1. Tickets take longer than a day to get a human response
A printer jam isn't urgent. A laptop someone can't log into on Monday morning is. A decent UK MSP commits to a response-time SLA in writing — typically 30 minutes for priority 1 and 2 hours for priority 2 during business hours. If your provider has no SLA at all, or routinely misses it without explanation, that's the first sign.
2. You can never get hold of the same person twice
Rotating ticket queues mean the engineer who finally understands your accounts system has never seen it before. Look for a named engineer plus a named account manager on your contract. If you don't have either, you're buying a lottery ticket every time the phone rings.
3. Nobody has audited your Microsoft 365 tenant in the last 12 months
Licensing drifts. Ex-staff keep mailboxes. MFA never gets rolled out to the last few holdouts. Sharing links go public. A proper provider runs a quarterly M365 health check and emails you the deltas. If you've never seen one, ask for it — and watch what happens.
4. Your invoice keeps growing, but you don't know why
"Project work", "out-of-hours support", "additional licensing" — line items creep on to monthly bills without a written quote. A transparent provider publishes a per-user-per-month rate and gets written approval before anything extra gets invoiced.
5. Patching is "we'll get to it"
If you ask when Windows updates were last applied to every device and nobody can produce a report, patching isn't happening reliably. The NCSC's device security guidance is clear: security-critical patches should be applied within 14 days. Anything older than that is a known unpatched vulnerability sitting on your laptops.
6. Backups are set up but never tested
Most providers "do backups". Very few test restores. Ask for the last successful test-restore log — date, file, verified user. If the answer is hand-waving, the backup might exist but it might not actually restore when you need it.
7. Cyber Essentials hasn't been mentioned
Cyber Essentials v3.3 (Danzell) came into force on 27 April 2026. If you renew without MFA enabled on every cloud service, you auto-fail. If your provider hasn't offered a gap check, they aren't watching your compliance. More and more insurers, contracts and tenders now require CE — not having it is starting to cost work.
8. The PSTN switch-off conversation hasn't happened
The 31 January 2027 switch-off is 7 months away as we write this. Around 500,000 UK business lines were still on legacy PSTN in February 2026. If your provider hasn't walked you through VoIP or Teams Phone options, you're going to end up rushing the migration later.
9. Documentation is in someone's head
WiFi passwords, admin credentials, firewall rules, DNS records, line-of-business app owners — none of this should live in one engineer's memory. A good provider maintains a shared, encrypted runbook and will hand it over at exit, on request. No runbook = lock-in.
10. You haven't had a proactive conversation in 6+ months
If the only time you hear from your IT company is when something broke, they are a break-fix vendor with a monthly invoice. Quarterly reviews — on licensing, risk, roadmap and budget — are baseline for a real managed service.
What to do next
Spot three or more of the above and it's worth at least a second opinion. A proper audit takes 60 minutes on the phone plus a read-only tenant scan. You should get a written report whether or not you switch. That is our IT support standard, and it should be the baseline everywhere. Ask us for one, or ask your incumbent — the refusal is often the answer.
FAQ
How long should I give my current IT provider to improve?
Raise issues in writing with specific examples and dates. Give 60 to 90 days to respond with a written action plan. If nothing changes, start looking.
Is it risky to switch IT providers?
Not if the new provider runs a proper handover. Expect two to four weeks of dual-running, documented admin credentials, and a written cutover plan. We've never lost data on a handover — but we've inherited systems where the previous provider had.
Can I switch mid-contract?
Usually yes — most contracts have a 30 or 90 day notice clause. Check the termination and data-exit terms before you sign anywhere new.
What about the tenant admin credentials?
You own your Microsoft 365 tenant. Your provider holds Global Admin access during the contract. A clean exit means they transfer ownership back and remove their accounts — in writing, on the day the contract ends.