The SMB
IT Buyer's
Guide

Everything you need to know before signing with an IT provider. How to evaluate, budget for, and buy IT services without getting taken advantage of. Written for business owners, not IT people.

Reading Time
15 minutes
Chapters
6 sections
What's Inside
Table of Contents
Chapter 01
Why Most SMBs Overpay for IT

Most business owners don't have an IT background. That's completely normal. It's exactly what some IT vendors count on. Understanding a few basic concepts will save you thousands of dollars and a lot of frustration.

The average small business spends between 4% and 6% of its annual revenue on technology, but a significant portion of that spend goes to waste. Not because technology is expensive, but because of how IT services are purchased and managed.

The three most common ways businesses overpay for IT:

01

The Break/Fix Trap

Break/fix IT is exactly what it sounds like: you call when something breaks, they come fix it, you pay by the hour. On the surface it seems cost-effective. In practice, it creates a misaligned incentive since your IT vendor only makes money when your systems fail. There's no financial reason for them to prevent problems.

Think About It

Under a managed agreement your IT partner loses money every time something breaks, because they fix it at their own cost. Under break/fix they make money every time something breaks. The incentive structures are opposite.

02

Hidden Costs in Low-Priced Agreements

A managed IT agreement that looks inexpensive on paper often excludes the services you'll actually need most. Common exclusions include on-site visits, hardware procurement, after-hours support, and project work. Always ask specifically about each. The "affordable" option often costs more than a comprehensive agreement would have.

What to Ask

Always ask for a complete list of what is and isn't included in the monthly fee. Request a sample invoice to see what actually gets billed separately.

03

Paying for Expertise You're Not Getting

Many IT firms employ generalists who are competent across common issues but lack deep expertise in specialized areas like cybersecurity, business intelligence, or process automation. When a complex problem arises, they either outsource it (and mark it up) or attempt a fix that creates new problems. Make sure the team you're hiring actually has the expertise they claim.

60%
of SMBs that suffer a cyberattack close within 6 months
$8,000
average cost per hour of IT downtime for businesses with 50–100 employees
88%
of SMB breaches contain ransomware, vs. 39% for large enterprises
Chapter 02
Understanding Your Options

There are three primary models for IT support. Each has a legitimate use case. The right choice depends on the size, complexity, and risk tolerance of your business.

Option 01

In-House IT Staff

Dedicated on-site expertise. For larger organizations with complex environments and dedicated IT staff this makes sense. For most SMBs, it's expensive and creates a single point of failure.

True Annual Cost
~$100K
$65K salary + 30% benefits + $5K recruiting + $3K tools
Best for: Large orgs (250+)
Option 02

Break/Fix Support

You call when something breaks. They fix it. You pay hourly. No ongoing relationship, no proactive monitoring, no accountability. The vendor only makes money when your systems fail.

Monthly Cost
Unpredictable
billed per incident, no ceiling
Best for: 1-10 employees
A Note on Pay-As-You-Go

Pay-as-you-go clients typically receive lower priority response times than clients on managed agreements. When something goes wrong, IT providers will address their managed clients first. If your business depends on fast resolution, a per-user managed agreement is the better choice.

Factor In-House Break/Fix Managed IT
Monthly cost High Variable Fixed Fee
Proactive monitoring Depends on staff None Yes
24/7 availability Rarely Unlikely Available
Expertise Limited to staff skills No guarantee Team of specialists
Scalability Difficult Easy but costly Easy
Best for Large orgs (250+) 1-10 employees Most SMBs
Monthly Cost
In-House
Break/Fix
Managed IT
High
Variable
Fixed Fee
Proactive Monitoring
In-House
Break/Fix
Managed IT
Depends on staff
None
Yes
24/7 Availability
In-House
Break/Fix
Managed IT
Rarely
Unlikely
Available
Expertise
In-House
Break/Fix
Managed IT
Limited to staff skills
No guarantee
Team of specialists
Scalability
In-House
Break/Fix
Managed IT
Difficult
Easy but costly
Easy
Best For
In-House
Break/Fix
Managed IT
Large orgs (250+)
1-10 employees
Most SMBs
Chapter 03
How Managed IT Is Priced

Pricing varies significantly between managed IT providers, not just in amount, but in structure. Understanding how you're being billed protects you from surprises and helps you compare providers fairly.

