Core IT Services
Managed IT Services Full-stack IT management for Toronto businesses
Co-Managed IT We work alongside your existing internal team
IT Consulting Strategy, roadmap, and technology alignment
Virtual CIO and Fractional CTO Executive IT leadership without the full-time cost
Security and Continuity
Cybersecurity MDR, endpoint protection, and threat response
Managed Detection and Response 24/7 SOC monitoring with active threat response
Dark Web Monitoring Credential leak detection and threat intelligence
Business Continuity Disaster recovery and operational resilience
Cloud Services
Cloud Services AWS, Azure, and cloud infrastructure management
Cloud Migration Seamless migration to cloud infrastructure
Microsoft 365 Management Licensing, security, and full tenant management
Managed Hosting Application hosting on AWS and Azure
Also:
Pricing About Us
Platform Highlight
Powered by MyITFleet
The MSP Platform We Built for Your Business
Most MSPs use generic tools. We built MyITFleet to give you a live dashboard showing exactly what we are doing for you, every minute of every day.
NOC Control Tower Fleet Health SLA Tracking Jamf Pro
Explore the platform
Healthcare and Compliance
Healthcare and Pharma PIPEDA and PHIPA compliant IT for health organizations
Dental Practices Dentrix support, imaging IT, and patient data security
Legal and Law Firms Document security and compliance for legal practices
Professional Services IT for accounting firms, CPA practices, and financial advisors
Technology and Startups
SaaS and Tech Startups Mac fleet management, Jamf Pro, SOC 2 readiness
Mac and Apple Fleet Specialists Jamf Pro, MDM, and Mac-first IT for Toronto startups
Industrial and Operations
Mining and Natural Resources Fleet management, remote site IT, OT security for mining
Supply Chain and Warehousing Warehouse WiFi, manufacturing cybersecurity, logistics
Why Industry Fit Matters

Every industry has unique compliance requirements, operational rhythms, and risk profiles. Echoflare tailors every engagement to your sector so nothing falls through the gaps.

Primary Markets
Vaughan Our headquarters. Fastest on-site response in the GTA.
Toronto Downtown core and Greater Toronto
Mississauga Full service coverage across Mississauga
East and North GTA
Markham Tech corridor and enterprise coverage
Scarborough East Toronto and Scarborough district
North York North York and Yonge corridor
West GTA
Brampton Full coverage across Brampton
Concord Our home base on Administration Road

All GTA area pages include local pricing context, on-site response times, and area-specific service details.

MyITFleet Platform
Platform Overview The complete MyITFleet feature set and architecture
IT Inventory Management Asset tracking, fleet health scoring, and device lifecycle
Alerts and Service Queue Real-time alerting, ticket triage, and SLA tracking
Free Network and Infrastructure Tools
Subnet Calculator What Is My IP / IP Lookup DNS Lookup Bandwidth Calculator Uptime / SLA Calculator Base64 Encoder / Decoder
Free Security and Developer Tools
Password Generator SSL Certificate Checker Hash Generator / Checksum JSON Formatter / Validator Regex Tester Cron Expression Generator
MyITFleet for MSPs
Visit myitfleet.com MyITFleet is now available to other MSPs worldwide

Built by an MSP, for MSPs

Every feature in MyITFleet was designed to solve real problems we faced managing client infrastructure.

