Skip to main content
← All posts

How to Pick an IT Provider in Buffalo (Without Getting Locked In)

By Oakview IT··6 min read

If you run a business in Buffalo, Hamburg, Orchard Park, or anywhere in the Southtowns, sooner or later you need someone to handle your IT. That "someone" is going to touch your email, your customer data, your cameras, your Wi-Fi, and the website that brings you leads. Picking the wrong one is expensive. Picking the right one is one of the better decisions you can make as a business owner.

This is the short, opinionated guide we wish more of our clients had read before they came to us. Most of it comes from cleaning up after bad engagements.

Start by deciding what you actually need

Before you ever call a provider, take twenty minutes and write down what you actually want fixed. Not "IT" — specific problems:

  • Wi-Fi drops in the back of the shop
  • The contact form on our website goes nowhere
  • We have no idea who has admin access to our email tenant
  • The printer only works for two people
  • We think someone tried to phish us last week
  • We can't tell if our backups are running

The more specific you are, the better your conversations will be. A provider who tries to sell you a flat monthly retainer before understanding your actual list is selling you a contract, not a solution.

The four types of IT providers you'll run into

Buffalo has plenty of IT firms and they aren't all the same kind of business. Roughly, they fall into four buckets:

1. The break-fix shop. You call when something's broken, they bill by the hour, you pay. Cheap in theory but unpredictable in practice. They make more money when things fail, which is not the incentive you want.

2. The managed service provider (MSP). Flat monthly fee, they "manage everything." Good for predictable budgeting. Be careful about lock-in — many MSPs will resist handing over admin credentials, documentation, or infrastructure if you ever want to leave. Ask upfront what happens if you cancel.

3. The vendor reseller. They're really a sales arm for one or two big vendors (Microsoft, Cisco, a specific phone system). Their advice will always end at that vendor. Fine if you already know that's what you want; bad if you want an honest assessment.

4. The consulting firm / project shop. They scope specific projects, deliver them, and step back. You pay per engagement. No retainer. This is how we at Oakview IT work, and not coincidentally, it's the model most of our own frustrations with other providers pushed us toward.

None of these are automatically wrong. Different businesses need different things. But you should know which one you're talking to, because their pitch deck won't tell you plainly.

Questions to ask on the first call

Hold every prospective provider to the same short list. Their answers are more revealing than their brochures.

1. "If I fire you tomorrow, what do I walk away with?"

The right answer is: your domain, your email tenant, your website code, your backups, your documentation, and every password — all in your name, in accounts you control. A provider who hesitates here is telling you they'd rather own your stack than serve you.

2. "How do you bill?"

Hourly is fine for small break-fix. For anything bigger, push for a Statement of Work (SOW) with fixed deliverables and a fixed price. Open-ended hourly engagements are where budgets die. If a provider won't commit to a price before they start, ask why.

3. "Who will actually do the work?"

Big MSPs will often send a senior engineer to the pitch and then route your tickets to level-one techs reading scripts. Ask directly: who will pick up when I call? If the answer is "our help desk," you know what you're getting.

4. "Do you take commissions or referral fees from vendors?"

Many IT firms earn bonuses when they place you on specific platforms. That's not automatically bad — but it should be disclosed. If the provider is evasive, assume the answer is yes and weigh their advice accordingly.

5. "What's your backup and disaster recovery setup for your own business?"

If they can't answer quickly, they probably aren't thinking about yours either. This is the question that separates real IT people from tech-adjacent salespeople.

Red flags we see often

After doing this for a while, a few patterns come up again and again in the messes we get called in to clean up:

  • The previous provider registered the domain in their own name. Ridiculously common. You own your business but not the internet property it runs on. If you notice a client-owned domain showing up in whois under a registrar you don't recognize, that's a problem.
  • There's one "IT guy" and only he has the passwords. If he quits, retires, or dies, your business can't function. Credentials should live in a password manager that you, the business, own.
  • The website is on a platform you can't leave. Some agencies build on proprietary CMSes that effectively hold your content hostage. Ask before signing: can I export this and host it somewhere else next year?
  • Everything is billed as "included" but specifics are fuzzy. "Unlimited support" on the flyer often means "unlimited support as we define it." Pin down scope in writing.
  • Security is a line item, not a default. Multi-factor authentication, patch management, and endpoint protection should be baseline, not upsells.

What a good engagement looks like

The first thing we do with any new client is read their current setup out loud, in plain English. Not a pitch, just: here's what you have, here's what's missing, here's what's at risk. Usually something gets fixed in the first hour — a shared password, a missing backup, a stale admin account that should have been deactivated two employees ago.

After that, we scope what needs to happen next, price it, and do it. If it's a project — a website rebuild, a network install, a migration — it has a start date and an end date. If it's ongoing — hosting, monitoring, occasional maintenance — you know what you're paying monthly and you can cancel with thirty days' notice.

No retainers you didn't ask for. No tickets. No tiered support. Whoever you met on the first call is whoever's doing the work.

The local angle matters more than you think

"I'll find someone cheaper on Upwork" is tempting and occasionally works. It stops working the first time someone needs to physically walk into your office. Cables need pulling. Printers need jiggling. A box dies at 4pm on a Friday and the person who can help is three time zones away.

Hamburg, Orchard Park, and East Aurora are small enough that a provider can actually show up. That's worth real money. The best IT decision a Buffalo-area business can make is picking someone who can be at your door in under an hour when it matters — and who has put enough remote-monitoring infrastructure in place that 90% of the time, nobody has to come at all.

If you're talking to us

If you're reading this and you're in the Buffalo or Southtowns area, we'd rather be the people you interview on the first round than the people you call in year two to fix what went wrong. Send us a note with what you're dealing with and we'll book a short scoping call. No pitch deck.

Need help with something like this?

We help Buffalo and Southtowns businesses scope, plan, and deliver the kind of project above. No retainers, no surprises.

Start a ConversationRead More Posts