You'll see managed IT priced anywhere from £12 per user per month to £100 or more. Most business owners don't have the technical background to know what they're actually buying at either end of that scale. A polished proposal, a confident sales pitch and a friendly account manager all sound reassuring. None of them tell you whether your Microsoft 365 environment is actually being protected.
The problem isn't the price. The problem is that most SMBs don't know what questions to ask.
We put these questions to our Customer Advisory Board - a group of well-regarded international MSPs with decades of experience across the UK, US and Europe. Their answers shaped everything below.
The first response stopped us in our tracks.
Before anything else, ask your MSP this:
"If one of our Microsoft 365 accounts was compromised right now, how would you know, and what would happen next?"
That single question reveals more than any proposal, slide deck or pricing sheet. A strong answer explains how suspicious activity gets detected, who gets alerted, what happens first, how fast they respond, how they contain the account, and what evidence you get afterwards.
A weak answer usually sounds vague. It leans on raising a ticket, waiting for Microsoft to flag something, or saying "we have MFA enabled" without explaining how anyone knows it is working properly across users, admins, devices, locations and the exceptions that quietly get added over time.
That gap matters because Microsoft 365 is not just email anymore. It holds identities, files, admin access, business communications and often the keys to other systems. If an attacker gets into one account, they can read mail, create forwarding rules, impersonate staff, approve access, reset passwords and move deeper into the business, often quietly, often for weeks.
In an unregulated market, almost anyone can call themselves an MSP. But "managed" means very different things depending on who you ask.
Some fully manage the Microsoft 365 environment. Some partially manage it. Some manage what they know. Some manage what the customer asks them to. And some only find out there is a problem when the customer finds it first.
That is the real distinction, and it is hard for a non technical owner to spot from a slide deck. A proactive provider monitors, investigates, improves and can clearly explain what they do to protect you. A reactive one fixes tickets, keeps the lights on, and assumes Microsoft 365 is secure because the basics were switched on once.
Microsoft 365 security is a deep subject. So if an MSP is doing it properly, there is a good chance they are doing everything else properly too. It is one of the fairest single measures of whether a provider takes the wider service seriously.
This does not mean every low cost MSP is bad or every expensive one is good. Some providers are efficient, well run and genuinely good value, and some businesses have straightforward needs. But how an MSP answers the question above is a reliable signal of which kind you are dealing with.
Once you have a feel for the big one, these are worth working through:
But the first question is the one that matters most.
Because when it comes to Microsoft 365, "managed" should mean more than waiting for a support ticket.
Questions and insights sourced from Overe's Customer Advisory Board, a group of internationally recognised MSPs with experience across the UK, US and Europe.