Managed IT Services Plans: Essential, Business, and Enterprise
Petronella Technology Group structures managed IT around three core tiers plus compliance-grade add-ons. Each tier maps to a specific business size, risk profile, and IT maturity level. Transparent per-seat pricing, no hidden fees, no surprise invoices.
Managed IT Services: What You Are Actually Buying
Before comparing tiers, it helps to be clear on what managed IT services actually means. The term covers a wide range of services, and what different providers include varies considerably. Here is how Petronella Technology Group defines it and who these plans are built for.
The Core Concept
Managed IT is a subscription model where a provider assumes ongoing responsibility for a defined set of IT functions. Rather than calling a technician when something breaks and paying per incident, you pay a predictable monthly amount and your provider handles monitoring, maintenance, security, and support proactively. Problems are caught before they become outages. Patches are applied on schedule. Helpdesk is there when your team needs it. The goal is fewer fires, not faster firefighting.
Who These Plans Serve
Petronella Technology Group's managed IT tiers are built for small and mid-size businesses in Raleigh, Durham, the Research Triangle, and across North Carolina with roughly 5 to 250 users. Most clients operate in healthcare, professional services, financial services, government contracting, legal, or manufacturing. Common triggers for a first conversation: you just had a security incident, your current IT person left, you are growing fast and IT is a bottleneck, or a contract or audit requires documented security controls.
How to Choose a Tier
Tier selection comes down to three factors: user count, regulatory exposure, and IT complexity. A 10-person professional services firm with no compliance requirements looks different from a 60-person defense subcontractor that needs CMMC Level 2 controls. The comparison table and tier descriptions below walk through the differences concretely. If you are unsure, a 30-minute scope call with our team will give you a clear recommendation with no pressure to purchase.
Pricing Model
We provide transparent per-seat pricing tied to the service matrix. The monthly cost per seat varies by tier and the services included. We do not quote a number without understanding your environment first, because bundling the wrong services in or out has a real cost in either direction. Our commitment is a written proposal within 48 hours of a discovery call, with a clear line-item breakdown and no mandatory bundling of services you do not need. Request a scope call to get a firm quote.
Managed IT Service Plans: Feature Comparison
The table below reflects our standard service matrix. Check marks indicate the service is included in the base tier. "Add-on" means it is available at extra cost. Items marked with a range reflect scope that scales with environment complexity.
| Feature / Service | Essential 5-25 users |
Business 25-100 users |
Enterprise 100-250 users |
Compliance Add-on Any tier |
|---|---|---|---|---|
| 24/7 Infrastructure Monitoring | Included | Included | Included | Included |
| Helpdesk Coverage | Business hours | Extended hours | 24/7 coverage | 24/7 coverage |
| Patch Management (OS + Apps) | Included | Included | Included | Included |
| Endpoint Detection and Response (EDR) | Included | Included | Included | Included |
| Automated Backup and DR | Included | Included | Included | Included |
| Multi-Factor Authentication (MFA) Enforcement | Included | Included | Included | Included |
| Email Security (filtering + anti-phishing) | Included | Included | Included | Included |
| Vendor Management | Light | Included | Included | Included |
| Security Awareness Training | Annual | Quarterly | Quarterly + custom | Role-based (CMMC AT-2/AT-3) |
| SOC / Security Operations Monitoring | - | Add-on | Included | Included |
| vCISO / Strategic Security Hours | - | 2 hrs/mo | 4 hrs/mo | Scoped to project |
| Quarterly Business Reviews (QBR) | - | Included | Included | Included |
| Dedicated Account Manager | - | - | Included | Included |
| IT Roadmap and Budget Planning | - | Annual | Ongoing | Ongoing |
| CMMC Level 2 Readiness Work | - | - | Add-on | Included |
| HIPAA / PCI / SOC 2 Controls Support | - | - | Add-on | Included |
| SLA Response: Critical Issues | 4 hours | 1 hour | 15 minutes | 15 minutes |
| SLA Response: Standard Requests | Next business day | 4 business hours | 2 business hours | 2 business hours |
Understanding Each Managed IT Tier
Each tier is designed around a specific business profile. Read the descriptions below to find the closest match to where you are today. Most clients start one tier lower than they expect and move up after their first year once they see what proactive IT management actually looks like in practice.
