Switching IT providers: how to skip the 3-month handoff nightmare

We've inherited environments from other MSPs a dozen times. The pattern is almost always the same: passwords stored in someone's head, network diagrams that don't exist, and firewall rules nobody can explain. A clean handoff should be part of any managed IT engagement.

The worst one was a medical office. Previous provider left with two weeks notice. No documentation. Admin credentials for the domain controller were written on a sticky note inside a server cabinet — except someone had thrown it away during an office cleanout. It took us four days just to regain access to their own systems.

When we onboard a client, the first thing we do is document everything like we're going to hand it off tomorrow. Credentials in a vault, network maps, escalation paths, vendor contacts. If a client ever leaves us, they walk away with a binder — metaphorically — that any competent IT team can pick up and run with.

If your current provider can't hand you a complete asset and credential list on 48 hours notice, that's a red flag worth paying attention to. This expectation aligns with the NIST Cybersecurity Framework emphasis on asset visibility and governance.