Imagine the following scene: a company with 60 employees, solid revenue, and a stable client portfolio. The finance department closes the numbers for the month, and everything seems under control. But hidden among generic line items like "maintenance," "IT services," and "software subscriptions," there are expenses that no one totals, no one questions, and no one manages. The freelance technician who charges per visit. The duplicated software license that three departments pay for separately. The server that no one monitors and that, when it fails, halts billing for an entire day.
This scenario is not an exception. According to CompTIA, in the 2024 State of the IT Channel report, 57% of small and medium-sized businesses do not have a formal technology management strategy. They operate in what experts call "organic IT": a patchwork built over the years by isolated decisions, ad-hoc suppliers, and emergency solutions that have become permanent. The problem is not the lack of technology. It is the lack of someone responsible for seeing it as an integrated system, with measurable costs and a direct impact on the business outcome.
The question that few managers ask themselves, and that should be on the agenda of every board meeting, is straightforward: how much, exactly, does your company spend on IT that no one is managing?
The Anatomy of Invisible Costs
Unmanaged IT rarely manifests as a single, spectacular crisis. It operates as a slow erosion. There are dozens of small inefficiencies that, when added together, significantly compromise the operational margin. According to Forrester, in the 2023 study The Total Economic Impact of Managed Services, companies that migrate from a reactive model to a managed IT model identify, on average, a 23% reduction in total technology costs in the first 18 months. This number does not come from new investments. It comes from eliminating waste that already existed but that no one saw.
The first invisible component is reactive support. In the ad-hoc ticket model, each problem generates a unit cost: the technician's visit, the freelancer's hour, the rush to resolve what should have been prevented. This model penalizes the company twice. First, for the direct cost of intervention. Second, for the lost productivity while the problem is not resolved. An employee who loses 40 minutes a day due to system slowness, crashes, or access difficulties represents, at the end of the month, more than 13 hours of wasted work. Multiply this by a team of 30 people and the number becomes alarming.
The second component is redundancy of contracts and licenses. Without a centralized view of technology assets, it is common for different departments to contract overlapping solutions. Three cloud storage tools, two antivirus from different vendors, software licenses that continue to be charged for employees who have already left the company. According to Gartner, in the Market Guide for Managed IT Services 2024, mid-sized companies waste, on average, between 15% and 28% of their software budget on underutilized or duplicated licenses. This is not an IT management error. It is a financial management error that occurs due to lack of visibility.
The third component, and perhaps the most dangerous, is the unquantified risk. When no one is responsible for the company's technology governance, no one is monitoring security vulnerabilities, checking the integrity of backups, or ensuring compliance with regulations such as the LGPD (General Data Protection Law) in Brazil or the CCPA (California Consumer Privacy Act) in the United States. The cost of this risk is zero, until the day it is not. A ransomware incident, a type of attack that hijacks data in exchange for ransom, costs a small to medium-sized enterprise between $120,000 and $350,000 on average, according to Forrester data. And in 43% of cases, the company does not fully recover in the following 12 months.
The fourth component is the most subtle: the inability to make strategic decisions based on technology data. When to invest in infrastructure? When to migrate to the cloud? When to replace equipment? Without a partner providing reports, lifecycle analyses, and cost projections, every technology decision becomes a guess. And guesses, in the long run, are expensive.
There is also an organizational component that is often overlooked: the dependence on key people without documentation. In many SMEs, the knowledge of how the infrastructure works, what the access passwords are, how the server is configured, resides in the head of a single person, whether it is the freelance technician, the "nephew who understands computers," or an employee who also takes on the IT role. If this person leaves, gets sick, or simply does not answer the phone on the wrong day, the company discovers, in the worst possible way, that it has no documentation, no control, and no backup plan.
From Reaction to Strategy: How to Address the Problem
The first step in solving the unmanaged IT problem is not technical. It is governance. The manager needs to ask a simple question to their finance team: what is the total cost of ownership of technology in this company? This includes not only contracts and subscriptions but also lost productivity hours, emergency calls, fines for non-compliance, and the opportunity cost of decisions delayed due to lack of information. In most cases, the answer will be "we don’t know." And that answer, in itself, already reveals the extent of the problem.
The second step is to understand that IT management is not synonymous with "having someone to call when something breaks." IT management, in a strategic sense, means having complete visibility of technological assets, continuous monitoring of infrastructure health, documented and reviewed security policies, and a partner capable of translating technical data into business decisions. CompTIA points out that 74% of SMEs that adopted a managed services model reported improved IT budget predictability, simply because they moved from a model of variable and unpredictable spending to a model of fixed, measurable, and planned investment.
The third step is to critically evaluate the current model. It's not about changing suppliers for the sake of changing. It's about demanding answers to questions that have probably never been asked. Questions like: is there an updated inventory of all equipment, licenses, and access? Is there an incident response plan for security breaches? Is there a replacement schedule for equipment based on its lifecycle? If the current supplier cannot answer these questions, they are not managing the company's IT. They are merely reacting to symptoms.
The fourth step, and perhaps the most important, is to assign responsibility. Someone in the company needs to be the strategic technology liaison, even if the technical work is outsourced. This person does not need to know how to configure a server. They need to know how to ask "how much does this cost," "what is the risk of not doing it," and "how does this compare to what the market practices." The absence of this figure is, in many cases, the root of all the problems listed in this study.
5 Questions Every Manager Should Ask
1. How much does your company spend per month on reactive support, ad-hoc calls, and IT emergencies? 2. Do you have complete visibility of all technology assets, licenses, and active contracts? 3. How many productive hours does your team lose each month due to recurring technical issues that never get fully resolved? 4. Who in your company is responsible for strategic technology decisions, or does that simply not exist? 5. If your current IT supplier disappeared tomorrow, would you know what is contracted, configured, and at risk?
1. How much does your company spend per month on reactive support, ad-hoc calls, and IT emergencies?
Most managers cannot accurately answer this question because the costs of reactive support are scattered. Some appear as "IT services," others as "equipment maintenance," and others as reimbursements to employees who hurriedly bought an adapter. When these amounts are consolidated, the result is often surprising. Companies that operate on an ad-hoc call model spend, according to Forrester, between 31% and 47% more per workstation than companies with continuous management contracts.
In addition to the direct financial cost, there is the opportunity cost. Every hour that a manager or key employee spends trying to solve a technical problem, negotiating with a freelancer, or waiting for a solution is an hour not dedicated to selling, serving customers, or planning growth. Reactive support is not just more expensive. It is more expensive and delivers less value.
2. Do you have complete visibility of all technology assets, licenses, and active contracts?
Visibility is the foundation of any competent management. No CFO would accept operating without knowing how many rental contracts the company has or how many vehicles make up the fleet. But when it comes to technology, it is surprisingly common for no one to know, accurately, how many software licenses are active, how many pieces of equipment are in use, which contracts are active, and which should have already been renegotiated or canceled.
The lack of an updated inventory of IT assets creates three simultaneous problems: financial waste with unnecessary licenses and services, security vulnerabilities with outdated or unprotected equipment, and the inability to plan investments rationally. Gartner highlights that simply conducting a complete inventory of digital assets generates immediate savings in 87% of the analyzed cases.
3. How many productive hours does your team lose per month due to recurring technical problems that never get resolved?
Recurring problems are the most visible symptom of unmanaged IT. The printer that jams every Monday. The system that slows down at month-end closing. The email that stops working every two weeks. In a reactive model, these problems are "resolved" repeatedly, but never definitively, because no one investigates the root cause. The solution is always a band-aid that pushes the problem to the next occurrence.
According to CompTIA, employees of SMEs without structured IT management lose, on average, 47 minutes per day dealing with technological problems. This amounts to almost 4 hours per week, or approximately 17 hours per month, per employee. For a company with 40 employees, this represents 680 hours of wasted productivity per month. Converted into salaries, this figure is a line item that should be on the radar of any financial manager.
4. Who in your company is responsible for strategic technology decisions, or does that simply not exist?
In large corporations, this responsibility belongs to the CTO or CIO. In SMEs, it often belongs to no one. Technology decisions are made in a fragmented way: the sales manager chooses the CRM, the finance department chooses the management system, the owner decides when to replace computers based on the criterion "when they can no longer be used." There is no integrated vision, no long-term planning, and no one evaluating whether the pieces fit together.
The solution does not necessarily require hiring a technology executive. It requires designating someone, either internal or external, as responsible for consolidating information, evaluating suppliers, and translating business needs into coherent technology decisions. Many companies find this role in a managed services partner that acts as an outsourced strategic IT department, with periodic review meetings and business-oriented reports.
The central point is that technology without a defined responsible party is technology without governance. And technology without governance is cost without control.
5. If your current IT provider disappeared tomorrow, would you know what is contracted, configured, and at risk?
This is the ultimate test of maturity in IT management. If the person or company that takes care of the technology disappeared, would the manager be able to answer: what are the administrator passwords? Where are the backups? Which services are in the cloud and which are local? Which contracts expire in the next 90 days? Who has access to what?
The honest answer, for most SMEs, is no. And this blind dependence on a supplier or a key person represents a serious operational risk. Not because the supplier will necessarily disappear, but because the lack of documentation and formal processes means that the company has no autonomy over its own infrastructure. It's like renting a property without having a copy of the contract.
A mature IT management model includes complete and accessible documentation of the entire infrastructure, passwords stored in digital vaults shared with the company, periodic reports of assets and contracts, and a documented transition plan. If your current supplier does not offer this, it's worth asking: who, exactly, does this lack of transparency benefit?
IT that no one manages is not a courtesy. It takes its toll in lost productivity, unmitigated risks, wasted contracts, and decisions made in the dark. The first step to changing this equation is to see the problem clearly, and the second is to demand answers that the current model likely cannot provide. If this study has raised more questions than answers about your own operation, consider scheduling a Strategic IT Diagnosis, at no obligation, with the team at Zamak Technologies.