Straight answers, no sales fog.

We have three packages, all priced per user per month. Baseline is £55/user — managed IT, helpdesk and device care bundled. Plus is £70/user — adds Compliance Protect (ISO 27001 / Cyber Essentials-aligned). Complete is £85/user — adds 24/7 SOC and advanced email protection. Servers, where needed, are £95/server/month on top. There's a one-off Compliance Protect setup of £850 if you take Plus or above. See the full pricing breakdown.

We've tried it; it doesn't work. Per-ticket pricing punishes the client for asking for help, which means people stop reporting small issues until they become big ones. Our flat per-user model means we're aligned with you wanting fewer tickets, not more. We'd rather be paid to keep IT working than be paid to fix it after it breaks.

No — Baseline is a single package for a reason, and we explain why in a dedicated blog post. The user-side and device-side layers diagnose problems together, so unbundling them leaves us guessing when something goes wrong. The only exception is fully cloud-native clients with no traditional endpoints, which we handle with a different agreement shape.

12 months on the standard agreement, with rolling 30-day renewal after that. We don't lock anyone into 3- or 5-year deals — if the relationship isn't working, we'd rather you tell us at month 13 than be stuck for another four years. Around 90% of our clients renew.

Standard onboarding is included in the contract. Where there's heavier project work needed up front — migrating from on-prem, fixing inherited mess, sorting out an old tenant — we'll quote that separately as a one-off so you can see what you're paying for. The Compliance Protect tier has an £850 one-off setup that covers the audit, policy work, and Cyber Essentials certification.

We give a small discretionary discount on 24-month commitments and on teams above 30 users. We don't run aggressive headline discounts because we're not trying to win on price — we're trying to win on quality. If you're cost-shopping at the bottom of the market, we're not the right fit and we'll tell you that on the first call.

Monthly direct debit in advance, billed on the 1st. Annual invoicing is available on request for clients who prefer it. Project work is invoiced 50% on start, 50% on completion. We're a UK Ltd company, VAT registered, and our payment terms are 14 days for any invoiced work outside the standard monthly fee.

Standard support is 8am–6pm Monday to Friday, excluding bank holidays. Out-of-hours emergency cover is available as an add-on (£250/month plus £500 per 5-hour block consumed). Our Complete tier includes a 24/7 SOC for security incidents, which means proper round-the-clock cover for the threats that don't wait until Monday morning.

Our target is a 15-minute first response for any ticket logged during business hours, regardless of priority. Resolution times depend on the issue — for context, our average ticket resolution across the client base last quarter was 4.2 hours from open to closed. Critical incidents (whole-business outage, security event) get the team on it within 5 minutes.

Three ways: phone us on 0161 503 3535, send a note via the contact form, or use the small client portal we provide. Most clients ring for anything urgent. We don't insist on a specific channel — whichever is fastest for you is fine for us.

One of the team — Brett, Simon, Ben, or Reece. We don't run a tiered service desk where you talk to a junior triage agent for the first 20 minutes. The person who answers is either already familiar with your stack or sitting two desks from someone who is. That's only possible because we've stayed deliberately small and small-business focused.

Every client account has a primary engineer and a secondary engineer who's already cross-trained on your environment. Our internal documentation system means anyone on the team can pick up a ticket and get up to speed in minutes. We're not a one-engineer-knows-the-client kind of shop.

Yes, for clients within roughly an hour's drive of our Denton office — that covers Greater Manchester, parts of Cheshire, Lancashire and West Yorkshire. Most issues we resolve remotely (it's faster), but on-site is available for hardware failures, new-office setups, and anything that genuinely needs hands on. There's no extra charge for in-area on-site visits.

It's an add-on bolt-on at £250/month, which gives you out-of-hours phone access plus 5 hours of remote engineer time per month. Additional hours are charged at £100/hour. Use cases: weekend office moves, evening go-live deployments, leadership-team support for partners working late. The Complete tier includes 24/7 SOC for security incidents — that's separate from this.

Two to four weeks for a typical 10–30 user client, depending on what we inherit. Week 1 is audit and discovery — we map your stack, find the gaps, and agree the priority list. Week 2 is rolling out our toolset (MDM, EDR, MFA, monitoring) without disrupting your team. Week 3 onwards is fixing the things the audit surfaced. We work in parallel, not sequentially.

Yes, and we've done it dozens of times. We give you a script for what to ask your current provider, we coordinate directly with them on tenant access, DNS handover and licence transfer, and we run a parallel period where both of us have access to your environment so nothing gets missed. The whole process is invisible to your end users.

Almost never. Onboarding to us is mostly background work — installing agents, applying policies, taking over monitoring. The user-facing impact is usually limited to a one-time MFA re-enrolment and a short message-of-the-day saying 'Inology is now your IT.' For more invasive migrations (server to cloud, M365 tenant moves) we plan downtime explicitly and run them on weekends.

