a prospect “we are not the right fit” will not tell you an honest no later, either.

Where we stand

We answer these ten in writing, before the work starts — it is part of how we work. If you are comparing providers right now, take the list and use it on everyone, including us: send two paragraphs about your business and we will reply in writing within one business day, with a fit / no-fit answer either way.

— Newsletter

Get the writing by email.

An occasional note from the team — case studies, new free tools, engineering essays. Never daily.

Three fields, no tracking. Privacy policy.