Is your IT actually protecting you? Find out in 7 questions →
← All Articles IT Basics 6 min read

What Does an MSP Actually Do? (And What Should You Expect to Pay?)

The term "managed IT services" means something specific. Here's what's included, what's not, and how to know if yours is delivering.

MSP stands for Managed Service Provider. The term gets used so broadly that it can mean almost anything — from a one-person IT consultant who fixes things when they break, to a team of 50 engineers managing your entire technology stack proactively 24/7.

That difference matters enormously for what you're actually protected against. Here's what a legitimate MSP should be doing for you every month — and how to check whether yours is doing it.

The key word is "managed"

Managed means your IT is being monitored, maintained, and optimized continuously — not just fixed when it breaks. If your IT provider only shows up when something goes wrong, you don't have a managed service provider. You have a break-fix provider.

This is a critical distinction: break-fix companies profit from your problems. Every outage, every failure, every emergency call is revenue for them. MSPs profit from preventing problems — their model only works when your systems run smoothly. The incentive structure is completely different.

What a full-service MSP agreement should include

  • Help desk support — users can call or submit tickets for issues; response times are defined in writing by severity level
  • Patch management — operating systems, browsers, and third-party software are kept up to date on a defined schedule
  • Endpoint monitoring — all workstations and servers are monitored for performance issues, hardware failures, and security threats
  • Backup management — data is backed up, monitored for failures, and periodically tested for actual recoverability
  • Security tooling — at minimum: antivirus or EDR, email filtering, and MFA enforcement across all users
  • Vendor management — your MSP coordinates with your internet provider, software vendors, and other third parties on your behalf
  • Strategic guidance — at least annually, a review of your IT roadmap, upcoming risks, and budget planning

What's usually NOT included (and sold as add-ons)

Watch for these common exclusions buried in MSP contracts:

  • Advanced security: SIEM, SOC monitoring, dark web monitoring, penetration testing
  • Hardware procurement and physical installation
  • Major software migrations (new ERP, cloud migration, M&A integration)
  • After-hours or on-site support above a specified threshold
  • New user onboarding and offboarding beyond a certain monthly limit
  • Application support for line-of-business software

None of these exclusions are inherently wrong — but you need to know about them before you sign, not when the first add-on invoice arrives.

How MSP pricing actually works in 2026

Most MSPs price on a per-user, per-month basis. The range for small businesses is roughly $80–$200/user/month depending on the security stack included and the complexity of your environment. A 20-person business should expect to pay $1,600–$4,000/month for a full-service agreement.

The lower end typically means limited security tooling, business-hours-only support, and minimal proactive work. The higher end includes advanced security, 24/7 NOC monitoring, and a dedicated account manager. See our full managed IT pricing guide for a detailed breakdown by model.

The real test: how they handle a crisis

The true measure of an MSP isn't the sales call or the first smooth month — it's what happens when something goes seriously wrong. When ransomware hits, when a critical server fails at 2am, when email goes down on a Monday morning: How fast do they respond? Do they have a defined communication plan? Do they own the problem or point fingers at vendors and hardware?

Ask any MSP you're evaluating: "Tell me about the worst incident one of your clients experienced in the last two years. What happened, how did you respond, and what did you change afterward?" How they answer tells you far more than any slide deck.

How to tell if your current MSP is actually delivering

Start with the IT Sanity Check below. It takes 3 minutes and covers the areas where MSPs most commonly underdeliver — response time, security coverage, backup integrity, and system documentation. You'll come away with an honest score and know exactly where to push for improvement.

Is your MSP actually managing, or just billing?

The IT Sanity Check takes 3 minutes. You'll find out exactly where your IT is solid and where you're exposed.

Take the IT Sanity Check →