Whose Network Is It, Anyway?
A prospect asked us this recently. Their company runs on Microsoft 365: Teams, Outlook, SharePoint, OneDrive, the entire stack.
So why had their MSP deployed Cisco Duo, a third-party authentication platform, on top of all of it?
Their team was now juggling a separate authentication app, separate credentials, and a layer of complexity nobody could justify. The MSP’s explanation was simple: Cisco Duo is what they support. That’s the answer of an MSP that’s optimizing for itself. The question to ask isn’t “is my IT provider managing our technology?” It’s “are they managing it for us, or for them?”
The MSP Toolbox Problem
Most MSPs choose their tools for their own convenience first and the client’s needs second. RMM platforms, security suites, MFA, backup: they’re picked because they fit the MSP’s internal workflows, vendor margins, and the certifications its technicians already hold.
That isn’t inherently bad. Standardization makes an MSP more efficient, and efficiency benefits clients too. The problem starts when the toolkit becomes the answer to every question, regardless of what’s actually in the client’s environment.
Cisco Duo is a useful product. For a mixed environment with some Google Workspace, some Microsoft, legacy line-of-business apps, and third-party SaaS, its platform-agnostic design is a real advantage. For a Microsoft-only shop, it’s an expensive duplication of capabilities the client already owns.
KEY FACT: Microsoft Entra MFA is included at no additional cost in every Microsoft 365 Business subscription. Organizations on Microsoft 365 Business Premium also receive Entra ID P1, which unlocks Conditional Access — granular, policy-based security controls built natively into the Microsoft environment they already use.
Recommending Duo to a Microsoft 365 organization typically adds $3–$9 per user per month in licensing. For a 50-person company, that’s $1,800 to $5,400 a year, paid to duplicate capabilities the client already owns and to add an integration layer the Microsoft tools didn’t need.
On the technical merits, Microsoft Authenticator and Entra Conditional Access integrate natively with every Microsoft 365 service. They share the same identity fabric as Teams, SharePoint, and Azure. They feed Microsoft’s Identity Protection engine, which analyzes sign-in telemetry across Microsoft’s global cloud to flag anomalous behavior. They support passwordless sign-in, FIDO2 hardware keys, and Windows Hello biometrics. For a Microsoft-first organization, that’s the more sensible architecture.
Technology Built Around the Business
Electronic Office has been serving businesses in North Carolina and the surrounding region since 1981. Over four decades, we’ve watched mainframes, client-server, the internet, the cloud, mobile, and now AI come and go. We’ve watched vendors and platforms rise, consolidate, and fade.
One pattern has held throughout: the businesses that get the most from their technology are the ones whose IT is built around their actual operations and users, not around their MSP’s preferred vendor list.
That’s how EO works. Before we recommend any tool or configuration, we spend time understanding the business itself. The specifics differ by client, but the work consistently includes:
- Talking with your team. From the front desk to the executive suite, about the technology they use every day, what frustrates them, what slows them down, and what they wish worked differently. User friction is a cost that never shows up on an invoice but is real all the same.
- Mapping your industry’s regulatory landscape. Whether you’re in healthcare (HIPAA), financial services (GLBA, SOC 2), government contracting (CMMC), or another regulated sector, your architecture has to account for those requirements as a design input, not an afterthought.
- Auditing what you already own. Most organizations are paying for capabilities they aren’t using. Microsoft 365 Business Premium, for instance, includes Intune, Defender for Business, Entra ID P1, and Purview, all of which sit unactivated in most deployments we audit. Before recommending anything new, we work through what you already have.
- Identifying the business outcomes that matter. Security for its own sake isn’t a strategy. Reducing downtime is only valuable if downtime was actually costing you something. Our conversations focus on outcomes that move the business: lower risk, faster processes, better employee experience, healthier cash flow, an environment that supports growth instead of constraining it.
Most clients are paying for security tools they aren’t using. Part of our job is unlocking value they’ve already bought.
What It Means to Be a Microsoft Expert Partner
lectronic Office holds Microsoft’s Expert Partner designation, which requires verified expertise across the Microsoft product portfolio, ongoing certification, and demonstrated deployment experience across multiple industries.
For a Microsoft-native business, that matters in practical terms. It means EO architects your network, identity infrastructure, security posture, and collaboration tools with detailed knowledge of how Microsoft’s products are designed to interoperate, and how to configure them for your specific environment.
