What Your IT Provider Should Be Telling You Every Month
What Your IT Provider Should Be Telling You Every Month
Most IT provider relationships work like this: something breaks, you call, they fix it. Repeat.
That is a reactive arrangement. It is not wrong exactly, but it is not the same as being managed. And if you are paying a monthly retainer for managed IT services, reactive is not what you are paying for.
Here is what proactive IT communication actually looks like, why most providers do not do it consistently, and what you can ask for if yours does not.
The Difference Between Managed and Available
An IT provider who is available takes your calls and responds to tickets. That is a low bar and most providers clear it.
An IT provider who is managing your IT is doing something different. They are paying attention to your setup between incidents. They know what is coming up before it becomes a problem. They tell you things you did not ask about.
The practical difference shows up most clearly in communication. A managed provider talks to you regularly without waiting for you to initiate. An available provider waits for the phone to ring.
What Proactive Communication Looks Like
There is no single format that every provider uses, and there should not be. What matters is that certain categories of information reach you reliably, whether through a monthly email, a call, a dashboard, or a quarterly meeting.
Upcoming renewals and expirations. Your domain, SSL certificates, software licenses, and service subscriptions all have expiration dates. A provider across your account knows what is coming up and tells you with enough notice to act. Not the day before. Sixty days before is better. This should happen automatically, not because you asked.
Changes to your setup. If something in your configuration changed last month, you should know what changed, why, and whether it was intentional. This applies to DNS records, email settings, firewall rules, or anything else that affects how your systems operate. Changes that happen silently are the ones that cause problems later when nobody can remember what was different before.
Security and software updates. If your provider is responsible for keeping your systems current, you should hear from them about what was updated and when. Not a technical log, just a plain-English summary: here is what we patched, here is why it mattered.
Backup status. If backups are part of your managed service, you should be told periodically that they ran successfully and when restoration was last tested. Not "backups are configured." Confirmation that they ran and that restoration works.
Anything they noticed. A good provider spots things that are not urgent but worth your attention. A certificate expiring in 90 days. A plugin that has not been updated in a year. A user account that has not been accessed in six months. These are not crises. They are the kind of thing a provider who is paying attention mentions before they become crises.
Why Most Providers Do Not Do This Consistently
It is not usually negligence. It is incentives.
Break-fix IT providers have no financial incentive to be proactive. Every hour they spend writing a monthly summary is an hour they are not billing for. The business model rewards response, not anticipation.
Managed service providers have a stronger case for proactive communication because the retainer model theoretically rewards preventing problems rather than fixing them. But in practice, when capacity is constrained, client communication is often the first thing to slip. It does not generate an immediate ticket or complaint. The consequences of not doing it are slow and quiet.
The providers who communicate proactively do it because they have built it into their process rather than relying on individual motivation. It is scheduled, templated to some degree, and treated as part of the service rather than optional.
What to Ask For
If your provider is not doing this and you want them to, the most direct approach is to ask for it explicitly rather than waiting to see if it changes.
A useful framing: "I would like to receive a brief monthly update covering anything expiring in the next 90 days, any changes that were made to our setup, and confirmation that backups ran. Can we set that up?"
Most providers will agree to this. Some will do it well. A few will agree and then not do it, which is also useful information about the relationship.
If the response is resistance or vagueness, that tells you something about whether you are getting managed IT or just available IT.
What an Independent Record Gives You
One limitation of relying entirely on your provider for this information is that you are dependent on their account management being accurate. If something changed in your setup and they did not notice, they cannot tell you about it.
An independent monthly snapshot of your external IT configuration gives you a parallel view that does not depend on your provider's attentiveness. You can see whether your DNS records changed, whether your SSL certificate renewed, whether your email security configuration is still what it was last month. Not as a replacement for provider communication, but as a verification layer that runs automatically regardless of what anyone else is tracking.
If your provider tells you nothing changed and your independent record shows something did, that is a conversation worth having.
FAQ
My provider sends me invoices and renewal reminders. Is that enough? Invoices and renewal reminders are administrative communication, not managed IT communication. They tell you what you owe and when your contract renews. They do not tell you anything about the state of your systems. Both are necessary. Only one is proactive IT management.
We have an MSP but I have no idea what they actually do each month. How do I find out? Ask directly. Request a summary of what was done in the last 30 days. If they cannot produce one readily, that is informative. A provider who is actively managing your systems should be able to give you at least a brief account of recent activity without significant effort.
Is it reasonable to ask for written monthly reports? Yes. It is a standard expectation for managed IT contracts. If your agreement does not specify reporting, you can ask for it to be added. Most providers have some version of this they can produce. The quality varies, but the expectation is reasonable.
My IT person is a freelancer, not an MSP. Should I expect the same? Not necessarily at the same level. A solo IT person managing multiple clients has real capacity constraints. But even a freelancer can send a brief monthly note flagging upcoming renewals and anything they noticed. If they are not doing that and it matters to you, ask for it.
ExplainMyIT runs an external scan of your IT configuration every month and keeps a dated record. It checks domain expiration, SSL certificate status, email security configuration, DNS records, and public exposure. If something changes between months you will see it. It is not a replacement for a good IT provider relationship, but it gives you a consistent independent view of your own setup that does not depend on anyone else's reporting cadence.
See what your setup looks like right now or read more about how it works.
Related reading: