How to Change IT Provider Without Losing Control
A practical handover guide covering admin access, ownership, documentation and stabilisation.
Read the guide ->Most providers treat onboarding as a chargeable project and security as a later upsell. We do the opposite. Every new client is brought up to a secure, resilient, Cyber Essentials-ready standard as part of joining — with the cost built into your monthly service, not billed as a shock upfront.
Joining NorthMSP isn’t a slow handover that leaves the risky bits for later. We bring your environment up to a known-good, defensible baseline as part of onboarding — the same foundation every client gets.
Enforced across all users, with legacy authentication blocked — the single biggest reduction in account-takeover risk.
Policy-based access that blocks risky sign-ins without getting in your team’s way.
Your tenant configured to a recognised, defensible standard — then kept from drifting.
EDR on every device and managed patching, so machines are defended and kept current automatically.
Recovery you’ve actually proven, so an incident is recoverable rather than terminal.
Remediation and certification rolled into your service — not left as a someday job, and not billed as a separate project.
A clear, low-disruption path that fixes the foundations and the security in the right order — with no surprise invoices along the way.
We start with a structured review of your infrastructure, Microsoft 365 tenant, security posture, backups and risks. This also scopes exactly what “secure” means for your environment, so nothing is open-ended.
We fix the foundations first — identity, backup, patching, monitoring and documentation — clearing the critical risks that leave you exposed. This is where most of the value lands early.
We bring the environment up to the secure baseline — MFA, conditional access, endpoint protection and a CIS-aligned Microsoft 365 configuration — so you’re defended by design.
We close the remaining gaps and take you through Cyber Essentials — included in your service, giving you something clients, insurers and regulators recognise.
With stable, secure, certified foundations in place, we support the environment long term — monitoring, reviews and senior guidance — and keep the baseline from drifting.
The upfront onboarding fee is the most-hated, most-negotiated line item in our industry. We’ve removed it — not by skipping the work, but by funding the remediation and certification ourselves and recovering the cost gradually through your monthly service. In return, we ask for a minimum term. Certification assumes your in-scope systems can be brought up to standard — if legacy or third-party kit gets in the way, we’ll tell you early rather than spring it on you. That’s the deal, stated plainly.
The baseline you’re brought up to during onboarding is our Secure tier. If you answer to a compliance regime — NHS secure email, payment handling, ISO 27001 or an insurer’s requirements — Assured adds the gap analysis, evidence and accreditation support on top.
Useful context if you are changing provider, reviewing Cyber Essentials or trying to understand what a secure baseline should include.
A practical handover guide covering admin access, ownership, documentation and stabilisation.
Read the guide ->Why certification matters, but the operating standard behind it matters more.
Read the guide ->The identity, admin, app consent and mail controls that sit at the heart of secure onboarding.
Read the guide ->If you’re tired of being quoted a fat onboarding fee to fix problems you didn’t cause, let’s have a straight conversation about joining — what we’d secure first, and how the no-upfront-fee model works for you.