Frequently Asked Questions

Questions we hear from owners.

Aggregated from the questions that come up in discovery calls and on the service pages themselves. Grouped by topic. If your question is not here, get in touch.

General

  • Where are you based and who do you serve?

    CoreSouth Systems is based in Macon, GA. We serve businesses across Middle Georgia: Warner Robins, Perry, Forsyth, Fort Valley, Dublin, Milledgeville, and the surrounding counties. Our office is at 5844 Columbus Rd, Macon, GA 31206.

  • Do you serve businesses outside Macon?

    Yes. We work with businesses across Middle Georgia. We schedule on-site visits when an engagement calls for it; day-to-day support is mostly remote, which is faster anyway.

  • What size businesses do you support?

    Owner-led businesses, typically 10 to 50 users for fully managed work and 50 to 200 users for co-managed engagements. The right service model depends on whether you have internal IT to coordinate with, not just headcount.

  • What is the 60-Day Guarantee?

    During the first 60 days of a managed engagement, if you decide we are not the right fit, you can exit without penalty. The guarantee covers the early window when most fit issues actually surface.

  • How does onboarding work?

    Discovery and documentation in the first few weeks, tooling deployment and standardization next, then steady-state managed support with quarterly business reviews. The 60-Day Guarantee covers the early window.

  • How are you billed?

    Managed engagements are fixed monthly fees on a 12-month term. Project work is scoped and billed separately. We do not nickel-and-dime tickets, and our pricing page lays out what determines your number.

  • What is a discovery call?

    A 30-minute conversation about your business, your current IT, and what is or is not working. No pitch deck, no commitment. If we are a fit we move to a deeper assessment; if not, we say so.

  • Who is the team?

    CoreSouth is owner-led. The owner is in the room for the engagements we run. We do not hide behind a ticketing system, and the person you talk to during the discovery call is part of the team that does the work.

Managed IT

  • What is a managed services provider (MSP)?

    A managed services provider, or MSP, is an outside IT company that takes ongoing responsibility for a business's technology for a flat monthly fee. That includes helpdesk support, server and network management, cybersecurity tooling, backup, patching, and Microsoft 365 administration.

  • How much does managed IT cost in Middle Georgia?

    Most fully managed engagements are priced per user, per month, with the rate depending on the size and complexity of the environment. We publish our starting price and tier structure on our pricing page. The total cost varies by company, but the monthly fee is predictable and includes everything in scope.

  • Do you support businesses in Warner Robins and Perry?

    Yes. We work across Middle Georgia, including Warner Robins, Perry, Forsyth, Fort Valley, Dublin, and Milledgeville. On-site visits are part of how we work.

  • Do you require a long-term contract?

    Our fixed-fee managed engagements run on a 12-month term. Most MSPs in our market lock clients into 36-month initial agreements, which we think is a high bar to ask someone to clear before they've worked with you. The 60-Day Guarantee covers the start of any engagement, so you can see how we work before you're committed.

  • Can you help with cybersecurity?

    Yes. Cybersecurity is part of every managed engagement. We cover the fundamentals (endpoint protection, email security, multi-factor authentication) and the documentation cyber insurance underwriters now require. The dedicated cybersecurity service page goes deeper.

  • Can you help us migrate to Microsoft 365?

    Yes. We migrate businesses from on-premises Exchange, Hosted Exchange, GoDaddy email, IMAP-based providers, and Google Workspace to Microsoft 365 regularly. Migration is usually a project engagement that leads into a managed relationship.

  • Do you work with defense contractors or businesses near Robins AFB?

    Yes, where it's a fit. We're aligned with NIST 800-171 and can support businesses that need SPRS scoring and CMMC-aware controls. We're not a CMMC-certified MSP today, but we can work alongside a CMMC consultancy as the day-to-day IT provider.

  • How quickly can you respond when something goes wrong?

    Critical issues get a same-day response, typically within an hour during business hours. Standard issues are addressed within the same business day. Our monitoring catches most problems before users notice, which is the point.