Essential Plan
Best fit: 5 to 25 users, low compliance exposure, first managed IT contract
The Essential plan is designed for small businesses that are done with break-fix and want a predictable monthly IT cost. You get the infrastructure monitoring and security baseline that every business needs in 2025, without paying for services that only make sense at higher user counts. Think of it as building a solid floor before adding floors on top.
- 24/7 automated monitoring of servers, workstations, and network devices
- Business hours helpdesk via phone, email, and remote desktop
- Automated OS and application patch management
- Endpoint Detection and Response (EDR) on all managed devices
- Encrypted offsite backup with documented recovery procedures
- MFA enforcement across Microsoft 365 or Google Workspace
- Email security filtering and anti-phishing protection
- Annual security awareness training for all staff
Not included at this tier: SOC monitoring, vCISO hours, QBR cadence, dedicated account manager, compliance framework work. These are available as add-ons or included at higher tiers.
Business Plan
Best fit: 25 to 100 users, growing teams, early compliance needs, multiple locations
The Business plan is where most of our clients land. At this user count, IT complexity has typically outgrown what a single internal person can manage. You have multiple locations or a mix of remote and in-office staff. Vendor relationships have multiplied. Your cyber insurance carrier is asking harder questions at renewal. This tier adds extended helpdesk coverage, quarterly security training, vendor management, and 2 hours of vCISO time per month to help with strategic decisions that require specialized expertise.
- Everything in Essential, plus:
- Extended hours helpdesk (7am to 9pm weekdays, Saturday coverage)
- Quarterly security awareness training with phishing simulations
- Vendor coordination and escalation management
- Quarterly Business Reviews with IT health reporting
- 2 hours per month of vCISO strategic advisory
- Annual IT roadmap and technology budget planning
- SOC monitoring available as add-on at this tier
Enterprise Plan
Best fit: 100 to 250 users, complex infrastructure, dedicated account management, compliance roadmap
At this scale, IT is no longer just support. It is a strategic function that needs dedicated attention and documented governance. The Enterprise tier adds a dedicated account manager who knows your environment deeply, 24/7 helpdesk coverage, full SOC monitoring, 4 hours per month of vCISO time, and an ongoing technology roadmap that connects IT decisions to business outcomes. This tier also serves as the foundation for organizations that need CMMC Level 2, HIPAA, or other compliance framework work alongside day-to-day managed IT.
- Everything in Business, plus:
- 24/7 helpdesk coverage including weekends and holidays
- Dedicated account manager with documented environment knowledge
- Included SOC monitoring with 24/7 threat detection and response
- 4 hours per month of vCISO strategic security advisory
- Ongoing strategic IT roadmap updated quarterly
- Compliance framework work (CMMC, HIPAA, PCI) available as add-on
- 15-minute SLA for critical issues
Compliance-Grade Layer
For organizations subject to CMMC Level 2, HIPAA, PCI DSS, or SOC 2 requirements
Compliance frameworks require documentation, evidence collection, policy maintenance, and control implementation that goes well beyond standard managed IT. The compliance layer adds the structured work needed to achieve and maintain a specific framework. Petronella Technology Group holds CMMC-RP certifications across the entire delivery team, which is unusual for a managed IT provider. Most IT companies outsource compliance work. We deliver it directly. This matters because the person configuring your controls needs to understand why each control exists, not just how to check a box.
