The Craftwork Group
IT Support & Managed Services

Managed by engineers,
not a ticket queue.

Every client gets a named engineer. Every issue gets a root cause analysis — not a workaround and a closed ticket.

99%
Calls answered live
<5 min
From call to support
101+
Years combined experience

Managed by engineers,
not a ticket queue.

  • Engineers on every account — not help-desk techs routing tickets
  • We document your environment before we touch anything
  • Monitoring catches issues before your users do
  • One team, one direct line — not a call center rotation
"Most MSPs hand you a ticket number. We hand you a root cause analysis."

Most managed IT providers are built around ticket volume. You call, they respond, they close. The cycle repeats. At The Craftwork Group, we're organized around environments — understanding yours deeply enough to prevent the calls before they happen.

Ryan has worked in IT infrastructure since the late 1990s. The team brings more than a hundred combined years of hands-on work across endpoint management, network engineering, identity systems, and security. That depth means we've encountered most failure modes — and we build the monitoring to surface them early.

We serve businesses across the Pacific Northwest — manufacturing operations, professional services firms, healthcare-adjacent organizations. Complex environments with real infrastructure requirements. We don't shy away from complexity. That's where we do our best work.

Everything your environment needs.

Managed IT from TCG is a complete operations layer — not a helpdesk subscription with add-on fees for anything real.

Endpoint Management

Patching, agent deployment, health monitoring, and lifecycle tracking across Windows, macOS, and Linux endpoints.

Network Monitoring

24/7 visibility into switches, firewalls, and access points. Automated alerts before users notice degradation.

Helpdesk & Support

Real engineers on the other end. Fast response for active client environments. Direct access, no call center.

Security Baseline

MFA enforcement, EDR deployment, backup verification, and vulnerability scanning — built in, not bolted on.

Identity & Access

Active Directory, Entra ID, SSO configuration, and access lifecycle management. No orphaned accounts.

Vendor Coordination

We manage your ISP, SaaS vendors, and hardware suppliers. You stop being the intermediary on every vendor call.

Documentation

Network diagrams, runbooks, asset inventory. Maintained continuously — not abandoned after onboarding.

Quarterly Reviews

Infrastructure roadmap, capacity planning, and budget forecasting. You always know what's coming and why.

Things people ask before they sign.

We've heard them all. Honest answers below.

// Common concern
"We already have an IT person."

Good. We work alongside internal staff — not instead of them. Most hybrid teams get more done with us handling tier-1 and project work while your person focuses on strategic priorities.

// Common concern
"All MSPs say the same things."

Fair. Ask us to walk through your environment. The difference between a ticket shop and an engineering team shows up in the first conversation — in the questions we ask and what we actually know.

// Common concern
"Our environment is complicated."

That's where we do our best work. Multi-site, hybrid cloud, legacy systems — if it's complex, we've likely seen it. Complex environments are why engineering discipline matters in managed IT.

// Common concern
"What happens at 2am?"

24/7 monitoring with automated alerting. Critical issues page on-call. We catch most problems before you'd know they existed. Incidents that require a human response get one.

// Common concern
"We've been burned by an MSP before."

We know. We regularly take over from MSPs that failed — undocumented environments, deferred patches, surprise bills. We start with a full audit so both parties understand exactly what we're inheriting.

// Common concern
"Are we locked into a contract?"

First 90 days is a mutual evaluation — we get to know your environment, you get to know us. After that, month-to-month. We'd rather earn the relationship than enforce it.

How we think about managed IT.

01 ·
We learn your environment first.

We spend 30–60 days auditing before we commit. Network topology, endpoint inventory, identity systems, backup state, vendor relationships. If we take it on, we own it completely — and that starts with knowing exactly what we're taking on.

02 ·
We prevent. Not just react.

Monitoring catches hardware degradation, capacity issues, and security signals before they become incidents. Our goal is to reduce call volume over time — not build a business model that depends on your problems continuing.

03 ·
We stay.

Same team, same direct line. Not a call center rotation. If you worked with us six months ago, you'll talk to the same person. That continuity is how we actually understand your environment — and catch the subtle things.

How an engagement starts.

