Co-managed IT for law firms is a partnership in which a third-party provider works alongside a firm's in-house IT team, supplying tools, 24/7 monitoring, after-hours coverage, and specialized expertise that the internal team can't sustain alone.
It extends an existing IT department without replacing it, helping firms meet ABA confidentiality and competence duties as technology and threats grow more complex.
Most mid-size firms run on one or two IT staff carrying the entire firm. While those people are highly skilled, they are often stretched thin.
Attorneys expect instant fixes, partners ask for AI capabilities, the bar is tightening tech-competence expectations, and cyber insurers are asking harder questions every renewal.
Many firms think they only have two choices: fully outsource or add more internal staff. But there is another option: co-managed IT. You can keep your IT director in charge with their extensive institutional knowledge while adding coverage, tools, and expertise.
Tabush Group has spent 25 years working beside law firms and built Edge specifically for this gap.
Why Mid-Size Law Firms Struggle to Hire and Retain IT Staff
According to ISC2, the cybersecurity workforce gap reached 4.8 million unfilled positions globally in 2024. The same study reported that 90% of organizations are facing critical IT skills gaps.
There are many factors contributing to this struggle to hire and retain IT staff.
Demanding Role
A law firm's IT lead has to be all of these things at once: help desk, M365 admin, CISO, vendor manager, AV/conferencing, training coordinator, document-management admin, after-hours emergency contact. Plus, they’re juggling all of this inside a highly regulated industry where one misstep can have expensive repercussions.
Compensation Pressures
Compensation pressures make it harder to justify a new hire. Senior security engineers and M365 architects in major metros command compensation that mid-size firms cannot afford, with some expecting about $190,000, according to the 2026 Robert Half Salary Guide.
Burnout
Then there is the burnout leading to high turnover, with the average IT pro at a mid-size firm often on call 24/7 with no relief. ISC2 reports that nearly 34% of cybersecurity professionals are not satisfied with their role.
The Compounding Effect
When the only IT person takes a week of PTO, patching slips, alerts pile up, and a Friday-night ransomware alert goes unanswered until Monday. The result is an IT lead who can't take time off without the firm's security slipping, adding to burnout.
Co-managed IT was built for exactly this shape of problem.
The IT Gaps Edge Fills
When Tabush Group built Edge, we mapped it to several specific gaps we see every week inside law firms with internal IT.
1. 24/7 Security Operations Center (SOC) Coverage
Threats don't keep New York business hours. A 24/7 SOC means a cybersecurity team constantly monitors authentication logs, EDR alerts, and network anomalies to mitigate potential threats. The SOC can isolate compromised endpoints automatically and escalate the threat to the firm's IT team if action is required. Most in-house teams cannot staff this without 4–5 highly specialized FTEs.
Edge delivers it through Guardian: Managed Detection and Response, built on tooling that aligns that comply with cybersecurity standards like the NIST Cybersecurity Framework and the CIS Controls. Guardian auto-isolates threats and alerts your internal team to take the next step, so your people stop being the only line of defense at 3 a.m.
2. After-Hours Help Desk
Attorneys file from hotel rooms at 11 p.m. before a hearing. Your internal IT can't be on every Microsoft Teams chat at midnight without burning out.
Edge's End User Assist Services cover 5 p.m. to midnight ET, handling common requests like device connectivity, peripheral setup, remote access, and basic application access, so your IT director can sleep. The work that used to land on their personal cell phone now has a home, and attorneys still get answers when they need them.
3. Microsoft 365 and Azure Governance
Microsoft 365 sprawl is the silent compliance risk inside law firms. Guest access, external sharing of folders, dormant mailboxes, license drift, Conditional Access gaps, MFA exceptions, retention misconfigurations — and anyone can become a confidentiality incident.
Edge's M365 Governance provides structured management across the firm's M365 and Azure environments, optimizing licensing, improving visibility, and enforcing consistent policy and security oversight. For firms running multiple cloud applications, Overture Cloud Management brings the same coordinated control across every cloud app your firm uses.