About Echoflare
Our Story How and why Echoflare was built
Careers Join the Echoflare team
Pricing Transparent flat-rate plans for every business size
Contact Us We respond within one business hour
Resources
IT Knowledge Center Guides, insights, and IT strategy for Toronto businesses
Pricing Compare models and build your custom IT plan
Build Your Custom Plan Interactive quote builder — get a custom IT plan in 5 minutes
IT Support FAQ Common questions about managed IT services and costs
Certified Partners
Microsoft Veeam Datto Bitdefender Jamf Blackpoint Wasabi TitanHQ
Free Consultation
Core IT Services
Managed IT Services Co-Managed IT IT Consulting Virtual CIO and Fractional CTO
Security and Continuity
Cybersecurity Managed Detection and Response Dark Web Monitoring Business Continuity
Cloud Services
Cloud Services Cloud Migration Microsoft 365 Management Managed Hosting
Industries
Healthcare and Pharma Dental Practices Legal and Law Firms Professional Services SaaS and Tech Startups Mining and Natural Resources Supply Chain and Warehousing
GTA Areas
Concord (HQ) Vaughan Mississauga Markham Brampton North York Scarborough
Platform and Tools
MyITFleet Platform
Free Network Tools
Subnet Calculator What Is My IP DNS Lookup Bandwidth Calculator Uptime Calculator Base64 Encoder
Free Security / Dev Tools
Password Generator SSL Checker Hash Generator JSON Formatter Regex Tester Cron Generator
Pricing Blog Careers About
IT Strategy

What Is Co-Managed IT? How It Works When You Already Have an IT Person

Co-managed IT is not about replacing your internal IT person. It is about giving them the platform, coverage depth, and backup they need to do the job properly without being stretched across everything at once.

March 2026 7 min read Echoflare Managed Services
At a glance
Shared model
Internal IT handles what they know best. The MSP provides platform, monitoring, security tooling, and after-hours coverage.
Responsibilities defined in the service agreement
Not a replacement
Co-managed IT strengthens your internal IT person rather than displacing them
Internal IT retains ownership of their domain
Block hours
The most common pricing model for co-managed engagements at Echoflare
Used for supplemental work, projects, and escalations

Many Toronto businesses reach a stage where they have an IT person on staff. a systems administrator, an IT coordinator, or a technically capable operations manager who handles IT alongside other responsibilities. but find that one person cannot cover everything the environment needs. After-hours monitoring, security tooling, specialized project work, coverage during holidays and sick days, and the sheer breadth of modern IT infrastructure often exceed what a single internal resource can manage reliably.

Co-managed IT services fill this gap without displacing the internal IT investment the organization has already made. This article explains how the shared IT management Toronto model works, what responsibilities typically sit with the internal team versus the MSP, why it is often a better fit than either pure break-fix or fully managed IT for this profile, and how to structure a co-managed arrangement so the two sides work together rather than creating confusion.

What co-managed IT actually is

Co-managed IT is a hybrid IT support model where the internal IT and MSP relationship is defined by a clear split: an internal IT person or team retains ownership of certain IT responsibilities while a managed service provider handles others. The division of responsibilities is defined in the service agreement and can be adjusted as the organization's needs evolve.

The model is built on a straightforward premise: the relationship between internal IT and MSP is complementary. Your internal IT person has context about your business, relationships with your staff, and knowledge of your applications and workflows that an external provider does not. At the same time, a managed service provider has specialized tooling, 24/7 monitoring infrastructure, security platforms, a full team with diverse expertise, and the operational processes that a single internal resource cannot replicate cost-effectively. Co-managed IT combines both.

Addressing the concern directly

The most common hesitation internal IT staff have about a co-managed arrangement is whether the MSP is there to replace them. A well-structured co-managed engagement makes this concern unfounded in practice. The internal person retains ownership of the areas they manage best. The MSP provides the infrastructure layer. monitoring, security tooling, backup systems, and after-hours coverage. that gives the internal person a stronger foundation to work from, not a threat to their position.

How the responsibility split works in practice

The specific split between internal IT and the MSP varies by organization, but a common pattern for Toronto businesses with a single internal IT person looks like this:

Internal IT handles

Business-specific and relationship work

  • User onboarding and offboarding
  • Business application support and configuration
  • On-site hardware deployments and moves
  • Direct staff relationships and ad hoc requests
  • Vendor management for business-specific tools
  • IT input on business projects and decisions
  • First-line helpdesk for common requests
MSP handles

