A practical playbook for Chicago and Indianapolis businesses
Co-managed IT sounds simple: your internal team keeps strategic control, and a trusted partner fills the gaps (monitoring, security, projects, after-hours coverage, and specialized expertise). In real life, co-managed IT succeeds or fails based on one thing: clear ownership. This guide shows how organizations in Chicago, IL, and Indianapolis, IN can structure co-managed IT services to reduce risk, control costs, and improve user experience without stepping on toes.
Why this matters right now: Security frameworks and guidance are increasingly emphasizing governance – who makes decisions, how risk is accepted, and how outcomes are measured – alongside technical controls. NIST’s Cybersecurity Framework (CSF) 2.0 even adds a dedicated “Govern” function to drive that accountability.
What “co-managed IT” should mean (and what it shouldn’t)
Done well, co-managed IT is a shared operating model:
-
Internal IT retains business context, vendor direction, approvals, and roadmap ownership.
-
Your co-managed partner provides scalable coverage (tools + people) for monitoring, endpoint protection, patching, help desk overflow, and project execution.
-
Leadership gets better visibility: service metrics, security posture, and predictable budgeting.
What it shouldn’t mean: “We’ll call you when something breaks.” That’s staff augmentation. A co-managed model needs process, tools, and a shared scorecard.
The 5 ownership areas that make or break co-managed IT
1) Identity & Access (who can do what)
Agree upfront on admin roles, conditional access ownership, and a standard for stronger MFA. The security industry is moving toward phishing-resistant MFA as a baseline for high-risk accounts and workflows.
2) Patch & vulnerability management (who pushes, who verifies)
Co-managed IT works best when one party is responsible for deployment mechanics (scheduling, rings, maintenance windows) and the other is responsible for verification (reporting, exception approval, and “why” decisions tied to uptime).
3) Backup & recovery (who owns restore readiness)
Backups aren’t “done” until restores are tested. Current ransomware guidance stresses offline, encrypted backups and regular testing so recoveries work when it counts.
4) Help desk experience (who owns the user’s day)
Define which tickets stay internal (line-of-business apps, specialized workflows) and which go to your partner (password resets, endpoint issues, email troubleshooting, remote access). Users should never have to guess who to contact.
5) Security operations (who triages alerts at 2:00 a.m.)
If monitoring is shared, incident response must be shared too—with clear escalation paths. Recent ransomware activity continues to rely heavily on phishing and credential theft, so detection and response speed is a real differentiator.
A simple co-managed model (with a clear “who owns what” table)
| Capability | Internal IT owns | Co-managed partner owns | Shared cadence |
|---|---|---|---|
| Strategy & roadmap | Priorities, budgeting, approvals | Options, scoping, technical recommendations | Quarterly roadmap review |
| Monitoring & alerting | Critical system context, escalation contacts | Tooling, 24/7 triage, runbooks | Weekly ops summary |
| Patching | Exception approval, maintenance windows | Deployment, reporting, compliance checks | Monthly patch meeting |
| Backups & DR | RPO/RTO targets, app priority list | Backup admin, restore tests, documentation | Quarterly restore test |
| Procurement & lifecycle | Standards, final approval | Sourcing, staging, deployment coordination | Monthly asset review |
Did you know? Quick co-managed IT facts
Governance is a security control. CSF 2.0 formalizes governance as a core function, meaning clear decision rights are part of modern cyber hygiene.
Backups must be tested. Ransomware operators commonly try to delete or encrypt accessible backups, which is why offline backups and recovery testing matter.
“Stronger MFA” is changing. Many organizations are shifting to phishing-resistant approaches (passkeys, FIDO2, device-bound factors) for higher assurance.
How Braden Business Systems supports co-managed IT outcomes
Braden Business Systems has supported organizations across Indiana and Chicago since 1989, helping teams align IT operations with business objectives without forcing a one-size-fits-all model. When co-managed is the right fit, the goal is simple: strengthen coverage, reduce noise, and make ownership obvious.
Local angle: what Chicago and Indianapolis teams tend to optimize for
Chicago, IL: multi-site visibility and vendor sprawl
Many Chicago-area organizations deal with distributed locations, hybrid work patterns, and complex vendor ecosystems. Co-managed IT often focuses on standardizing monitoring, tightening identity controls, and building a consistent patch-and-reporting rhythm across sites.
Indianapolis, IN: fast resolution and operational continuity
Indianapolis-area teams frequently prioritize responsiveness, predictable costs, and business continuity, especially when IT supports operations-heavy environments. Co-managed support can provide after-hours coverage, tested recovery workflows, and project execution without growing headcount as quickly.
If your organization spans neighborhoods or suburbs, Braden’s location-specific pages can help you match the right service model to your footprint -see Indianapolis services and Areas Served.
CTA: Get a co-managed IT plan with clear ownership
Want a practical co-managed model that aligns tools, responsibilities, and reporting without disrupting your internal team? Braden can help you define scope, escalation paths, and measurable outcomes.
FAQ: Co-managed IT services in Indianapolis and Chicago
What’s the difference between co-managed IT and fully managed IT?
Fully managed IT typically means the partner owns day-to-day operations end-to-end. Co-managed IT keeps your internal team in the driver’s seat while the partner provides tools, coverage, and specialized services to fill gaps.
How do we prevent finger-pointing when something fails?
Create an ownership matrix (RACI-style), standardize escalation paths, and review metrics monthly. Co-managed works when “who owns what” is documented and revisited as the environment changes.
Do we need to change our tools to start co-managed IT?
Not always. Many organizations start by integrating monitoring, ticketing, and security telemetry, then standardize tooling over time if it reduces complexity or improves reporting.
What security outcomes should we prioritize first?
Start with identity hardening, patching discipline, and tested backups. Ransomware guidance consistently stresses backup integrity/testing and reducing credential-based compromise paths.
Can co-managed IT help with cloud projects and migrations?
Yes! Especially for planning and execution (migration waves, identity integration, post-migration hardening, and documentation). If cloud is a priority, see Braden’s Cloud Computing & Migration service page.
Glossary (quick definitions)
Co-managed IT: A shared IT operations model where internal IT and a partner divide responsibilities using agreed processes, tools, and reporting.
CSF 2.0: NIST Cybersecurity Framework version 2.0, organized around functions, including the added Govern function for cybersecurity risk governance.
Phishing-resistant MFA: MFA methods designed to reduce phishing-based credential theft (often using passkeys/FIDO2 or device-bound authentication).
RPO / RTO: Recovery Point Objective (how much data you can lose) and Recovery Time Objective (how long you can be down) are used to set backup and disaster recovery expectations.