It starts with a slow ticket, a missing laptop and a printer staging yet another tiny rebellion — the kind of problems every small business sees and understands. But behind those visible slips is a quieter, far more dangerous story: patches that didn’t run, MFA that wasn’t enforced, backups that wouldn’t restore. In this episode Noel Bradford and a panel of experts follow a simple, devastating question: if your MSP says everything is fine, what can they actually prove?

Through a sharp, practical conversation with Mit Patel, founder of Assurix, we peel back the sales decks and the polite reassurances to show how “managed IT” can mean very different things. Mit explains the difference between promises and live evidence — not certificates from three years ago, but ongoing proof that patching, EDR, backups and identity controls are working over time. Graham brings the arithmetic that spoils the cheap quote, Corinne maps the attacker’s path, and Lucy explores the trust problem buyers face when asked to pick a provider with almost no usable evidence.

Listeners are walked through the exact questions every business owner can ask without becoming a security expert: show me 90 days of patching and backup evidence; show me MFA enforcement and exceptions; explain your offboarding process and its real cost; who owns proactive maintenance and how much time do they spend on it? We hear why continuous assurance matters for cyber insurance and why a green report on one day isn’t the same as discipline over months.

The episode doesn't preach panic — it prescribes better questions and better accountability. You’ll hear concrete examples of what good looks like: enforced MFA, tested backups, measurable patch compliance, named escalation paths, fair offboarding and evidence dashboards a human can understand. And if your MSP can’t show that evidence, the episode explains why price comparisons alone are dangerous and how under-resourced security becomes a real business risk.

By the end you’ll understand the simple premise that guides the discussion: service is visible, security is invisible — until it fails. This episode arms small business leaders with a narrative and a checklist to turn vague reassurances into verifiable proof, and gives good MSPs a roadmap to show their value beyond the lowest price. Ask for evidence, not a fleece and a smile.