Most Common
Per-User Pricing

A fixed monthly fee per employee. Typically includes unlimited helpdesk, proactive monitoring, and maintenance for each user's devices and software.

Ask: Does the fee include on-site visits? What is the after-hours policy and rate? Get inclusions and exclusions in writing.

Flexible Option
Block Time

Prepaid hours each month at a discounted rate. Hours may or may not roll over, ask specifically.

Best for: Businesses with some in-house IT capacity that need supplemental support without full managed services overhead.

Pay As You Go
Time & Materials (T&M)

You pay only for what you use, billed hourly. No monthly commitment.

Best for: Businesses with minimal IT needs or strong in-house capabilities that only need occasional outside help.

Defined Scope
Project-Based

A fixed price for a defined scope of work: a server migration, a new office setup, a system implementation.

Payment: Can be paid upfront or spread across the project timeline, depending on the agreement.

The Right Model for You

For most small and mid-sized businesses, per-user pricing is the right choice. You pay one predictable monthly fee per user and everything is covered. No surprise invoices, no hourly billing when something breaks.

The goal is an agreement where you never have to think twice about picking up the phone because you're worried about the bill.

Chapter 04
How to Evaluate a Vendor

Every IT vendor will tell you they're responsive, reliable, and experienced. Here are the 10 questions that cut through the sales pitch and reveal how they actually operate.

  • How many clients have you lost in the last 12 months, and why did they leave?
    A vendor with strong retention knows exactly why clients leave and is willing to say so. That level of self-awareness is a good sign.
  • What do you handle in-house versus what gets outsourced, and who are those partners?
    If your tickets are being routed to a third party you don't know about, that affects response times, accountability, and data security.
  • What's included in the monthly fee, and what gets billed separately?
    The single most important contract question. Ask for a written list of inclusions and exclusions. Then ask for a sample invoice to see what actually appears as a line item.
  • What does your onboarding process look like for a new client?
    Proven onboarding systems give you a clear picture of scope, timeline, and expectations before work begins. A vendor who can walk you through the process step by step has done this enough times to get it right.
  • What's your process for communicating with clients during an active incident?
    How often do they update you, through what channel, and who owns that communication? Radio silence during a crisis is one of the most common complaints about IT vendors.
  • What's your policy when a security incident happens at midnight on a Saturday?
    Gets specific about after-hours response beyond "we're available 24/7." Ask who gets called, what the escalation path looks like, and what your SLA is for critical incidents outside business hours.
  • Walk me through the last major outage one of your clients experienced.
    Good vendors own the timeline, explain what went wrong, and describe exactly what changed in their process afterward.
  • What does your escalation process look like when a tier-1 technician can't solve the problem?
    Tests depth of team. You want a clear answer: who gets called next, how fast, and what happens if that person can't solve it either.
  • What happens if the technician who knows our environment best leaves your company?
    Single points of failure exist inside IT firms too. Ask how they document client environments and how knowledge transfers if someone leaves the company.
  • What would make you fire a client?
    A good IT partner protects both sides of the relationship. They won't take on work that burns their team or sets a client up to be underserved.
Chapter 05
Red Flags to Watch For

Some warning signs are obvious. Others are buried in contracts or revealed only in how a vendor responds to direct questions. Here's what to watch for before you sign.

Walk Away If...

They own your passwords, licenses, or domain

All credentials, licenses, and domain registrations should be in your name. Your vendor is a steward of your assets, not the owner.

No transparency on subcontracting

Ask whether your support will be handled by their employees or contractors, and whether any work will be sent offshore.

