Break/Fix and Managed IT

And why some Managed IT never actually improves anything.

 

Written by Anthony Allen
Director of Operations, Burstfire

Introduction

Most business owners have worked with more than one IT provider.

What often surprises them is how different the experience can be - even when the service is described using the same words. Two providers might both say they offer managed IT, but one feels chaotic while the other feels calm and predictable.

That usually leads to the same question:

"Aren't all IT providers basically doing the same thing?"

The short answer is no.

The longer answer is that the way managed IT is delivered matters far more than the label.

This page explains the difference between break/fix IT, reactive managed IT, and a more strategic, standards-led approach to managed IT - and why those differences show up so clearly in day-to-day reality.

Break/Fix IT: Optimised for incidents

Break/fix is the simplest model to understand.

Something breaks. You call. The provider fixes it. You get billed for the time spent.

In many break/fix arrangements:

  • tools like monitoring, antivirus, or backup may not be included
  • those tools may be billed separately, if used at all
  • work is driven almost entirely by incidents

There's nothing inherently wrong with this approach. It can make sense for very small or low-risk environments where interruptions are tolerable and systems aren't especially complex.

What matters is what break/fix optimises for:

  • reacting to problems
  • restoring service
  • moving on

What it doesn't optimise for is:

  • consistency
  • documentation
  • reducing repeat issues
  • or improving the environment over time

That's not because providers don't care. It's because the model only pays when something breaks. Time spend preventing future issues is time that's hard to justify commercially.

As a result, the same problems tend to appear - not because of incompetence, but because the model rewards resolution, not improvement.

Managed IT: Support on a recurring basis

Managed IT is usually sold as a monthly service.

Instead of paying per incident, you pay a fixed amount for support, monitoring, and maintenance. In many cases, this also includes a bundled set of tools - monitoring, security software, backup, and patching.

Compared to break/fix, this is a real step forward.

Managed IT typically brings:

  • more predictable monthly costs
  • consistent access to support
  • bundled tooling
  • faster response

For many businesses, this alone is a significant improvement.

However, it's more important to be clear about how most managed IT actually operates in practice.

Where managed IT often stops

In many managed IT arrangements, the service is still largely reactive - just on a monthly retainer instead of per incident.

The focus is usually on:

  • responding to tickets
  • meeting response times
  • keeping systems running as they are

Reviews may exist, and they often centre around:

  • how many tickets were raised and resolved
  • uptime and response statistics
  • malware blocked
  • backup success rates

These are useful service metrics that show activity and effort.

What they don't necessarily show  is whether the environment is becoming more stable or less prone to recurring issues.

Without a defined set of standards to measure against, improvement tends to be:

  • reactive
  • opinions-based
  • or driven by the most recent incident

Over time, environments drift. Nothing fails badly enough to force change, but nothing is deliberately brought back into alignment either.

Support becomes reliable - but the underlying experience can still feel noisy.

Managed IT doesn't automatically mean strategic IT

Many business already "have managed IT" and still experience repeated issues, workarounds, and disruption.

This usually reflects how the service is structured, rather than the effort of the people delivering it.

Managed IT with a strategic, standards-led focus

Some managed IT services take a more deliberate approach.

Rather than treating support as the end point, these models use support activity as an input into ongoing improvement.

This doesn't replace day-to-day managed IT. It builds on it.

Support, monitoring, and maintenance are still there. The difference is that they're paired with:

  • defined standards
  • regular alignment reviews
  • and deliberate improvement work

Instead of asking only:

"How quickly can we resolve this issue?"

The model also considers:

"Why did this happen, and is there something that should change so it's less likely to happen again?"

That additional layer changes how the environment evolves over time.

Why standards and alignment exist

The focus on standards and alignment isn't abstract.

It exists to reduce the frequency of issues.

Recurring problems - failed updates, access issues, unreliable devices, security warnings - have a visible cost in IT time and a less visible cost in lost focus, delays, and work that can't be done efficiently.

A standards-led managed IT approach uses patterns in support activity to:

  • identify underlying causes
  • make targeted changes
  • and reduce the likelihood of similar issues elsewhere

Over time, this often leads to fewer interruptions and a lower overall operational cost when downtime and disruption are considered.

How this affects the day-to-day experience

In a strategic managed IT model:

  • support still matters
  • response still matters
  • uptime still matters

The difference is that support and improvement inform each other.

Issues aren't just resolved and closed. They contribute to decisions about configuration, standards, and future changes across the environment.

That's how environments tend to become calmer - not because nothing ever goes wrong, but because fewer things go wrong repeatedly.

Why these approaches feel different

The reason break/fix, reactive managed IT, and strategic managed IT feel different isn't about tools or personalities.

It's about incentives.

  • Break/fix incentivises fixing the immediate problem
  • Reactive managed IT incentivises efficient response
  • Standards-led managed IT incentivises reducing future disruption

Each model behaves the way it's structured to behave.

That's why changing providers without changing the underlying approach often leads to similar outcomes, even if the service looks different on paper.

Which approach is right?

There isn't a single right answer.

Break/fix can work for very small businesses with low risk and high tolerance for interruption.

Reactive managed IT can be a good fit where predictable support and budgeting is the main goal.

Strategic managed IT makes the most sense when:

  • interruptions have a tangible cost
  • the environment is growing or changing
  • security and consistency matter
  • and technology is expected to support the business rather than simply react

The key is understanding which version of managed IT is actually being delivered.

Models don't fail - expectations do

Most frustration with IT doesn't come from poor service.

It comes from expecting one delivery model to behave like another.

Closing

IT providers don't behave the way they do by accident.

They behave the way their delivery model encourages them to behave.

Understanding the practical differences between these models makes it much easier to choose an approach that aligns with how your business operates - and with what you want technology to do over the long term.

And if you ever want to talk through where your current setup sits on that spectrum, you're welcome to get in touch.

Clarity first. Decisions second.

Start a conversation

If you're exploring how your  technology environment is currently managed - or thinking about moving away from reactive IT support - a short conversation is often the best place to start.

We'll talk through how things are currently set up, what challenges you're experiencing, and whether our approach might be a good fit.

Bolster your cyber defences. Stand up to cyber criminals.

We’re flooded with news about big brands being hit by a cyber attack that’s cost them hundreds of millions.

What we don’t see is the 600,000 small businesses hit by cyber incidents, and that 60% of small businesses go out of business within 6 months of a cyber attack.

We believe in small businesses, and think you deserve the chance to flourish without being blindsided by a drive-by cyber attack.

Your people are the first defence for your business. Give them the tools and training.

Most cyber attacks can be prevented when a person knows the signs to look for. Phishing is the most prevalent entry form of a cyber incident, and in our busy lives, we can skip over the basic checks we can make to keep ourselves secure.

The people in your business are one of your greatest assets against an evolving cyber threat landscape  - giving them the tools and training to combat those threats will empower them, and secure your data.