We typically wait until you're 60–90 days from the end and start parallel onboarding from there. That way you're not paying two providers at once for long. If you're already locked in for another 18 months and getting poor service, talk to us anyway — we can sometimes help you exit early if the existing provider is in breach.

Identity (Entra ID/AD posture, MFA coverage, conditional access), endpoints (patch level, EDR coverage, encryption), email (DMARC/SPF/DKIM, journaling, retention), files (where data lives, who has access, backup integrity), licences (whether you're paying for the right things), and compliance (Cyber Essentials status, ICO registration, sector-specific standards). You get the audit findings as a written report regardless of whether you sign with us.

We don't do free trials — proper IT support requires actual access to your tenant and devices, which isn't a thing you give to a stranger for two weeks. What we do offer is a free 1-hour audit conversation. You'll come away with a candid read on where your IT stands, even if the conclusion is 'stay where you are, just tighten X and Y.' Genuinely no obligation.

We make leaving easy on purpose — see our 'what good IT looks like' post. Your tenant, domain, DNS, and data all stay in your name. We hand over current documentation, do a 30-day overlap with your new provider, and don't charge exit fees. We've onboarded clients from MSPs that did the opposite — we don't want to be those people.

Every client on our baseline gets MFA enforced with number matching, EDR deployed across all devices, conditional access policies blocking sign-ins from outside the UK by default, automated patching, encrypted backups tested for restore, and 24/7 monitoring of authentication anomalies. The Compliance Protect tier adds INKY email security, ISO 27001 aligned policy templates, and full Cyber Essentials certification.

Yes — we've held Cyber Essentials certification continuously and renew annually. We're also ISO 27001 aligned (working towards full certification) and we hold the NHS Data Security & Protection Toolkit (DSPT) submission for our healthcare clients. Our framework is SecureState, our own UK-government-aligned managed-IT baseline.

Yes — it's included in the Compliance Protect tier (£15/user/month plus £850 one-off setup). We do the technical hardening, fill out the IASME self-assessment, run the pre-check, and shepherd you through the audit. About 90% of our clients pass first time. Renewal each year is covered without additional cost.

Standard tier: we're your incident response team during business hours — contain, investigate, remediate, document. Out-of-hours, you reach our on-call engineer through the emergency line. Complete tier: 24/7 SOC monitoring means we usually detect and contain incidents before you'd have noticed. We also have written breach playbooks for ICO notification, regulator communication, and client notification — agreed in advance, not improvised at midnight.

Yes — both as a data processor for our clients and as a data controller for our own data. We have a written DPA (Data Processing Agreement) we sign with every client, our staff are trained annually, our subprocessors are documented, and we're registered with the ICO. UK GDPR plus the Data Protection Act 2018 are baked into how we operate, not bolted on.

Standard 'tap to approve' MFA is dead — attackers spam push prompts at 2am until someone approves to make the buzzing stop. We use Microsoft's number-matching MFA on every client tenant, which forces users to type a 2-digit code shown on the login screen. Combined with conditional access and our quarterly mock-fatigue training, our client base has dropped from ~18% to under 4% click-through on test prompts. Read the full post.

Microsoft 365 data is stored in Microsoft's UK datacentres by default. Backups go to UK-region storage with sovereignty controls. We don't use any subprocessors outside the UK or EEA without your explicit agreement. Our own internal systems (ticketing, documentation) are also UK-hosted.

Helpdesk for all M365/email/account issues, password resets, MFA recovery, account lockouts, application support (Office, Teams, Edge, browser issues), licence assignment, mailbox management, calendar fixes, OneDrive/SharePoint help, basic training, joiner/leaver provisioning, and policy issues. Essentially everything that lives at the user-and-account layer.

Endpoint management (MDM via Intune), endpoint detection and response (EDR), patch management, encryption enforcement, asset register, hardware inventory, lifecycle planning, and device-side incident response. We don't ship the laptops — that's IT Procurement, separate — but we manage them once they're in your hands.

No — Microsoft 365 licences are paid directly to Microsoft and are separate from our fee. We help you choose the right SKU mix (Business Standard vs Premium vs E3), source them through us if convenient, and manage assignment. Most of our clients run Business Premium because of the security features. Expect £18–£26/user/month for licences depending on the plan.

No — hardware is procurement, which we do separately. We can source laptops, monitors, networking gear, and accessories at sensible margins, build them to your spec, ship them ready-to-go, and handle the warranty when something breaks. There's no markup game — we charge a small flat handling fee per device and you see the supplier price.

Project work sits outside the monthly fee and is quoted up front. Examples: M365 tenant migration (typically £2,500–£8,000), file-server-to-SharePoint move, new office network setup, on-prem decommission, mass laptop refresh. You see the scope, the day rate, and the fixed price before signing. No surprise invoices.

We support the operating environment they run on, troubleshoot issues with the user/device/network layers, and liaise with the LOB vendor when the issue is theirs. For specific apps — Sage, Xero, Clio, LEAP, SystmOne, Sage 200, etc — we have working knowledge of common configurations. For deep customisation we'll involve the vendor's support directly. We're transparent about what we can and can't take ownership of.