4. Project Surge and Specialized Expertise
Every firm has two or three big technology moments a year: a server refresh, an iManage or NetDocuments migration, an office build-out, a phone-system swap, a cyber insurance remediation. Your internal IT can run them, but not while also running the day-to-day.
Edge's Flex Professional Services delivers on-demand engineers and support without a long-term staff-augmentation contract.
Every Edge engagement also includes Advisory Services and regular reporting as a baseline, so firm leadership maintains visibility. These gaps are why most co-managed engagements often pay for themselves within the first year. They prevent the failure modes that cause downtime, breaches, and rushed hiring.
Co-Managed IT vs Fully Managed IT Services
The fastest way to see where co-managed fits is side by side.
|
Co-managed IT |
Fully managed IT |
|
|
Day-to-Day IT management |
Your in-house team |
Third-party provider |
|
Best Fit |
Firms with internal IT that need more coverage or skills |
Firms with little or no internal IT |
|
What the Provider Adds |
24/7 SOC, after-hours help desk, M365 governance, project surge |
The entire IT function |
|
Control and Visibility |
Stays with your IT director |
Shifts largely to the provider |
|
Typical Driver |
Capacity, security depth, compliance support |
Replacing or standing up an IT function |
According to our 2026 Law Firm Survey, 38% of law firms are currently using co-managed IT services.
Bar and Regulator Considerations: Is Co-Managed IT Compliant?
Technology competence is now part of a lawyer's professional responsibilities.
-
ABA Model Rule 1.1 (Competence), Comment 8 - lawyers should keep abreast of the benefits and risks of relevant technology.
-
ABA Model Rule 1.6(c) (Confidentiality) - reasonable efforts to prevent unauthorized disclosure
-
ABA Formal Opinion 477R and 498 - Electronic communications and virtual practice both require informed evaluation of the technology and the vendor's policies
More than 40 states have adopted the duty of technology competence. How a firm meets these duties is a decision for the firm and its own advisors.
The right approach depends on your jurisdiction, your practice, and the data you hold. Many firms look at capabilities like 24/7 monitoring, multi-factor authentication (MFA), endpoint detection and response (EDR), encryption-in-transit and at-rest, and documented cybersecurity controls as part of how they think through these obligations.
A co-managed partner can be one resource a firm considers as it builds that picture. The responsibility to evaluate and supervise any vendor always stays with the firm.
Industry research puts the average data breach in 2025 at about $4.4 million, and the 2024 ABA Cybersecurity TechReport found 36% of firms experienced a security incident in the prior year.
That context is one reason many firms revisit their security posture, and it is where the experience behind Tabush Group's managed IT for law firms can help inform the conversation.
Disclaimer: This article is for informational purposes only and is not a substitute for legal advice on bar-rule compliance specific to your jurisdiction.
What Co-Managed IT Looks Like in Practice: A Real Firm Scenario
Picture this: a law firm of roughly 70 attorneys across several offices runs on one IT director and one help desk tech. Both are excellent, but both are stretched thin.
As tech fires appear, patching begins falling behind quarterly cycles, after-hours requests pile into a personal cell phone, and M365 guest-access policies drift.
With the use of co-managed IT services, they can get access to Guardian SOCaaS, M365 Governance, after-hours End User Assist, and standard quarterly Advisory Services with a virtual CTO (vCTO).
Within 90 days, the firm can achieve:
-
Patch compliance restored
-
MFA enforced firmwide
-
A documented Conditional Access policy implemented
-
Confidence in security
-
On-call burden reduced
One year later, the firm can see:
-
No security incidents reported
-
Cyber-insurance renewal completion without a premium increase
How to Choose a Co-Managed IT Partner for a Law Firm
Not every provider that offers co-managed IT understands law firms. Use these questions to vet one.
-
Do they have at least a decade of experience inside law firms specifically?
-
Do they leverage a 24/7 SOC with documented MDR runbooks?
-
Can they show SOC 2 Type II or equivalent attestation on the security tooling they deploy?
-
Will they provide quarterly strategic reporting to firm leadership?