01 · DISCOVERY
Environment Audit

We map your endpoints, network, identity, backup, and vendor relationships. Deliverable: documented current state — including the gaps.

02 · BASELINE
Remediation Sprint

We close the gaps: patch debt, misconfigured MFA, missing backup coverage, undocumented systems. We inherit clean — or document exactly why not.

03 · OPERATIONS
Ongoing Management

24/7 monitoring, monthly patching cycles, helpdesk support, vendor coordination, change management. Proactive, not reactive.

04 · ALIGNMENT
Quarterly Review

Roadmap review, capacity planning, budget forecasting, incident retrospective. You always know what's coming and why.

What this looks like in practice.

// Case · Pacific Northwest
Multi-Site Network Modernization

A Pacific Northwest manufacturer with six locations came to us after their previous MSP left no documentation. Aging Cisco switching infrastructure, unmanaged gear at remote sites, zero network diagrams. We audited, documented, and migrated to a managed Meraki stack — coordinating the cutover across all six sites simultaneously.

Zero downtime during cutover · Full documentation delivered
// Case · Pacific Northwest
Hybrid Identity Consolidation

A professional services firm with 200 users had split identity across on-premises Active Directory and shadow IT SaaS sprawl accumulated over years. Shared accounts, no MFA enforcement, no Conditional Access policies. We consolidated to Entra ID, eliminated shared accounts, and reached 100% MFA coverage across the organization.

100% MFA in 60 days · Zero shared accounts remaining

Ongoing managed IT vs. a discrete project.

We do both. Here’s how to tell which one fits your situation.

// Ongoing relationship
Managed IT
  • Flat monthly fee, no surprise invoices
  • 24/7 monitoring and incident response
  • Helpdesk for your team
  • Patch management and security baseline
  • Vendor coordination on your behalf
  • Quarterly environment reviews

Best fit: organizations that want predictable IT cost and a team that owns the environment long-term.

// Defined scope
Project Engagement
  • Scoped deliverable with a clear end date
  • Infrastructure builds and migrations
  • Security hardening and compliance prep
  • Network modernization
  • Identity consolidation (Entra ID, AD)
  • Billed T&M or fixed price depending on scope

Best fit: organizations with a specific problem to solve, or those evaluating whether a longer relationship makes sense.

Some clients start with a project and move to managed once we’ve established what’s in their environment. We’ll tell you which one makes more sense — and when the answer is neither.

Questions worth asking.

You’re a small shop. What happens if Ryan gets hit by a bus?

Fair question, and we take it seriously. Here’s how we’ve built against it:

Every environment we manage has documented runbooks — not stored in someone’s head. Your network diagrams, vendor contacts, credential locations, escalation paths, and incident procedures are in writing, accessible to the bench team, and reviewed quarterly. If Ryan isn’t available, the next engineer picks up a documented environment, not a mystery.

We maintain a senior bench — engineers who work across multiple client environments and know your stack. This isn’t a contractor we’d scramble to find in a crisis; it’s the same team who already participates in environment reviews.

We’re also transparent about this: we’ll show you the runbooks. You’ll know what’s documented and what isn’t. If the documentation has a gap, that’s a gap we close — not something we hide until it matters.

A small firm that documents everything is more resilient than a large firm with institutional knowledge locked in people’s heads. We’ve seen both fail. We built for the former.

Ask us about our documentation process →

How do you handle situations where you need more than your team can cover?
We scope honestly before we sign anything. If your environment or requirements exceed what we can deliver well, we say so upfront. For situations that arise mid-engagement, we have specialty relationships in security, compliance, and carrier integration, and we coordinate them. You still have one point of contact; we manage the specialists.
What’s your coverage model during business-critical periods?
Monitoring runs continuously regardless of time or day. For clients with defined SLAs, critical incident response is tiered by severity with response commitments spelled out in the agreement. We also document your specific high-stakes windows — month-end, tax season, audit periods — and adjust monitoring sensitivity during those times.

Ready to stop reacting?

Schedule a discovery call. We'll walk your environment and tell you what we'd actually do — before you commit to anything.

Let's talk about
your environment.

Tell us what you're running. We'll tell you honestly whether we're the right fit.

Location
21019 66th Ave. S, Kent, WA 98032
Response time
Within one business day