  • What size businesses do you work with?

    Our primary fit is owner-led businesses with 10 to 50 users for fully managed engagements. We also do co-managed work for businesses with 50 to 200 users that already have internal IT.

  • How is CoreSouth different from other MSPs in Middle Georgia?

    We're owner-led, plain-spoken, and built deliberately to stay close to the businesses we serve. Founder John-Mark Smith is the relationship anchor. We explain things in plain language, we don't disappear behind a ticketing system, and we back the engagement with a 60-Day Guarantee.

Co-Managed IT

  • What is co-managed IT?

    Co-managed IT is an arrangement where an outside MSP works alongside a business's internal IT staff to handle specific functions, typically including senior escalations, after-hours coverage, projects, cybersecurity tooling, and vendor management.

  • How is co-managed IT different from fully managed IT?

    Fully managed means the outside provider runs IT end to end. Co-managed means the business has an internal IT person or team and the outside provider plugs in to fill specific gaps.

  • What size businesses use co-managed IT?

    Typically 50 to 200 users with at least one full-time internal IT person.

  • Do you require a long-term contract?

    Our fixed-fee managed engagements run on a 12-month term. Most MSPs in our market lock clients into 36-month initial agreements, which we think is a high bar to ask someone to clear before they've worked with you. The 60-Day Guarantee covers the start of any engagement, so you can see how we work before you're committed.

  • Will my internal IT person feel threatened by you?

    Sometimes, briefly. The pattern we see most often: internal IT is initially cautious, becomes a strong advocate within 60-90 days, and ends up wondering how they ever did the job without us.

  • Do we still control our IT environment?

    Yes. Your internal IT remains responsible for the strategic direction and the team relationship. We work alongside them, with clear lanes for what we own and what they own.

  • Can you handle after-hours emergencies?

    Yes. After-hours and weekend coverage is one of the most common reasons businesses bring us in for co-managed engagements.

  • Do you bring your own tools, or use ours?

    Mostly ours, configured to your environment. Remote monitoring, EDR, ticketing, documentation. We bring a mature toolset that would be impractical to build in-house at your scale.

  • Can co-managed evolve into fully managed?

    Yes. Some businesses start co-managed and transition to fully managed when their internal IT leaves or the workload shifts.

  • What if my IT person leaves?

    We help you bridge the gap. We've covered short-term transitions before.

Cybersecurity

  • What is managed cybersecurity?

    Managed cybersecurity is an ongoing arrangement where an outside provider takes responsibility for deploying, monitoring, and maintaining the controls that protect your business from cyber threats. It typically includes endpoint protection, email security, multi-factor authentication, security awareness training, patching, backup, and incident response readiness.

  • Will my cyber insurance underwriter be happy with what you deploy?

    Almost always, yes. The controls we deploy as standard practice (MFA, EDR, email security, training, documented backups, incident response plan) cover the core requirements on most underwriter questionnaires.

  • Do I need NIST 800-171 if I'm not a defense contractor?

    Probably not directly, but the controls overlap meaningfully with what cyber insurance and many commercial contracts now require. NIST 800-171 is a strong framework even for businesses that aren't formally subject to it.

  • What is EDR and why does it matter?

    EDR (endpoint detection and response) is a modern replacement for traditional antivirus. Instead of looking only for known threats, EDR watches behavior on each device and detects unusual activity. It can isolate a compromised device automatically, which limits damage.

  • Is multi-factor authentication really necessary?

    Yes. MFA is the single most effective control against credential theft. It's also a baseline requirement for nearly every cyber insurance underwriter.

  • What happens if we have an incident on your watch?

    We act fast and we keep you informed. Containment first, then investigation, then recovery, then a written postmortem. We coordinate with your cyber insurance carrier, breach counsel, and law enforcement if appropriate.

  • Do I need to be a Managed IT client to get cybersecurity?

    No. We deliver cybersecurity as part of Managed IT and as standalone projects.