- CMMC Level 2 readiness assessment and gap remediation
- Role-based security training mapped to CMMC AT-2 and AT-3 controls
- HIPAA Security Rule risk analysis and policy documentation
- System Security Plan (SSP) development and ongoing maintenance
- Evidence collection and documentation for audit readiness
- Scoped vCISO hours to support pre-assessment preparation
- PCI DSS scoping, network segmentation review, and compensating controls
What Is Always Included vs What Is Optional
Every managed IT engagement with Petronella Technology Group includes a non-negotiable security and operational baseline. Beyond that baseline, services either step up with the tier or are available as discrete add-ons. This clarity matters at renewal time and prevents billing surprises.
Always Included (All Tiers)
- 24/7 automated infrastructure monitoring with alert triage
- Automated patch management for operating systems and core applications
- EDR on all managed endpoints (antivirus alone is not sufficient in 2025)
- Encrypted automated backup with documented and tested recovery procedures
- Multi-factor authentication enforcement across cloud accounts
- Email security filtering with anti-phishing and anti-malware controls
- Helpdesk access with defined SLA response times (hours vary by tier)
- Monthly reporting on incidents, patch status, and backup health
- Documented environment inventory and network diagrams at onboarding
Available as Add-ons (Any Tier)
- 24/7 Security Operations Center (SOC) monitoring (included in Enterprise)
- vCISO hours beyond the tier allocation (billed per engagement)
- Penetration testing (annual or on-demand)
- Dark web monitoring and credential exposure alerting
- Cloud cost optimization review (Azure, AWS, M365)
- CMMC, HIPAA, PCI, or SOC 2 compliance layer (compliance add-on tier)
- On-site support beyond the included remote scope (billed per visit after baseline)
- Hardware procurement, staging, and deployment
- AI and automation consulting for business process improvement
Not Sure Which Plan Fits?
A 30-minute scope call is enough to give you a clear recommendation and a written proposal within 48 hours. No obligation.
How Tier Selection and Onboarding Work
We do not sell tiers off a price sheet. Every engagement starts with a structured discovery process that determines which tier actually fits, what the real monthly cost will be, and what onboarding looks like for your specific environment.
Discovery Call
30 minutes. We cover user count, current IT setup, pain points, compliance obligations, and budget range. You get a preliminary tier recommendation on the call.
Environment Baseline Assessment
Our engineers document your infrastructure, identify gaps in security posture, and confirm the service scope required at your tier. This is a free pre-sales step.
Written Proposal
You receive a line-item proposal within 48 hours. Monthly cost per seat, add-ons, one-time onboarding costs (if any), and contract terms are all written out clearly.
Onboarding (Weeks 1-4)
Monitoring agents deployed, EDR installed, backup configured and tested, MFA enforced, documentation completed, helpdesk team briefed on your environment.
Active Management Begins
Alerts route to our team. Your staff calls or tickets helpdesk directly. Monthly reports start flowing. You stop thinking about IT and start running your business.
Quarterly Reviews
Business tier and above: quarterly sit-down (virtual or in-person) to review incidents, patch compliance, upcoming risks, and technology roadmap alignment.
Contract Terms in Plain English
We believe contract terms should be readable by the business owner, not just their attorney. Here is how our agreements are structured.
Contract Length
We offer both month-to-month and annual agreements. Annual contracts carry a lower effective per-seat rate because we can resource-plan more accurately. Month-to-month provides flexibility for organizations in transition. We will recommend the option that fits your situation, not the one that locks you in longest.
Termination
Month-to-month agreements require 30 days written notice. Annual agreements include a 60-day termination clause after the first six months with documented cause. We do not use punitive early termination fees, but there is an offboarding process fee to cover documentation transfer and credential handoff to ensure your next provider gets a clean environment.
SLAs and Reporting
Service level agreements are written into every contract. Response times vary by issue severity (critical, high, standard) and by tier. Monthly reporting is standard. We track SLA adherence internally and share the data with you. If we miss an SLA, you will know about it before you ask -- that is the culture we have built over 24 years.
