Frequently Asked Questions
Answers to common questions about how we work, what we do, and whether we're the right fit for your organization.
About Hexaxia
What does Hexaxia Technologies do?
We're a systems engineering and IT consulting company focused on infrastructure, cybersecurity, and automation. We help organizations design, implement, and manage IT systems that support their business goals, whether that's a growing company needing their first strategic IT partner or an enterprise requiring specialized expertise.
What does "Bespoke IT" mean?
"Bespoke" means custom-made. Most IT providers sell you their preferred vendors and standardized solutions. We take a different approach: we assess your specific needs and recommend solutions that fit, even if they're not the vendors we have partnerships with. Our tagline: "Most IT providers sell you their stack. We build yours."
What does 'simpler, stronger, more capable' mean for my business?
It's the outcome we're trying to create, in that order. Simpler first, because most businesses are paying a complexity tax they didn't ask for: redundant tools, workarounds, things that should work but don't. Stronger second, because once the noise is out of the way, the systems you rely on should actually hold up under pressure. And more capable third, because when the foundation is clean and reliable, the business can do things it couldn't before. We look at every engagement through that lens. If something doesn't make you simpler, stronger, or more capable, it probably shouldn't be in the plan.
What do you mean when you say you'll tell us when we don't need you?
Exactly what it sounds like. If we look at your situation and the honest answer is that you don't need the thing you came in asking about, or that a free tool solves your problem, or that another specialist is a better fit, we'll tell you that. We've walked away from work that wasn't the right call for the client. The math is simple: we'd rather build a reputation as the company that told the truth than pick up one more engagement on a problem we weren't the right answer for. That's also why our contract has a quarterly review built in to look for things we can cut, not things we can add.
What does 'on your side of the table' actually mean in practice?
It means we don't take vendor commissions. The tools we recommend are the tools that fit your business, not the ones that send us a kickback. It means the people advising you are the people doing the work, not an account manager layered between you and the engineers. And it means when we push back on a decision, we're pushing back because we think it's wrong for your business, not because we have something else to sell you. Most of our competitors can't say any of that. That's the side of the table we sit on.
What size companies do you work with?
Small businesses that need IT to just work. Growing teams whose stack has gotten complicated. Mid-market companies that need a fractional CIO or CISO instead of a full-time hire. The common thread is founder- or owner-led businesses that want a technology partner, not a vendor. Your free hour tells us whether we're the right fit.
What industries do you serve?
We work across industries including professional services (law firms, accounting, consulting), healthcare and medical practices, manufacturing and distribution, financial services, government and public sector, and non-profits and associations. Our technical expertise applies across sectors, though we understand industry-specific compliance requirements (HIPAA, SOC 2, PCI, etc.).
Where are you located?
We're headquartered in Indianapolis, Indiana, but operate as a remote-first company. We serve clients across the United States and can support organizations wherever they're located.
How does IT complexity actually affect my bottom line?
More than most people realize. Complexity shows up as employees spending extra time on workarounds instead of their actual jobs, the same problems getting 'fixed' over and over, projects that stall because nobody fully understands how the systems connect, and vendor bills for tools that overlap or go underused. None of these show up as a single line item, which is why complexity is so easy to ignore, and so expensive over time. When we work with a company, one of the first things we do is help them see where complexity is quietly draining time and money.
Services & Capabilities
What is Managed IT Services?
Managed IT is an ongoing engagement where we take responsibility for your technology, not just fix it when it breaks. Monitoring, patching, security, helpdesk, vendor coordination. All covered on a monthly basis so your stack doesn't quietly fall behind. The alternative is break-fix: you call when something's broken and pay by the hour. Break-fix is cheaper when nothing goes wrong. It gets expensive when things do. Managed IT means someone is watching before you have to call. We become your IT department.
What services do you offer?
Our core services include Infrastructure Solutions (servers, networks, storage, virtualization), Security Architecture (firewalls, access controls, compliance), Zero Trust Implementation, Cloud & Hybrid Solutions (AWS, Azure, hybrid environments), Managed Services (ongoing support and monitoring), Systems Engineering (complex system design), and Integration & Automation.
Do you offer 24/7 support?
Support coverage depends on your service agreement. We offer various support tiers from business-hours coverage to 24/7/365 for critical systems. We'll design a support model that fits your needs and budget.
Can you work with our existing IT person/team?
Absolutely. We often augment internal IT teams rather than replace them. Your IT person handles day-to-day operations; we provide strategic planning, specialized expertise, and backup support. Many of our clients find this hybrid model works well.
Do you support Mac/Apple devices?
Yes. While our infrastructure expertise is primarily in Windows and Linux environments, we support mixed environments including Mac endpoints. Modern businesses use diverse technology, and we work with what you have.
What compliance frameworks do you work with?