Hardware purchase costs, Microsoft licence costs, line-of-business app licence costs, third-party software (anything outside the Microsoft stack and our security tools), out-of-hours work without the bolt-on, project work above the standard scope, and anything explicitly excluded in your specific agreement. We list exclusions clearly in the contract — we don't bury them.

Four areas where we have the deepest experience: legal firms, accountancy practices, healthcare and care providers, and manufacturing and distribution. Full sector breakdown here. The technical baseline is identical across sectors — what changes is which compliance standard we map to, which line-of-business apps we know well, and which seasonal rhythms we plan around.

Yes. SRA Code of Conduct rule 6 (confidentiality) is baked into our matter-handling for legal clients. ICAEW practice assurance and ACCA technology standards are part of our annual review for accountancy clients. We can produce evidence packs for these reviews on request — most of our regulated-sector clients ask for one each year.

Yes — we've supported multiple healthcare clients through DSPT submission, including private clinics, dental practices and care providers. The annual submission is included for clients on our healthcare-specific arrangement. We map our existing controls to the DSPT questions and produce the evidence pack alongside you.

Not really. The four sectors are where we go deepest, but the underlying baseline works for any small business. Roughly 40% of our client base is outside the four named sectors — professional services, charities, design firms, small SaaS, recruitment, marketing agencies. If you're a Manchester SMB with 5–50 users, we're probably a fit regardless of sector.

Compliance Protect clients get a sector-aligned monthly report. For legal firms it includes confidentiality controls and access audit. For accountancy it includes January-readiness metrics and backup integrity. Healthcare gets DSPT-aligned KPIs. Manufacturing gets uptime against agreed SLAs and OT/IT separation status. We don't send the same report to every client.

Our office is in Denton, just east of Manchester city centre — Office 11, The Forum, 2 Tameside Business Park, Windmill Lane, M34 3QS. We're 15 minutes from the city centre, 20 minutes from Stockport, 30 minutes from Trafford and Salford.

Greater Manchester (Manchester city centre, Salford, Trafford, Stockport, Tameside, Bury, Bolton, Wigan, Oldham, Rochdale), plus parts of Cheshire (Macclesfield, Wilmslow, Stockport area), Lancashire (Preston, Bury, Blackburn) and West Yorkshire (Huddersfield, Halifax). Anything within roughly an hour's drive of Denton is comfortable for on-site work.

Yes, but with caveats. We have clients in London, Birmingham and Edinburgh that we support remotely with quarterly on-site visits. The relationship works fine but the local-engineer feel doesn't quite translate, so we're upfront that you might prefer a local provider closer to your office. We'd rather lose the deal than overpromise.

No problem — about a third of our clients are multi-site. We typically nominate the largest location as primary, run remote management identically across all sites, and budget on-site visits to outlying locations into the contract. For sites further than our usual radius, we partner with a local hands-and-eyes provider for emergency physical work.

No, not within our normal coverage area. On-site visits in Greater Manchester and the immediate surrounding counties are included in your monthly fee. Unusual requests (out-of-hours installs, weekend office moves, major project work) are scoped separately. We won't surprise you with a travel-time invoice.

Brett Casterton founded the company in 2002 — ex-Forces, Manchester through and through. Simon Ball is our Technical Director and runs the engineering side. Ben Rosenthal is our Senior Engineer, Reece Johnston is our Junior Engineer, and we have a small back-office team for accounts and admin. Meet the team.

Small on purpose. The technical team is currently four engineers, including the technical director. We've grown deliberately rather than aggressively — adding one person every 18–24 months on average — because every new hire has to be someone we'd actually want to put in front of clients. Engineer-to-client ratio is around 1:35, well below the industry norm of 1:50–60.

We're ISO 27001 aligned — meaning our information security management system is built to the ISO 27001 framework, audited internally, and governed by a documented ISMS. Full third-party certification is on the roadmap for 2027. In the meantime, our SecureState framework, Cyber Essentials certification, and ICO registration cover the same controls.

Yes — Microsoft Solutions Partner for Modern Work, awarded in April 2026. Read the announcement. It's the top tier of Microsoft's partner programme, replacing the older Gold/Silver competencies. To qualify we have to meet certified-engineer thresholds, customer-success metrics, and consistent deployment volume across M365.

Of course — pop in. Our office is in Denton (M34 3QS) and we're happy for prospective and existing clients to drop by. Coffee's decent. We also run occasional in-person sessions for the local SMB community — most recently a 'Cyber Essentials in 90 minutes' workshop at The Forum. Sign up here for the next one.

Since 2002 — over twenty years. We've been an MSP since before 'MSP' was the standard industry term. We've supported clients through the move from Exchange on-prem to Exchange Online, the switch from file servers to SharePoint, the rise of mobile-first working, the COVID remote-work pivot, and now the AI/cloud-native era. Twenty-four years of pragmatic IT for small businesses.