Manufacturing
Managed IT, OT/IT segmentation, and disaster recovery for Pacific Northwest manufacturers. Built around the reality that downtime has a dollar cost per minute.
A plant floor and a business office sharing one network because that’s how it grew. Controllers and equipment running software the vendor stopped supporting years ago, doing their jobs anyway. Vendor technicians who need remote access to one machine and currently have a path to all of them. Infrastructure debt that accumulates invisibly until a network change or a vendor upgrade reveals it all at once. The work is to document it, segment it, and make it recoverable before something forces the issue.
Tell us what’s breaking →The switch upgrade that took down a production cell because nobody knew the CNC controller had a hardcoded address on that segment. The ERP outage that idled the floor for half a shift while the dollar counter ran. The vendor tech who VPNed in to service one machine and left a remote-access tool running on it for eight months. The ransomware story from a peer company that made everyone nervous for a week, followed by exactly nothing changing. The retiring plant engineer who carried the network diagram in his head, and the realization that his last day is the documentation deadline.
If any of that sounds familiar, we’ve worked through it before.
The Craftwork Group is a young entity. The people doing the work aren’t. Our team brings more than a hundred years of combined IT experience, doing this work since 1999, and manufacturing is one of the verticals we serve across the Pacific Northwest.
Manufacturing IT is boundary work. The plant floor and the business systems have different change tolerances, different patch cycles, and different failure costs, and most environments grew without anyone drawing the line between them. We document what actually exists, segment OT from IT so a phishing click in the front office can’t reach a controller, and build recovery procedures sized to the truth that a line stoppage is measured in dollars per minute, not tickets per day.
What working with us actually looks like. Helpdesk opens at 6:30 AM and runs until 5:00 PM, with on-call coverage after hours. Standard SLA is one-hour response; in practice, most calls get answered live as they come in. We treat phone calls as priority because if you’re calling, it’s urgent. The only thing that bumps a live call is a monitoring alert flagging a system down or under attack. We’re often the ones who tell you something broke before you noticed. Often we have it fixed before you’d have called.
A note on the rest of the field. We’ve spent the last few months calling MSPs posing as a buyer to see how the market actually operates. Over seventy-five percent never picked up the phone. None returned the sales inquiry. If you’ve shopped for IT support before, that probably tracks. We don’t work that way.
Most manufacturers get IT from generalist MSPs that treat the plant floor as off-limits mystery hardware, or from automation integrators who run the machines but won’t own the network. We work the boundary between the two, and we put it in writing: what talks to what, what happens when it fails, and how it comes back. Built for plants that can’t afford to find out the hard way.
We map what actually exists: every controller, every legacy box, every undocumented connection between the floor and the office. Then we draw the boundary and enforce it with segmentation that respects how production equipment actually behaves, including the machines that can never be patched and have to be isolated instead. The deliverable is a network you can change without fear.
Before any of the niche depth matters, the standard MSP work has to be solid. Workstation and server monitoring. Microsoft 365 management. Enterprise-grade firewalls, switching, and Wi-Fi sized for the office and the floor. Backup and disaster recovery with documented recovery drills, not the kind nobody runs until something breaks.
Site-to-site connectivity engineered for facilities that ship product, not just email: SD-WAN and failover so a circuit outage at one plant doesn’t strand its systems, modernization sequenced around production schedules, and cutovers planned with the floor supervisor instead of around them. Change windows that respect the line.
Recovery procedures for the systems a stoppage actually hinges on: ERP, scheduling, label printing, the file share with the only copy of the work instructions. Tested, timed, and written down. Vendor remote access goes through controlled jump paths with logging, scoped to the machine they service and revoked when the ticket closes, so support access stops being a standing back door.
The honest wins are in the paperwork around production, not the production itself: indexing maintenance logs and equipment manuals so the answer to “has this fault happened before” takes minutes instead of a hunt, document search across years of SOPs and revision history, and reconciliation between the floor’s output records and the business system’s expectations.
What we won’t do: put an AI agent in the loop on your production line, or promise predictive maintenance from data your equipment doesn’t produce. That’s not where the economics are honest yet. The right deployment eliminates hours of administrative reconciliation per week. The wrong one creates new work managing the AI.
Your model choice. Your API keys to OpenAI, Anthropic, or whoever you pick. Your data on infrastructure you own. We configure, deploy, and operate; you keep the keys and the option to take it all elsewhere.
No phone tree. No demo deck. A real conversation about what’s breaking in your plant, what you’ve already tried, and whether there’s a path where we’d actually be useful. If we’re not the right fit, we’ll tell you and point you somewhere honest.
If we are a fit, the next step is an operations audit. A half-day on-site, walking the floor and the closet both, then a written assessment of what we’d do and what it would cost. No obligation past that point.
Book the 30-minute call →