Platform, monitoring, and coverage depth

  • 24/7 monitoring, alerting, and automated response
  • Automated OS and third-party patching
  • Endpoint Detection and Response (EDR)
  • Cloud backup with monitored job completion
  • Microsoft 365 security configuration and monitoring
  • After-hours and weekend helpdesk coverage
  • Helpdesk overflow during busy periods or leave
  • Specialized project work and infrastructure upgrades
  • Security operations, dark web monitoring, MDR

The split shown above is illustrative. Some organizations prefer the internal person to own helpdesk entirely and use the MSP only for monitoring, tooling, and projects. Others want the MSP to handle all helpdesk and use the internal person exclusively for business application ownership. The agreement is flexible and should reflect the specific strengths and preferences of the internal IT staff involved.

When co-managed IT makes sense for a Toronto business

Co-managed IT is the right model for a specific operational profile. It is not the answer for every business, but for organizations in the following situations it typically delivers more value than either fully managed IT or purely internal IT could alone.

  • You have one IT person managing a 30 to 100 device environment. A single person cannot be monitoring 24/7, patching reliably, maintaining security tooling, handling all helpdesk, and doing project work simultaneously. Something is always getting deferred. The MSP layer provides the continuous monitoring and tooling that a single person structurally cannot maintain alone.
  • Your internal IT person has business application depth the MSP does not. If your environment includes specialized ERP systems, industry-specific software, or custom integrations that require deep organizational knowledge to support effectively, internal ownership of those systems makes sense. The MSP handles the infrastructure layer while the internal person owns the application layer.
  • You need after-hours and holiday coverage. A single internal IT person cannot provide 24/7 coverage. Ransomware does not respect business hours. Co-managed IT with an MSP providing after-hours monitoring and incident response closes this gap without requiring a second internal hire.
  • Your internal IT person is stretched across IT and non-IT responsibilities. Many Toronto businesses have a person who handles IT alongside other operational or administrative duties. The MSP takes the continuous operational IT responsibilities off their plate, allowing them to focus on the work that requires their organizational knowledge.
  • You want continuity protection. If your single internal IT person leaves, takes medical leave, or is unavailable during an incident, having an MSP with full environment visibility provides a continuity layer that does not exist in a purely internal arrangement.

Co-managed IT pricing and the block hours model

Co-managed IT arrangements are typically priced in one of two ways: a reduced per-endpoint fee that covers monitoring, tooling, and security without full helpdesk, or a block hours arrangement where a bank of prepaid hours covers supplemental support, project work, and escalations beyond what the internal team handles.

At Echoflare, the block hours model is the most common choice for businesses with internal IT staff. The internal person handles first-line helpdesk and business application support. Echoflare provides the MyITFleet monitoring platform, EDR, automated patching, backup monitoring, and Microsoft 365 management as a baseline. The block hours bank covers on-site work, infrastructure projects, specialized technical tasks, and after-hours incidents that exceed the internal team's capacity or expertise.

This structure means the organization gets MSP-grade monitoring and security infrastructure without paying for helpdesk services that the internal person already covers competently. The block hours provide a cost-effective overflow mechanism rather than a redundant layer.

MyITFleet for internal IT teams

Echoflare's MyITFleet platform is available to internal IT staff under co-managed arrangements. This gives your internal IT person real-time fleet visibility, device health scoring, patch compliance reporting, and ticket tracking across the full environment. the same operational picture the Echoflare team works from. Rather than managing IT blind or building their own monitoring setup, the internal person inherits a mature platform from day one.

Making co-managed IT work: avoiding the common failure mode

The most common way co-managed IT arrangements fail is through unclear responsibility boundaries. When both the internal team and the MSP assume the other is handling something, things fall through the gaps. When they step on each other's work, it creates friction and duplicated effort.

A well-structured co-managed engagement addresses this with a written responsibility matrix from day one. This document specifies, for each category of IT work, who owns it, who provides backup support, and what the escalation path looks like. It does not need to be complex. It needs to be specific enough that both sides can answer the question "who handles this?" without ambiguity for every category of request that arises.