Insufficient cybersecurity capabilities

Cybersecurity is a separate discipline from IT support. A vendor with no cybersecurity capabilities is not fully equipped to support a modern business.

No SLAs or performance tracking

If a vendor can't tell you their average response time or show you how they measure their own performance, there's no accountability. You should be able to see the numbers.

They promise everything without asking questions

A vendor who says yes to everything in the first meeting hasn't listened to anything. Good IT partners ask more than they answer early on.

No clear offboarding process

The right partner arms you with documentation, credentials, and everything you need to be set up for success, even if you decide to go somewhere else.

Good Signs to Look For

They ask more than they pitch

In the first meeting they ask more questions about your business than they talk about their services.

They're honest about their limits

They proactively point out things they can't do and refer you elsewhere for those needs.

You get a knowledge base, not just a helpdesk number

Training guides and self-service resources mean your team can solve common problems on their own to reduce tickets and minimize downtime.

They can name clients in your industry

Relevant experience matters. A vendor who has worked with businesses like yours already understands your workflows, risks, and needs.

Flexible pricing, no pressure

They help you choose the right pricing structure for your situation, not the most expensive one.

Chapter 06
Building Your IT Budget

Most business owners either underspend on IT (and pay for it in downtime and security incidents) or overspend without a clear picture of where the money goes. A simple annual IT budget helps with both.

The Five Budget Categories

Category
% of Budget
Managed IT / Support
Helpdesk, monitoring, maintenance
30–40%
Cybersecurity
Separate from IT support — EDR, email security, backup, compliance
20–30%
Hardware Refresh
Workstations, servers, networking
15–20%
Software & Licensing
Microsoft 365, SaaS tools
15–20%
Projects & Improvements
Migrations, new systems, upgrades
10–15%
Hardware Refresh Cycles
Workstations
Laptops and desktops
4–5 yrs
Servers
Physical and virtual
5–7 yrs
Network Equipment
Switches, routers, firewalls
5–8 yrs

Waiting until hardware fails is always more expensive than planned replacement.

Practical Tip

Ask your IT provider for a hardware inventory with purchase dates and expected end-of-life dates. A good managed IT partner maintains this automatically and builds replacement recommendations into your annual budget planning.

Annual Budget Checklist

  • Establish a hardware inventory with purchase dates and planned replacement years
  • Budget 15–20% of IT spend annually for planned hardware refresh
  • Budget for cybersecurity separately from your IT support agreement. It is a distinct service with its own costs.
  • Set aside a project reserve (10–15%) for unplanned but necessary upgrades
  • Review your IT budget annually with your IT partner, not just when something breaks
Sources
Research & Citations

The statistics cited throughout this guide are drawn from the following published research:

  • 60% of SMBs close within 6 months of a cyberattack
    Cybersecurity Ventures, cited by Verizon Business, Preveil (2026), and the National Cyber Security Alliance. Consistent across multiple independent industry reports since 2018.
  • 88% of SMB breaches contain ransomware vs. 39% for large enterprises
    Verizon Data Breach Investigations Report, 2025. Based on analysis of over 22,000 security incidents and 12,000+ confirmed breaches. Available at verizon.com/business/resources/reports/dbir/
  • SMB IT spending at 4–6% of annual revenue
    Gartner IT Key Metrics Data and IT Spending Benchmarks, widely cited across industry research.
  • Benefits costs at 30% of salary
    U.S. Bureau of Labor Statistics, Employer Costs for Employee Compensation, 2024. Available at bls.gov.
  • Hardware refresh lifecycle recommendations
    ITIC 2024 Hourly Cost of Downtime Survey (itic-corp.com). Workstations: 4–5 years. Servers: 5–7 years. Network equipment: 5–8 years.
Ready to Take the Next Step?
Let's Talk About
Your IT Environment

You've done your homework. Now let's see if Techneaux is the right fit for your business. A free 30-minute consultation, no pressure, no pitch, just an honest conversation about your technology and what you actually need.

Book a Free Consultation
No commitment. No sales pressure. Your success is our success.