Scope Changes
Adding users, locations, or services is handled through a simple amendment process. We do not charge for minor fluctuations in user count (within 10% of contract baseline). Significant scope changes are discussed at QBRs and formalized before they take effect on your invoice.
Hardware and Software
Third-party hardware and software costs (Microsoft 365 licenses, endpoint security tools, backup storage) are passed through at cost or itemized separately. We do not mark up vendor licensing as a hidden revenue stream. You will see exact vendor costs and our service fee as distinct line items in every invoice.
Data and IP
Your data is yours. At contract end, we provide a complete documentation package including network diagrams, credentials (transferred securely), asset inventory, and configuration records. We retain no copies after the handoff is confirmed. Your IT environment should not be held hostage by a service provider transition.
Switching from Your Current IT Provider
Changing IT providers while keeping the business running is a common concern. We have run this transition dozens of times. It is manageable with the right sequencing, and we own the process rather than asking your team to coordinate it.
Overlap Audit
Before anything changes, we document what your current provider manages, where access credentials live, and what the transition dependencies are.
Parallel Onboarding
We install our monitoring and management tools before your existing contract ends. Both providers run in parallel briefly to eliminate any coverage gap.
Clean Cutover
On the agreed cutover date, we assume full responsibility. Credentials are transferred, your old provider's tools are removed, and your team is notified of the new helpdesk contacts.
30-Day Stabilization
The first 30 days after cutover are treated as a stabilization period with heightened monitoring and faster escalation paths while we learn your environment's quirks.
The typical transition from contract signature to full active management is four to six weeks. Organizations with complex infrastructure or active compliance projects may take up to eight weeks. We will give you a realistic timeline during the proposal phase, not a best-case estimate.
What to Look for When Comparing Managed IT Providers
Most managed IT proposals look similar on the surface. The differences that actually matter show up in the contract terms, the depth of the security layer, and the quality of the people who answer when something goes wrong. Here are the questions worth asking any provider you are evaluating.
Ask About Security Depth
Does the base plan include EDR or just antivirus? Is 24/7 monitoring actually staffed or just automated alerting that queues until morning? Is MFA enforcement included or an add-on? Does the provider have cybersecurity credentials, or is the security layer contracted out to a third party they barely know?
Ask About Response Times
What is the SLA for a server that is down at 3am? Is that response time in the contract or just a verbal promise? How is SLA performance tracked and reported? What is the escalation path when a critical issue exceeds the SLA window?
Ask About Compliance Capability
If you are a defense contractor, does the provider hold CMMC-RP certification? If you are in healthcare, do they understand HIPAA's Security Rule versus Privacy Rule distinction? Can they produce a System Security Plan? Compliance work requires specific credentials and experience, not just general IT knowledge.
Ask About Contract Transparency
Are third-party software costs (Microsoft licensing, security tools) itemized separately or bundled into the monthly rate? What happens to your data and documentation if you leave? Is there a clear process for scope changes without invoice surprises? Can you get a reference from a client who has been with them for three or more years?
Petronella Technology Group will answer all of these questions in writing before you sign anything. We think the evaluation process should be as transparent as the contract itself.
Managed IT Services Plans: Common Questions
What is the difference between managed IT services and break-fix support?
Break-fix is reactive: something breaks, you call, you pay for the time to fix it. Managed IT is proactive: a provider monitors your environment continuously, catches problems early, maintains your systems on schedule, and provides helpdesk access for a flat monthly fee. The financial model is fundamentally different, and so is the outcome. Break-fix creates a misaligned incentive where the provider earns more when things go wrong. Managed IT creates alignment where your provider earns more by keeping things running. For more context, see our managed IT vs break-fix comparison.
How is per-seat pricing calculated for managed IT plans?
Per-seat pricing is based on the number of managed devices and users, the tier selected, and any add-on services. The base rate covers the standard service matrix for that tier. Servers, specialty devices (printers, network hardware), and cloud-only users may be counted differently than standard workstation users. We will walk through the seat count methodology during the discovery call so there are no surprises in the proposal. We do not use hidden "per-device" surcharges that inflate the real cost after you sign.
