Cardinal Company - Technology Services

Service levels

Three ways to work with us.

Every plan is delivered in-house, by the same team, with no subcontracting. The difference between them is how much of your security and compliance work we carry — not how fast we answer the phone.

Why tiers, not tickets

We hear some version of "we don't really need IT support, we never call anyone" almost every week — and honestly, we get it. If your only experience of IT support is sitting on hold to reset a password, of course it feels optional. That's not support. That's a help desk with a phone number.

Modern managed IT isn't break-fix. Something breaks, you call, we show up, we bill you — that model needed to change a long time ago, and we moved past it before we ever called ourselves an MSP.

The real value isn't in the calls you make. It's in the calls you never have to make.

That's patch management running quietly in the background. Security updates pushed before a threat reaches your network. Monitoring that flags a failing drive before it takes your data with it. Compliance work ticking along so an audit doesn't turn into a fire drill.

The three plans below set how much of that work we carry for you — from the always-on essentials every client gets, up to a fully managed security and compliance posture. Pick the one that matches where your organization is today. You can always move up.

The plans

Built to stack — each plan includes everything below it.

Core

The always-on essentials. Nothing fancy, nothing skipped.

  • 24/7 system monitoring
  • Patch and update management
  • Endpoint protection (EDR)
  • Helpdesk for your team
  • Asset and license tracking
  • M365 / Google Workspace administration
  • Quarterly health review

Best for: teams with a stable environment who want a steady hand on day-to-day operations.

Ask about Core →
Most common
Secure

Core, plus a real security baseline — not just antivirus and crossed fingers.

  • Everything in Core
  • MFA rollout and enforcement
  • Endpoint hardening
  • Phishing and awareness training
  • Email authentication (SPF/DKIM/DMARC)
  • Vulnerability scanning
  • Backup for endpoints, servers, and M365/Workspace
  • Quarterly restore tests

Best for: organizations handling sensitive data, donor records, or client information that can't afford a breach.

Ask about Secure →
Complete

Secure, plus the documentation and oversight an audit actually asks for.

  • Everything in Secure
  • Policy and procedure documentation
  • Audit and assessment preparation
  • Disaster recovery runbook
  • Ransomware response plan
  • Network segmentation review
  • Quarterly vCIO strategy session
  • Priority response SLA

Best for: organizations facing a compliance framework, cyber insurance requirements, or a board that asks hard questions.

Ask about Complete →
Not sure which one fits? Most clients start with a 45-minute assessment and we recommend a plan based on what we actually find — not the other way around. Pricing is scoped to your environment, so we'll never quote a tier before we've looked at your setup.

What's running underneath, always

Four things every plan keeps quiet in the background.

Patch management

Running quietly so your systems aren't sitting exposed to last week's vulnerability.

Security updates

Pushed before a threat ever reaches your network — not after.

Monitoring

Flags a failing drive before it takes your data with it.

Compliance

Ticking along in the background so an audit doesn't turn into a fire drill.

Get started

A good managed services partner should feel like part of your team.

Not a vendor you call when something's already on fire. Tell us what you're running today and we'll tell you, honestly, which plan fits.

Request an assessment → Get your IT score →