We have experience with HIPAA (healthcare data protection), SOC 2 (service organization controls), PCI-DSS (payment card security), NIST 800-53/800-171 (federal security frameworks), CJIS (criminal justice information), and FedRAMP/StateRAMP (government cloud security). Compliance support is integrated into our security architecture services.
What's a fractional CIO or CTO?
It's strategic IT leadership on a part-time basis. A full-time CIO or CTO costs $200K+ in salary alone, which doesn't make sense for most companies under 500 employees. Fractional leadership gives you the same caliber of thinking (technology roadmaps, vendor evaluation, budget planning, alignment with business goals) at a fraction of the cost. We also run fractional CISO, Enterprise Architecture, and IT Financial Advisory practices for businesses that need leadership in those specific gaps. See our fractional leadership overview at /services/fractional-leadership for the full picture.
Why don't you just recommend the same tools to everyone?
Because that's how complexity builds up in the first place. Most IT providers have a standard stack they install for every client. It's simpler for them, not for you. You end up paying for features you don't need, working around limitations that don't fit your business, and locked into vendors that are hard to leave. We evaluate what you actually need and recommend accordingly, even if it means suggesting tools we don't resell. Our job is to reduce your complexity, not add to it.
What's the difference between proactive IT and break-fix?
Break-fix is exactly what it sounds like: something breaks, you call someone, they fix it, you get a bill. It's reactive, and it means you're always one outage away from a bad day. Proactive IT means monitoring, maintaining, and improving your systems continuously so problems get caught before they cause downtime. It costs more per month but typically costs far less per year, and it means your team spends their time working, not waiting for IT to come back online.
Working With Us
How do engagements typically start?
We start with a conversation, usually a one-hour call to understand your situation, challenges, and goals. If there's a potential fit, we might do a discovery session or assessment to understand your environment better. From there, we propose a specific engagement scope. No pressure, no obligation.
Do you require long-term contracts?
It depends on the service. Project work has defined scope and ends when complete. Managed services are flexible: no contract should outlast the work that pays for it, 30 days notice to part ways, no cancellation penalties. Advisory and consulting work is ongoing but can be paused. We'd rather earn your business every month than lock you into something that doesn't work.
How quickly can you start?
It depends on the engagement scope and our current capacity. For urgent needs, we can often begin within a week. For larger projects, we typically start within 2-4 weeks. We'll be honest about availability during our initial conversation.
What's your typical response time?
Response expectations are calibrated at your free hour, based on your stack and what urgent actually means for your business. We commit to numbers we can honor, not template SLAs that get broken on the first real incident. Your specific response commitments are defined in your service agreement.
Pricing & Billing
How much do your services cost?
Pricing depends on scope, complexity, and engagement model. We don't publish fixed pricing because every situation is different. Project work is scoped and quoted based on requirements. Managed services have a monthly fee based on users, devices, and service level. Advisory/consulting is hourly or retainer-based. Our initial consultation is free.
Do you offer fixed-price projects?
Yes, for projects with well-defined scope. We prefer fixed-price when possible because it aligns incentives: we're motivated to deliver efficiently, and you have cost certainty. For less-defined work, time-and-materials may make more sense.
What payment terms do you offer?
Standard terms are net-30 for invoiced work. For projects, we typically structure payments as 30-40% at project start, 30-40% at milestone, and balance at completion. We're flexible and can work with your procurement processes.
Technical Questions
What cloud platforms do you work with?
We work with all major cloud platforms: Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). We also work with hybrid and multi-cloud environments. Our recommendation depends on your requirements. We're not incentivized to push any particular platform.
Do you support remote/hybrid workforces?
Yes. Remote and hybrid work requires thoughtful infrastructure design: secure access, collaboration tools, endpoint management. We design systems that work regardless of where your people are located.
Can you help with a migration from our current IT provider?
Yes, we handle provider transitions regularly. We'll coordinate with your existing provider (or work around them if necessary), document the current environment, and manage the transition to minimize disruption.
What happens if something breaks outside business hours?
Depends on your service level. For managed services clients with 24/7 coverage, we respond to critical issues any time. For business-hours support, we have on-call escalation for true emergencies. The specifics are defined in your service agreement.
What is 'technical debt' and why should I care?
Technical debt is what builds up when IT problems get patched over instead of properly fixed. Think of it like deferred maintenance on a building: skip the roof repair long enough and eventually you're dealing with water damage, mold, and a much bigger bill. In IT, it looks like workarounds that slow your team down, systems that break every time you try to change something, and projects that take twice as long because everything is tangled together. It's one of the biggest hidden drivers of complexity in a business, and it directly erodes efficiency and profitability. We help companies identify where technical debt is costing them and build a realistic plan to pay it down.
What does 'right-sized' IT mean?