  • Do you serve businesses in Warner Robins and Perry?

    Yes. We work across Middle Georgia, including Warner Robins, Perry, Forsyth, Fort Valley, Dublin, and Milledgeville.

Compliance & NIST 800-171

  • What is NIST 800-171?

    NIST Special Publication 800-171 is a federal cybersecurity framework that defines 110 controls for protecting Controlled Unclassified Information in non-federal systems. Defense contractors and many other federal subcontractors are required to implement these controls under DFARS 252.204-7012.

  • What is SPRS and why does it matter?

    SPRS (Supplier Performance Risk System) is the DoD system where contractors report their NIST 800-171 self-assessment scores. A current SPRS score is required for most DoD contracts that involve CUI. Scores range from -203 to 110.

  • What is CMMC 2.0?

    The Cybersecurity Maturity Model Certification (CMMC) 2.0 is the DoD's program for verifying that defense contractors have implemented cybersecurity controls. Level 1 covers FCI, Level 2 covers CUI, and Level 3 covers the most sensitive contracts. CMMC 2.0 is rolling out through DoD contract clauses in phases.

  • Are you CMMC certified?

    No. We're not a CMMC-certified MSP today and we don't market ourselves as one. We align with NIST 800-171 in how we design and operate IT environments, and we work alongside CMMC consultancies that handle certification.

  • Will hiring you get me to CMMC Level 2?

    Hiring us gets you a competent IT environment that supports CMMC Level 2 compliance. The certification itself is a separate engagement with a CMMC consultancy or C3PAO.

  • What's the difference between FCI and CUI?

    Federal Contract Information (FCI) is non-public information you handle under a federal contract. Controlled Unclassified Information (CUI) is more sensitive and triggers stricter controls. Your contract or contracting officer can clarify which applies.

  • Can you help if my prime contractor is asking about my cybersecurity?

    Yes. We help you understand what your prime is asking for, deploy the relevant controls, and produce the documentation they need to see.

  • How long does NIST 800-171 alignment take?

    Depends on where you're starting. A business already running modern infrastructure with strong baseline practices might need 30-90 days of focused work. A business starting from a fragmented environment might need 6-12 months.

  • Do you handle classified work?

    No. Classified information requires specialized facilities and clearances we don't operate. We work with CUI and FCI on unclassified systems.

Microsoft 365 & Cloud

  • How long does a Microsoft 365 migration take?

    For a typical 25-50 user migration from a single source system, four to six weeks from kickoff to cutover is realistic. The timeline depends on the source system, mailbox sizes, file storage volumes, and how much cleanup happens along the way.

  • Can you migrate us from GoDaddy email to Microsoft 365?

    Yes. We migrate from GoDaddy regularly. The process includes setting up the M365 tenant, configuring DNS, migrating mailboxes (with some history limitations depending on the GoDaddy plan), and decommissioning the old system.

  • Can you migrate us from on-premises Exchange to Microsoft 365?

    Yes. Exchange migrations are a recurring engagement for us. Hybrid migrations preserve mailbox history and let us cut over in stages.

  • Can you migrate us from Google Workspace to Microsoft 365?

    Yes. We migrate mail, calendars, contacts, and Google Drive content with established tooling.

  • Do I need backup for Microsoft 365?

    Yes. Microsoft is responsible for the platform's availability. You're responsible for your data. Accidental deletion, malicious deletion, ransomware, and account compromise are all your problem to recover from.

  • Should we be using Teams, SharePoint, and OneDrive together?

    Usually yes, and they need to be configured to work together. Most businesses we meet are using a fraction of what they're paying for.

  • What's Intune and do I need it?

    Intune is Microsoft's device management platform. It lets you push policies, deploy apps, enforce security baselines, and manage devices remotely. For most businesses with 25+ users, it's worth deploying.

  • What licenses should my business be on?

    The right answer depends on your size and your security and compliance needs. We help you right-size during onboarding.

  • How do you handle DNS during a migration?