-
Do they enable the internal team to maintain full visibility and override through shared tooling?
-
Can they scale after-hours and project work without re-contracting each time?
-
Are they willing to stand behind their work in a bar inquiry or insurance audit?
If you'd like a partner who can answer 'yes' to every question above, talk to our team.
Tabush Group's 360 IT Assessment is a good first step, mapping your current posture against the gaps above so you know what a co-managed engagement would need to cover.
FAQs
What Is Co-Managed IT for Law Firms?
Co-managed IT for law firms is a partnership where an external provider works alongside the firm's in-house IT team to fill specific gaps, typically 24/7 security monitoring, after-hours help desk, Microsoft 365 governance, and project-surge capacity.
The internal team keeps control of day-to-day operations; the co-managed partner supplies tools, expertise, and coverage the firm cannot economically maintain alone.
How Is Co-Managed IT Different From Fully Managed IT Services?
With fully managed IT, the external provider owns and operates the firm's entire IT function. With co-managed IT, the firm keeps its in-house IT team, and the provider supplements them.
Co-managed is the right fit when a firm already has competent internal IT but cannot cover 24/7, lacks specialized skills in areas like cybersecurity or Microsoft 365 governance, or runs into capacity walls on big projects.
How Much Does Co-Managed IT Cost For A Law Firm?
Co-managed IT for law firms is typically priced per user per month and varies by which services are included, environment size, and security/compliance requirements. Because Tabush Group's Edge is modular, a firm only pays for the services it selects, for example, Guardian SOCaaS, M365 governance, or after-hours End User Assist.
Most mid-size firms find that co-managed engagements cost a fraction of hiring a comparable second or third in-house specialist.
Is Co-Managed IT Compliant With ABA Confidentiality And Competence Rules?
Yes, when structured correctly, co-managed IT can support compliance. ABA Model Rule 1.1 (Comment 8) requires lawyers to keep abreast of relevant technology, and Model Rule 1.6(c) requires reasonable efforts to prevent unauthorized disclosure of client information.
A co-managed partner that operates a 24/7 SOC, deploys SOC 2-aligned tooling, and provides regular reporting helps a firm demonstrate the reasonable-efforts standard. The duty to supervise the vendor remains with the firm.
Will Co-Managed IT Replace Our Internal IT Staff?
No. Co-managed IT is designed to extend and elevate the internal team, not replace it. The firm's IT director keeps full visibility and authority; the co-managed partner handles specialized or after-hours functions that would otherwise burn out a small team.
Most firms see retention improve because the internal IT lead is no longer carrying the entire weight of the firm's technology alone.
How Quickly Can A Law Firm Start With Co-Managed IT?
Most co-managed engagements move from initial scoping to active coverage within a few weeks. A 360 IT Assessment is the typical first step and provides the inventory and risk picture both parties need before any tools or services are deployed. From there, security tooling and after-hours coverage can be onboarded in stages so the firm sees value early without disrupting day-to-day work.
Does Co-Managed IT Support Legal Software Like IManage Or NetDocuments?
Yes. A co-managed partner with law firm experience supports the document management, practice management, and time and billing software your firm already runs, including iManage, NetDocuments, Clio, ProLaw, and similar tools. Tabush has supported these environments inside law firms for 25 years, and Edge Co-Managed IT Services is built around the workflows attorneys actually use, not generic business IT.
What Happens If Our In-House IT Person Leaves?
A co-managed engagement provides continuity. Because the provider already runs your security tooling, monitoring, and after-hours coverage, the firm does not lose its IT function on the day an internal hire leaves. Tabush stays on as the operational backbone while the firm runs the search for a replacement, and we can also extend support during the transition through Advisory Services so the firm has senior IT input at the leadership table.
Equip Your Law Firm For Success
Want to see how peer firms are sizing their IT teams, security spend, and AI adoption? Download the 2026 Tabush Group Survey on Law Firm Technology for the full picture.
When you're ready to fill the gaps in your firm, schedule an Edge consultation to develop a co-managed plan built around the people you already have.