  • Define ticket routing clearly. The helpdesk ticket system should reflect the responsibility split. Tickets that go to the internal person should route there automatically. Tickets that go to the MSP should route there. Overlap creates both confusion and delays.
  • Establish escalation protocols. When the internal person is unavailable, what happens? When a ticket exceeds the internal person's expertise, what is the process for engaging the MSP? These should be agreed and documented, not improvised during an incident.
  • Review and adjust quarterly. The right responsibility split at month one is often not the right split at month twelve. As the internal IT person's capabilities grow and the organization's needs evolve, the agreement should reflect the current reality rather than the initial configuration.

Key takeaways

  • Co-managed IT is a shared model where internal IT staff own some responsibilities and the MSP owns others. The split is defined in the service agreement and reflects each side's strengths.
  • The model is not about replacing internal IT staff. It is about giving them the monitoring platform, security tooling, after-hours coverage, and specialized backup that a single person cannot cost-effectively provide alone.
  • Co-managed IT is particularly well-suited to Toronto businesses with one IT person managing 30 to 100 devices, organizations where internal IT knowledge of business applications is deep, and any environment where after-hours and holiday coverage is a gap.
  • Block hours is the most common pricing model for co-managed engagements with internal IT staff. The MSP provides the monitoring and security baseline. Block hours cover supplemental work, projects, and overflow beyond the internal team's capacity.
  • Clear responsibility boundaries documented from day one are the difference between co-managed IT that works smoothly and an arrangement where things fall through the gaps.

Frequently asked questions

What is co-managed IT?

Co-managed IT is a hybrid model where an internal IT person or team handles some IT responsibilities while a managed service provider handles others. The split is defined in the service agreement and can be adjusted over time. The model is designed for businesses that have internal IT staff but need additional platform capabilities, coverage depth, or specialized support that a single internal person cannot provide alone.

Does co-managed IT replace my internal IT person?

No. Co-managed IT is explicitly designed to work alongside internal IT staff. Your internal IT person retains ownership of the areas they manage best: business application support, direct staff relationships, and on-site presence. The MSP provides the monitoring platform, security tooling, after-hours coverage, and specialized project capability that strengthens the internal person's position rather than displacing them.

How is co-managed IT different from fully managed IT?

Fully managed IT means the MSP takes responsibility for all IT functions with no internal IT staff. Co-managed IT means responsibilities are shared between internal staff and the MSP. Co-managed suits organizations that want to preserve internal IT ownership and staff relationships while gaining MSP-level infrastructure, monitoring, and coverage. Fully managed suits organizations without internal IT staff who want to outsource the function entirely.

What does a co-managed IT arrangement typically cost?

Co-managed IT pricing depends on the scope of what the MSP provides. A monitoring, tooling, and security baseline without full helpdesk typically runs $30 to $70 per device per month. Block hours arrangements are common for co-managed engagements where the internal team handles most day-to-day support but needs supplemental hours for projects, escalations, and overflow. Echoflare's block hours model is frequently chosen by businesses with internal IT staff for exactly this reason.

What happens to co-managed IT when my internal IT person leaves?

One of the underappreciated benefits of co-managed IT is continuity. Because the MSP already has full environment visibility through the monitoring platform, asset inventory, and documentation, the departure of an internal IT person does not create a knowledge gap or emergency. The MSP can either continue at the existing scope or expand to a fully managed engagement while you recruit, without the environment being left uncovered during the transition.

Have an internal IT person and need backup?

Echoflare's co-managed IT arrangements are built around your internal team, not in competition with them. Book a free 30-minute conversation and we will outline exactly how a shared model would work for your environment. Our IT consulting team can also help you assess the right model before committing.

Book a free conversation Co-managed IT services
IT Strategy
What Is a Managed Service Provider? A Plain-Language Guide for Toronto SMBs
Pricing
Block Hours vs Per-Endpoint: Which IT Pricing Model Costs You Less?
Service Page
Managed IT Services in Toronto and the GTA
Share