Managed by engineers,
not a ticket queue.
Every client gets a named engineer. Every issue gets a root cause analysis — not a workaround and a closed ticket.
Managed by engineers,
not a ticket queue.
- Engineers on every account — not help-desk techs routing tickets
- We document your environment before we touch anything
- Monitoring catches issues before your users do
- One team, one direct line — not a call center rotation
Most managed IT providers are built around ticket volume. You call, they respond, they close. The cycle repeats. At The Craftwork Group, we're organized around environments — understanding yours deeply enough to prevent the calls before they happen.
Ryan has worked in IT infrastructure since the late 1990s. The team brings more than a hundred combined years of hands-on work across endpoint management, network engineering, identity systems, and security. That depth means we've encountered most failure modes — and we build the monitoring to surface them early.
We serve businesses across the Pacific Northwest — manufacturing operations, professional services firms, healthcare-adjacent organizations. Complex environments with real infrastructure requirements. We don't shy away from complexity. That's where we do our best work.
Everything your environment needs.
Managed IT from TCG is a complete operations layer — not a helpdesk subscription with add-on fees for anything real.
Patching, agent deployment, health monitoring, and lifecycle tracking across Windows, macOS, and Linux endpoints.
24/7 visibility into switches, firewalls, and access points. Automated alerts before users notice degradation.
Real engineers on the other end. Fast response for active client environments. Direct access, no call center.
MFA enforcement, EDR deployment, backup verification, and vulnerability scanning — built in, not bolted on.
Active Directory, Entra ID, SSO configuration, and access lifecycle management. No orphaned accounts.
We manage your ISP, SaaS vendors, and hardware suppliers. You stop being the intermediary on every vendor call.
Network diagrams, runbooks, asset inventory. Maintained continuously — not abandoned after onboarding.
Infrastructure roadmap, capacity planning, and budget forecasting. You always know what's coming and why.
Things people ask before they sign.
We've heard them all. Honest answers below.
Good. We work alongside internal staff — not instead of them. Most hybrid teams get more done with us handling tier-1 and project work while your person focuses on strategic priorities.
Fair. Ask us to walk through your environment. The difference between a ticket shop and an engineering team shows up in the first conversation — in the questions we ask and what we actually know.
That's where we do our best work. Multi-site, hybrid cloud, legacy systems — if it's complex, we've likely seen it. Complex environments are why engineering discipline matters in managed IT.
24/7 monitoring with automated alerting. Critical issues page on-call. We catch most problems before you'd know they existed. Incidents that require a human response get one.
We know. We regularly take over from MSPs that failed — undocumented environments, deferred patches, surprise bills. We start with a full audit so both parties understand exactly what we're inheriting.
First 90 days is a mutual evaluation — we get to know your environment, you get to know us. After that, month-to-month. We'd rather earn the relationship than enforce it.
How we think about managed IT.
We spend 30–60 days auditing before we commit. Network topology, endpoint inventory, identity systems, backup state, vendor relationships. If we take it on, we own it completely — and that starts with knowing exactly what we're taking on.
Monitoring catches hardware degradation, capacity issues, and security signals before they become incidents. Our goal is to reduce call volume over time — not build a business model that depends on your problems continuing.
Same team, same direct line. Not a call center rotation. If you worked with us six months ago, you'll talk to the same person. That continuity is how we actually understand your environment — and catch the subtle things.
How an engagement starts.
We map your endpoints, network, identity, backup, and vendor relationships. Deliverable: documented current state — including the gaps.
We close the gaps: patch debt, misconfigured MFA, missing backup coverage, undocumented systems. We inherit clean — or document exactly why not.
24/7 monitoring, monthly patching cycles, helpdesk support, vendor coordination, change management. Proactive, not reactive.
Roadmap review, capacity planning, budget forecasting, incident retrospective. You always know what's coming and why.
What this looks like in practice.
A Pacific Northwest manufacturer with six locations came to us after their previous MSP left no documentation. Aging Cisco switching infrastructure, unmanaged gear at remote sites, zero network diagrams. We audited, documented, and migrated to a managed Meraki stack — coordinating the cutover across all six sites simultaneously.
A professional services firm with 200 users had split identity across on-premises Active Directory and shadow IT SaaS sprawl accumulated over years. Shared accounts, no MFA enforcement, no Conditional Access policies. We consolidated to Entra ID, eliminated shared accounts, and reached 100% MFA coverage across the organization.
Ongoing managed IT vs. a discrete project.
We do both. Here’s how to tell which one fits your situation.
- Flat monthly fee, no surprise invoices
- 24/7 monitoring and incident response
- Helpdesk for your team
- Patch management and security baseline
- Vendor coordination on your behalf
- Quarterly environment reviews
Best fit: organizations that want predictable IT cost and a team that owns the environment long-term.
- Scoped deliverable with a clear end date
- Infrastructure builds and migrations
- Security hardening and compliance prep
- Network modernization
- Identity consolidation (Entra ID, AD)
- Billed T&M or fixed price depending on scope
Best fit: organizations with a specific problem to solve, or those evaluating whether a longer relationship makes sense.
Some clients start with a project and move to managed once we’ve established what’s in their environment. We’ll tell you which one makes more sense — and when the answer is neither.
Questions worth asking.
- You’re a small shop. What happens if Ryan gets hit by a bus?
-
Fair question, and we take it seriously. Here’s how we’ve built against it:
Every environment we manage has documented runbooks — not stored in someone’s head. Your network diagrams, vendor contacts, credential locations, escalation paths, and incident procedures are in writing, accessible to the bench team, and reviewed quarterly. If Ryan isn’t available, the next engineer picks up a documented environment, not a mystery.
We maintain a senior bench — engineers who work across multiple client environments and know your stack. This isn’t a contractor we’d scramble to find in a crisis; it’s the same team who already participates in environment reviews.
We’re also transparent about this: we’ll show you the runbooks. You’ll know what’s documented and what isn’t. If the documentation has a gap, that’s a gap we close — not something we hide until it matters.
A small firm that documents everything is more resilient than a large firm with institutional knowledge locked in people’s heads. We’ve seen both fail. We built for the former.
- How do you handle situations where you need more than your team can cover?
- We scope honestly before we sign anything. If your environment or requirements exceed what we can deliver well, we say so upfront. For situations that arise mid-engagement, we have specialty relationships in security, compliance, and carrier integration, and we coordinate them. You still have one point of contact; we manage the specialists.
- What’s your coverage model during business-critical periods?
- Monitoring runs continuously regardless of time or day. For clients with defined SLAs, critical incident response is tiered by severity with response commitments spelled out in the agreement. We also document your specific high-stakes windows — month-end, tax season, audit periods — and adjust monitoring sensitivity during those times.
Ready to stop reacting?
Schedule a discovery call. We'll walk your environment and tell you what we'd actually do — before you commit to anything.
Let's talk about
your environment.
Tell us what you're running. We'll tell you honestly whether we're the right fit.