Do you require a long-term contract commitment?
No. We offer month-to-month agreements for organizations that need flexibility, and annual agreements for those who want the lower effective rate. Month-to-month requires 30 days notice to cancel. Annual agreements have a 60-day termination clause after the first six months. We do not require multi-year lock-ins as a condition of doing business. If you are leaving a bad IT relationship and are nervous about commitment, we understand that concern and will work with you on terms that feel appropriate.
What happens if my user count changes during the contract?
Minor fluctuations within 10% of your contract baseline are absorbed without a billing change. If your team grows significantly or you add a new location, we discuss the scope change at the next QBR (or immediately if the change is immediate) and formalize it in a contract amendment before the change hits your invoice. We handle reductions the same way. You will never see an invoice surprise from a user count change you were not aware of.
Is on-site support included in the managed IT plans?
Remote support is included in all tiers. On-site support for Triangle-area clients (Raleigh, Durham, Cary, Chapel Hill, RTP) is available and typically included for issues that genuinely require physical presence, such as hardware failures or network infrastructure work. For extended project work on-site, that time is scoped and billed separately so you are not paying a monthly rate that subsidizes on-site time you never use. We serve clients across North Carolina, and for clients outside the Triangle, we discuss on-site terms during the proposal phase.
We already have an internal IT person. Can we still use managed IT services?
Yes. Co-managed IT is a common arrangement where we handle the infrastructure monitoring, security layer, and helpdesk overflow while your internal person handles the hands-on daily requests and user relationships. This gives your internal IT resource a tier-one support escalation path and specialized backup for security incidents, server work, or compliance projects outside their expertise. See our co-managed IT services page for details on how this arrangement typically works.
How long does onboarding take?
Standard onboarding for the Essential and Business tiers runs two to four weeks from contract signature to full active management. Enterprise tier onboarding, or environments with complex infrastructure or compliance requirements, typically runs four to six weeks. The onboarding timeline is written into your proposal. We do not begin billing until the monitoring and security tools are fully deployed and tested in your environment.
What compliance frameworks does the Petronella Technology Group team support?
Our entire delivery team holds CMMC-RP certification, which is the registered practitioner credential for Cybersecurity Maturity Model Certification (CMMC) Level 2 work. We support HIPAA Security Rule compliance for healthcare organizations, PCI DSS for businesses that handle card data, and SOC 2 for technology companies. For defense contractors navigating CMMC requirements, we provide gap assessments, System Security Plan development, and pre-assessment preparation through our compliance add-on tier. Craig Petronella additionally holds DFE #604180, CCNA, and CWNE credentials.
What industries do your managed IT plans serve?
Petronella Technology Group's managed IT client base includes defense contractors and government subcontractors, healthcare practices and medical groups, financial services and insurance firms, professional services (law, accounting, consulting), manufacturing and engineering firms, and technology companies. See our industry pages for details on how IT and security requirements differ by sector. Most clients in regulated industries end up on our Business tier or above because of the compliance baseline requirements their sector requires.
What is your process for handling a cybersecurity incident?
Incidents are triaged immediately when detected by our monitoring systems or reported by your team. Our incident response process includes containment, evidence preservation, root cause analysis, and remediation -- in that order. For Business tier and above, we coordinate with your cyber insurance carrier if required. For Enterprise tier and compliance add-on clients with active regulatory obligations, we assist with breach notification requirements as part of the incident response scope. We document every incident with a written post-incident report so you have records for insurance, auditors, or leadership review.
Explore Related IT and Security Services
Ready to Talk Through the Right Tier for Your Business?
Petronella Technology Group has served Triangle businesses since 2002. A 30-minute discovery call is all it takes to get a clear recommendation and a written proposal. No obligation, no high-pressure close.
Serving Raleigh, Durham, Cary, Chapel Hill, Research Triangle Park, and businesses across North Carolina.