For a Microsoft-native organization, this approach delivers advantages a third-party-tool MSP can’t match:
- Unified identity. A single identity platform governs access to every Microsoft service — email, files, applications, meetings, cloud resources — under one coherent set of policies.
- Deep Conditional Access control. With Entra ID P1 (included in Business Premium), EO can define granular access policies based on user identity, device health, location, application risk, and sign-in behavior. Zero-trust architecture applied to your actual environment.
- Native device management. Microsoft Intune, also included in Business Premium, lets EO enforce device compliance as a condition of network access. Only managed, up-to-date, policy-compliant devices reach sensitive resources.
- Frictionless user experience. When security tools are native to the platform your team uses every day, they’re invisible in the right way. Users authenticate once and access everything they need.
- No redundant licensing. Every dollar spent duplicating a Microsoft capability you already own is a dollar that could fund a real business priority.
A client-centered MSP starts from what you already own and what you actually need, and designs around the overlap.
The EO Model: Advisory First, Technology Second
he company we mentioned at the top didn’t just have a Duo problem. They had an advisor problem. Their MSP had never asked the questions that would have produced a better architecture. They deployed the tools they knew, collected the monthly fee, and moved on.
EO works differently. We start with the business, its model, its constraints, its goals, and design the technology to serve it. Technology is a means, not an end.
When EO takes on a new client, we begin with an assessment across four dimensions:
- Your current technology environment. What do you have, what is it costing you, and how well is it serving your people? We look at everything from licensing tier to backup architecture to the security configurations that are or aren’t in place.
- Your people and their workflows. We talk to actual users across departments, not just IT administrators. The support team member losing 20 minutes a day to authentication friction has just as important a perspective as the CFO assessing risk.
- Your industry and its requirements. EO has worked across healthcare, government, manufacturing, professional services, and education, the industries that dominate Western North Carolina’s economy. That experience shapes our architecture recommendations.
- Your business goals and growth trajectory. Technology investments need to be evaluated against a return. What is the cost of downtime? What is a faster, more secure remote work environment worth? What does it mean for cash flow to eliminate $5,000 a year in redundant licensing while improving security posture at the same time?
The output of this assessment isn’t a quote for services. It’s a roadmap: where you are now, where you should be, and a prioritized, cost-justified path between them.
The Real Cost of the Wrong MSP
he hidden costs of a provider that designs technology for its own convenience are significant, and most of them are invisible until something breaks.
The direct costs are the easy ones to see: redundant licensing, tools that duplicate capabilities you already pay for, configurations that need extra maintenance.
The indirect costs are harder to quantify but often larger. User friction erodes productivity. Security configurations that look impressive on paper create enough complexity to discourage adoption.
Then there’s the strategic cost: a technology environment shaped by your MSP’s vendor relationships rather than your business priorities, which makes it harder to grow, adapt, or modernize.
And the opportunity cost. Every minute spent on why your authentication app behaves differently from your email is a minute not spent on how technology could actually move the business forward.
CONSIDER: A 50-person Microsoft 365 organization paying $3 per user per month for Cisco Duo Essentials is spending $1,800 a year on MFA Microsoft already provides natively, and is probably not using the Conditional Access and Identity Protection capabilities their Business Premium license already includes. That $1,800 could fund two months of additional security monitoring, a business continuity review, or an AI governance framework. The decision wasn’t made by the client. It was made by the MSP.
44 Years of Trust. One Question.
Electronic Office has been serving businesses in North Carolina since 1981. We’ve kept that work by asking one question on every engagement: Is this the right answer for this business, or is it just the easiest answer for us? That question gets asked less often in this industry than it should. What we keep seeing in audits is the result: clients paying for the wrong tools, configured the wrong way, by providers who optimized for their own efficiency. You deserve an IT partner who knows your industry, who works through what you already own before recommending anything new, and who builds the environment around your business rather than around a vendor list.
If anything in this article sounded familiar, if you’ve ever wondered whether your IT is designed for you or for your provider, we’d welcome the conversation.
Find Out What EO Can Do for You
Electronic Office offers complimentary IT and security assessments for businesses across Western North Carolina, East Tennessee, and Upstate South Carolina. We’ll review your current environment, identify what you already have that you may not be using, and give you an honest read on where your technology is helping the business and where it’s getting in the way.
No sales pressure. No obligation. Just clarity.
