By Simon Marcil, President and co-founder, S3 Technologies. Running an MSP in Montreal since 2003.
In short: A Managed Service Provider (MSP) is an IT company that takes full ownership of an organization’s technology, including network, cybersecurity, and user support, and manages it proactively for a fixed monthly fee, instead of fixing problems only after they happen.
Let’s start with the obvious: “Managed Service Provider” is a terrible name. It’s vague, and it tells you almost nothing about what we actually do. We’ve been an “MSP” since we founded S3 in 2003 (before the term got popular!) and we still don’t love using it.
So forget the acronym for a second. Here’s what an MSP really is, and why so many Quebec businesses are handing their IT to one.
The two pillars of managed IT services
A Managed Service Provider takes ownership of your IT, covering your network, your cybersecurity, your user support, and everything else an internal IT department would handle, and bills you all for a fixed rate per month. That’s the core of it. You’re shifting the burden of IT to a provider, at a predictable price.
Ownership and a fixed rate: those are the two things what that define managed IT services. If a provider only patches one corner of your environment, or still bills you by the hour every time something breaks, you’re not really getting managed IT. You’re getting a vendor.
One honest caveat, because we’d rather you hear it from us: that fixed monthly fee covers keeping the lights on, which means monitoring, support, security, patching, the day-to-day. Bigger projects, like a cloud migration or a major infrastructure change, sit outside the monthly fee. Any straight-shooting MSP will tell you the same.
A quick note on “co-managed.” Not every company wants to hand over everything. Some have an internal IT person or a small team and just need backup (overnight coverage, cybersecurity depth, a second set of hands…). That’s co-managed IT, and it’s a real MSP model too. The principle is the same: the provider owns a defined scope and is accountable for it at a predictable rate.
What “ownership” actually means
To understand the shift, you have to remember how IT used to work.
The old model was break-fix: you call when something is broken, they fix it, they bill you. You had an IT supplier, maybe a block of hours, maybe a retainer, maybe nothing at all. The whole relationship was reactive. Nobody was paying attention to your network until you noticed something was wrong.
Managed IT flips that completely. At S3, we do what an internal IT department would do, but with more depth and without the gaps. We’re not waiting for the phone to ring. We’re already watching: keeping the network running, keeping it secure, keeping your people productive. Gartner describes this as the defining evolution of the MSP model: moving from reactive break-fix to a proactive resilience, where the provider is accountable for results, not just availability.
But ownership goes well beyond the day-to-day. For us it also means having a real plan for your infrastructure. We build a three-year roadmap and budget (the virtual-CIO, or vCIO, side of the job) so you’re never blindsided by what’s coming. And it It also means owning your compliance: the cyber-insurance questionnaires, the Law 25 obligations, the security documents your own clients and suppliers ask you to fill out. We take all of that on. In practice, we become your IT department. One that’s already working before you even know there’s a problem.

Why the fixed monthly rate changes everything
The billing model isn’t a detail. It’s the whole point. Because it changes who’s working for whom.
Break-fix creates a fundamental conflict: the more you call, the more your provider gets paid. Their incentive runs against yours. With an MSP, the provider gets the same fixed rate whether you call ten times a month or zero. Suddenly, everyone’s pulling toward the same goal: technology that just works. Which is exactly what you wanted in the first place.
That’s the part people miss. The fixed rate doesn’t just make budgeting easier, though it does: you know your IT cost in January and in October, with no surprise invoices. It also aligns the provider and the client in a genuine win-win. When we do our job well, you have fewer issues and we spend less time firefighting. Everybody’s pulling in the same direction.
Why most Quebec SMBs are moving to managed IT services
It comes down to depth you can’t hire for, and stakes that keep rising. You’re not alone in concluding this: by one industry estimate, nearly 90% of small and mid-sized businesses now use an MSP or are actively considering one.
A good MSP gives you an entire team. At S3 that means 24/7 coverage, our own in-house cybersecurity team, and experts across the things that actually run your business: Microsoft 365, Azure, networking, security. No single internal hire covers all of that. And if you find the one person who comes close, you’ve created a new problem: you’re now completely dependent on them. If they leave, you’re starting from scratch.
Cybersecurity is the biggest driver of all. It’s become too constant and too high-stakes for most SMBs to own alone. According to CIRA’s 2025 Canadian Cybersecurity Survey, roughly 43% of Canadian organizations were hit by a cyberattack in the past year, with the sharpest increase among small businesses. And when a breach does happen, the average cost to a Canadian organization now sits at $6.98 million (IBM, 2025). You need someone watching around the clock, and you need it genuinely handled, not hoped for. On top of the threat itself, there’s a growing pile of compliance to manage: Law 25, cyber-insurance questionnaires, and the security requirements your own clients and suppliers now demand before they’ll do business with you. Companies want a partner who simply takes that off their plate.
Underneath all of it is a straightforward want: to be more productive, with a supplier who’s proactive and actually has a plan for you, not one who only shows up once something’s already broken.

So, what is an MSP?
At the end of the day, an MSP is what most companies actually want from IT: someone who comes in, takes it over, and lets you stop thinking about it. You’re not chasing them to fix things. You’re not wondering what they’re doing day to day. You’re not bracing for a surprise invoice as you agreed on the price up front.
It’s on them to deliver. The only thing left for you to manage is the one question that matters: are they doing what they said they would?
That’s the standard we hold ourselves to at S3. It’s the only definition of “MSP” we think is worth using.
What makes a good MSP
- Cybersecurity built in, not bolted on: threat monitoring, patching, backups, and a recovery plan as a core part of the service, not a line item you add later.
- Fast support that keeps you productive: when your people need help, they get it quickly. The whole point is keeping them working, not logging tickets.
- A local partner who gets Quebec: bilingual support, and a real grasp of the rules you operate under here, from Law 25 to the OQLF’s language requirements.
- A proactive plan, not a menu: a provider who shows up with a roadmap for where your IT should go, not just a list of things they can bill for.
If your IT still works the old way (you call, they fix, repeat) that’s worth a conversation. Call Marc to discuss and we’ll show you what taking ownership actually looks like.