By Mike Pearlstein, CISSP — CEO, Fusion Computing
TL;DR: A 45-person GTA construction firm’s sole IT generalist was spending 70% of their week on reactive support. After moving to co-managed IT with Fusion, Fusion took over all infrastructure, security, patching, backups, and vendor management. The IT lead kept frontline user support and project ownership. Ticket backlog dropped 60%, patch compliance hit 97%, and a stalled project management platform was live within 90 days.
The challenge: one IT person doing the work of three
The company had grown to 45 employees across two GTA office locations and multiple active construction sites. Their IT environment included a mix of on-premise servers, cloud-hosted project management tools, field devices, and a Microsoft 365 tenant that had been set up years earlier and never properly managed.
They had one IT generalist responsible for everything: password resets, printer issues, firewall configuration, server patching, software licensing, backup management, and vendor calls. He was good at his job. He knew every employee by name, understood the business applications inside and out, and had built most of the current infrastructure himself.
But he was drowning.
Patch compliance across endpoints and servers sat at roughly 34%. There was no endpoint detection and response — just Windows Defender with default settings. After-hours coverage meant his personal phone rang at 2am when a server alert fired. Vendor coordination (ISP issues, printer leases, software renewals, hardware warranties) consumed 8+ hours per week. His ticket backlog had 47 open items, many weeks old.
The breaking point came when a phishing email made it past basic antivirus and an employee clicked the link. The incident was contained, but it exposed how thin the security layer really was. Meanwhile, a project management platform rollout — critical for coordinating jobs across field crews — had been stalled for 18 months because there was never time to focus on it.
The company’s leadership knew something had to change. But they also knew their IT lead was an asset, not a problem. He didn’t need to be replaced. He needed infrastructure taken off his plate.
The strategy: co-managed, not fully managed
This was a textbook co-managed IT engagement. The IT lead was competent and committed. He had institutional knowledge that would take any outside team months to replicate. The goal was to multiply his effectiveness, not replace him.
After an initial conversation, Fusion and the client agreed on a clear division of responsibilities:
Fusion would own: 24/7 monitoring, automated patch management, security stack deployment and management (Huntress MDR + Fortinet), backup verification and disaster recovery readiness, after-hours escalation and triage, vendor coordination (ISP, hardware, software licensing), and compliance-supporting documentation aligned with CIS Controls v8.1.
The IT lead would own: frontline user support (he knew the staff and preferred to keep that relationship), business application administration, the project management platform rollout, and the ongoing relationship with leadership. He would also join biweekly vCIO review calls with Fusion’s team to align on priorities and budget.
This split was documented in a shared responsibility matrix during the first two weeks and revisited quarterly.
The implementation: 90 days of structured onboarding
Fusion followed its standard 90-day onboarding framework, adapted for the co-managed model.
Days 1–14: Discovery and documentation
Fusion ran a 168-point assessment covering the full environment: endpoints, servers, network topology, firewall configuration, backup status, security posture, user accounts, vendor relationships, and licensing. The IT lead participated throughout — his knowledge of the environment accelerated the process significantly.
Key findings from the assessment:
- 34% patch compliance across endpoints and servers
- No endpoint detection and response beyond default Windows Defender
- Backup jobs running but never verified for recoverability
- Admin credentials shared across multiple systems with no MFA
- No documented incident response plan
Shared access was established. Documentation was centralized. No disruptive changes were made during this phase — only urgent security and backup gaps were addressed immediately.
Days 15–45: Parallel operations
Fusion brought monitoring and patching online alongside the existing environment. After-hours coverage went live. A shared escalation matrix defined who handled what and when. Weekly syncs with the IT lead ensured nothing fell through the cracks during the transition.
Vendor handoffs began: ISP support, printer lease management, and software licensing coordination moved to Fusion’s operations team. The IT lead reported that the first thing he noticed was his inbox getting quieter.
Days 46–90: Security hardening and optimization
Huntress MDR was deployed across all endpoints. Fortinet firewall policies were tightened and documented. MFA was enforced on all admin accounts. Backup jobs were reconfigured and verified for recoverability. Security awareness training was rolled out to all 45 employees.
With infrastructure and security off his plate, the IT lead finally had time to focus on the stalled project management platform. He completed the rollout within this 90-day window — a project that had been delayed for 18 months.
The results
Ticket backlog
47 → 12
60% reduction in 60 days
Patch compliance
34% → 97%
Across all endpoints and servers
After-hours incidents
100%
Handled by Fusion
PM platform rollout
90 days
Previously stalled 18 months
Security stack
Huntress MDR + Fortinet
CIS Controls v8.1 aligned
IT lead retention
2+ years
Still in role and focused on growth
Key takeaways
Co-managed works when the internal IT person is good but outnumbered. The goal is to multiply their effectiveness, not replace them. This engagement succeeded because the IT lead kept the relationships, the institutional knowledge, and the strategic ownership that made him valuable in the first place.
After-hours coverage alone justifies the engagement. For any company with a single IT person, the risk of having no coverage outside business hours is significant. One after-hours incident handled by Fusion instead of a 2am phone call to the IT lead changes the quality of the entire working relationship.
The 90-day structured onboarding prevents disruption. The IT lead never lost control of the environment. Fusion integrated alongside him, not over him. The weekly syncs during onboarding and biweekly vCIO reviews afterward kept both teams aligned.
Vendor coordination is an underestimated time sink. ISP issues, printer leases, software renewals, and hardware warranties consumed 8+ hours per week of the IT lead’s time. Handing that off to Fusion freed up an entire workday each week for strategic projects.
Considering co-managed IT for your business? If your internal IT team is stretched thin, Fusion can help. Book a 30-minute IT assessment to find out what a co-managed engagement would look like for your environment.
Frequently asked questions
Would this work for a smaller company?
What did it cost?
What would you do differently?
This case study is anonymized to protect client confidentiality. Details have been adjusted for privacy while preserving the accuracy of the engagement’s scope, timeline, and outcomes. If you are a current Fusion client interested in sharing your experience, contact us.
If your business does not have internal IT staff and needs a fully outsourced solution, see Fusion’s fully managed IT services.