It means your technology matches your actual business needs, not undersized and not oversized. Undersized IT means outages, security gaps, and your team constantly fighting the tools instead of using them. Oversized IT means you're paying enterprise prices for capabilities you'll never use, with complexity that makes everything harder to manage. Right-sized means choosing solutions that fit where you are today and can grow with you, without paying a complexity tax for things you don't need yet.
For Technical Teams
What does your infrastructure-as-code approach look like?
We treat infrastructure the same way good software teams treat application code: version-controlled, peer-reviewed, and reproducible. Terraform for provisioning, Ansible for configuration management, and CI/CD pipelines to enforce consistency across environments. The goal isn't automation for its own sake. It's eliminating the drift and undocumented changes that make environments fragile over time. When we inherit an environment, we typically start by codifying the current state before making changes, so there's always a known-good baseline to roll back to.
What is Zero Trust, and why does it matter for my business?
Zero Trust is a security model built on one idea: don't assume anything on your network is safe just because it's already inside it. The old model treated your network like a locked building. Once you're through the front door, you can walk anywhere. Zero Trust treats every room like it has its own lock. Every user, device, and connection has to prove it belongs, every time, regardless of where it's coming from. It matters because most breaches today don't kick the front door in. They find a way inside and then move freely. Zero Trust limits that movement.
How do you approach zero trust implementation?
Incrementally. Zero trust isn't a product you install. It's an architecture you build toward. We start with identity: making sure authentication and authorization are solid, MFA is enforced, and least-privilege access is actually least-privilege. From there we work outward: network segmentation, device posture checks, encrypted communications between services, and continuous verification rather than perimeter-based trust. Most environments we walk into have some zero trust elements already in place without calling it that. We assess what's there, identify the highest-risk gaps, and build a phased roadmap rather than a forklift replacement.
How do you handle cloud migrations?
We don't treat migration as a lift-and-shift exercise unless that's genuinely the right move. We start with workload analysis: what should move to the cloud, what should stay on-prem, and what needs to be rearchitected before it goes anywhere. We evaluate against actual requirements: latency sensitivity, data residency, compliance constraints, cost modeling at realistic scale. Not just what looks good in a vendor demo. Migration happens in waves with rollback plans at every stage. We've moved workloads to AWS, Azure, and GCP, and we've also moved workloads back on-prem when the math stopped working. The right answer depends on your situation, not our preferences.
What's your approach to security architecture?
Defense in depth, but pragmatic about it. We design security controls in layers: identity, endpoint, network, application, data, so that no single failure creates a breach. But we also recognize that security has to be usable or people work around it. We base our architecture on NIST frameworks, implement logging and monitoring that actually gets reviewed, and run regular access audits. For incident response, we make sure there's a tested plan before something happens, not a scramble afterward. We're also honest about what we see: if your environment has gaps, we'll tell you directly and help you prioritize based on real risk, not fear.
Can your team work in our existing toolchain?
Yes. We're not going to walk in and replace your Git workflows, monitoring stack, or ticketing system just because we prefer something else. We adapt to your environment. If you're running Prometheus and Grafana, we'll work in Prometheus and Grafana. If you're on Azure DevOps, we'll use Azure DevOps. Where we do push back is when a tool is actively causing problems or creating security risk. In those cases we'll make a recommendation, explain why, and let you decide. We've worked across enough environments to be productive in most toolchains without a ramp-up period.
How do you handle multi-vendor and heterogeneous environments?
That's most of what we see. Pure single-vendor environments are rare in practice, especially in the mid-market. We design for interoperability from the start: standard protocols, well-documented integrations, API-first where possible. When systems don't natively talk to each other, we build the glue, whether that's middleware, custom scripts, or an integration platform. The key is making sure that glue is maintainable and documented, not a single engineer's tribal knowledge. We also keep an eye on vendor lock-in: if a tool's value comes primarily from making it hard to leave, that's a red flag, not a feature.
Getting Started
I'm not sure if I need your services. Can I just ask a question?
Of course. Reach out via our contact form or give us a call. We're happy to have a quick conversation and point you in the right direction, even if that direction isn't us.
What should I have ready for our first conversation?
Nothing required, but helpful information includes: number of employees/users, current IT setup (internal, outsourced, or hybrid), main challenges or goals, and any upcoming deadlines or pressures. Don't worry if you don't have all the details. The first conversation is about understanding your situation, not conducting an audit.
How do I know if IT complexity is a problem for my business?
A few warning signs: your team has workarounds for things that should just work, the same issues keep coming back after being 'fixed,' you're not confident you know what you're paying for across all your IT vendors, projects take longer than they should because systems don't talk to each other, or you've been told you need a major upgrade but aren't sure why. If two or more of those sound familiar, complexity is probably costing you more than you think. We offer a straightforward assessment that helps you see where the drag is and what to do about it.
What if we're not a good fit?
We'll tell you. If we're not the right solution for your needs, we'll say so and try to point you toward better options. We'd rather have that conversation upfront than waste your time (and ours).