A 60-person precision manufacturer just off Route 30 in Westmoreland County had a problem most owners in the region will recognize. Their one-person internal IT team was buried — resetting passwords, chasing a flaky VPN, babysitting an aging Hyper-V host — while a Tier-1 automotive customer was asking pointed questions about cybersecurity controls and CMMC readiness. The cyber insurance renewal was 90 days out, and the carrier's questionnaire now wanted MFA everywhere, EDR, and documented backup testing. None of those existed.
The CFO didn't want to hire two more technicians. She wanted predictable cost, real coverage when her IT lead took vacation, and someone who could answer the customer's security questionnaire without guessing. That's the conversation that brought them to PGH Networks looking for outsourced IT support in Greensburg, PA — and it's the conversation we have most weeks with manufacturers, professional services firms, and medical practices across the eastern suburbs.
The challenge
The environment looked fine on the surface and was fragile underneath. A short list of what we found in the first two weeks:
- Local admin rights on every workstation, no application allowlisting
- MFA on Microsoft 365 for executives only — not for the shop floor or shared mailboxes
- Backups running to a single NAS in the same building as the server, never tested for restore
- A Sonicwall three years past end-of-life
- Two former employees still active in Active Directory
- No written incident response plan, no asset inventory, no patch reporting
The internal IT lead wasn't the problem; he was competent and conscientious. He simply could not run helpdesk, projects, vendor management, and a security program by himself. And the automotive customer's questionnaire — clearly drafted with NIST 800-171 in mind — was not something he had time to interpret, let alone respond to.
When a single sick day puts payroll, ERP, and email at risk, you don't have an IT department — you have a single point of failure wearing a polo shirt.
How outsourced IT support in Greensburg, PA solved it
TL;DR: We co-managed alongside the internal lead, standardized the stack, closed the insurance and CMMC gaps, and turned IT from a daily firefight into a quarterly roadmap.
The engagement was structured as co-managed outsourced IT support, not a rip-and-replace. The internal lead kept ownership of shop-floor systems and vendor relationships he knew best. PGH Networks took over 24/7 monitoring, helpdesk overflow, security operations, patching, backup, and the compliance work.
The first 60 days focused on the insurance and customer-audit gaps in a defensible order:
- Microsoft 365 hardening — MFA enforced tenant-wide, Conditional Access, Defender for Office 365, secure score baseline documented.
- Endpoint replacement of the legacy AV with managed EDR plus 24/7 SOC monitoring.
- Immutable, offsite backups for the file server, ERP database, and Microsoft 365, with monthly restore tests on the calendar.
- Firewall replacement and network segmentation separating the shop-floor PLCs from the office LAN — a control the automotive customer specifically asked about.
- Identity cleanup: disabled accounts, privileged access tiering, and a documented joiner-mover-leaver process with HR.
- A written System Security Plan mapped to NIST 800-171 controls, ready to support a future CMMC Level 2 assessment.
In parallel, we ran a small AI-enablement pilot — Microsoft 365 Copilot for the quoting team and a private GPT trained on their internal RFQ history. That wasn't on the original scope. It came up because once the helpdesk noise dropped, the leadership team had room to think about where IT could actually move the business.
Outcomes
Nine months in, measured against their own pre-engagement baseline:
- Cyber insurance renewal completed with a premium increase under inflation, where the carrier had previously signaled non-renewal.
- The Tier-1 automotive questionnaire was returned with documented evidence rather than "we're working on it."
- Average ticket resolution dropped from multi-day to same-business-day for standard requests; after-hours incidents now have a human on them inside 15 minutes.
- The internal IT lead took an actual two-week vacation. Nothing caught fire.
- The Copilot pilot saved the quoting team meaningful hours per week on RFQ drafts — measured by them, not by us.
None of this required heroics. It required a partner who runs this playbook every month for SMBs across Greensburg, Murrysville, Latrobe, Irwin, Mt. Pleasant, and Jeannette, and who treats security and documentation as the job rather than an upsell.
Who this fits
This kind of engagement tends to fit organizations between roughly 20 and 250 employees within about 75 miles of Pittsburgh: manufacturers with shop-floor and ERP dependencies, law firms and accounting practices with confidentiality obligations, medical and dental groups under HIPAA, and professional services firms whose clients are starting to send security questionnaires of their own. If you have one or two internal IT people who are good but underwater, co-managed outsourced IT support is usually a better answer than another headcount.
Takeaway and next step
The manufacturer above didn't need a bigger IT department. They needed coverage, a security baseline they could prove on paper, and a partner who could see the next twelve months instead of just the next ticket. That's what good outsourced IT support in Greensburg, PA looks like in practice — boring in the best way, with room left over to actually use AI for something useful.
If any of the gaps in this case study sound familiar — insurance questionnaires you're guessing at, backups nobody has tested, a single IT person who can't take a real vacation — a 30-minute call with PGH Networks will tell you where you actually stand. Call our Pittsburgh office or request an assessment at pghnetworks.com, and we'll come to your site in Westmoreland County. No pitch deck.