    Carefully. We document the existing DNS, plan the changes, schedule cutover for minimal disruption, and keep the old environment alive long enough to confirm the new one is working.

Server & Network Infrastructure

  • Do you still support on-premises servers?

    Yes. We design, deploy, and maintain Windows Server environments, including Active Directory, file and print servers, application servers, and virtualization.

  • What kinds of networks do you work on?

    Small to mid-sized business networks with managed switches, business-grade firewalls, enterprise wireless, and multi-site connectivity.

  • Can you help with a server refresh?

    Yes. We design replacements that fit the workload, plan the migration to minimize downtime, and document the new environment.

  • Do you do Remote Desktop Services and FSLogix work?

    Yes. RDS design and FSLogix profile container deployments are areas of specific expertise.

  • What's RDS and why might my business need it?

    Remote Desktop Services lets users access a centralized server environment from any device. It's useful for businesses with shared applications, contractors needing controlled access, mobile staff who need consistent performance, and environments where standardizing the user experience matters.

  • What's FSLogix?

    FSLogix is a Microsoft profile container technology that solves the long-standing problem of slow login and inconsistent user experience in RDS and virtual desktop environments.

  • Do you support multi-site businesses?

    Yes. Site-to-site VPN, SD-WAN, LTE/5G failover, point-to-point wireless, and centralized management.

  • Can you support hybrid cloud environments?

    Yes. We run hybrid environments where the workload calls for it (some Azure, some on-prem) and design migrations between them when it makes sense.

  • Do you do cabling?

    Light cabling work where it integrates with a project. Heavy structured cabling we'll coordinate with a specialist. We're not a low-voltage shop.

  • Do you sell hardware?

    We resell when it makes sense for the project. We're not a hardware-resale business and we'll tell you when buying direct is cheaper than buying through us.

Industry-specific questions

Construction & Specialty Trades

  • What kinds of construction businesses do you support?

    General contractors, mechanical contractors, electrical, plumbing, HVAC, and specialty trade contractors. Owner-led businesses with 10-50 users for fully managed work, 50-200 users for co-managed.

  • Do you support project management and construction accounting software?

    We support the IT infrastructure these applications run on and coordinate with their vendors on application-specific issues.

  • Can you help with jobsite Wi-Fi and connectivity?

    Yes. LTE/5G failover, site-to-site VPN, point-to-point wireless, and hardened jobsite networking are part of our infrastructure work.

  • What is the typical onboarding process for a construction client?

    Discovery and documentation in the first few weeks, tooling deployment and standardization next, then steady-state managed support with quarterly business reviews. The 60-Day Guarantee covers the early window.

  • Can you help us prepare for a cyber insurance renewal?

    Yes. We deploy the controls underwriters require and produce the documentation your renewal questionnaire needs.

Wholesale Distribution

  • What kinds of distributors do you support?

    Owner-led wholesale distributors with 10-50 users for fully managed work, 50-200 users for co-managed. Industries vary; the IT patterns are similar.

  • Do you support ERP and warehouse management systems?

    We support the IT infrastructure these systems run on and coordinate with the application vendors on application-specific issues.

  • Can you help with multi-site networking?

    Yes. Site-to-site VPN, SD-WAN, LTE/5G failover, and centralized management for distributors with multiple warehouses or branch offices.

  • Do you handle warehouse Wi-Fi?

    Yes. We do site-survey-driven warehouse wireless that actually covers the floor and keeps barcode scanners working.

  • Can you help with EDI?

    We support the infrastructure your EDI platform runs on. The mapping and integration work itself is typically handled by your EDI provider; we coordinate and troubleshoot the IT side.

  • Are distributors really a ransomware target?

    Yes. Distribution is consistently in the top-targeted industries for ransomware because the operational pressure to pay is so high. We deploy layered defense designed for exactly this risk profile.

Architecture & Engineering

  • What kinds of A&E firms do you support?

    Architecture firms, civil engineering firms, structural engineering, mechanical, electrical, and plumbing (MEP) engineering, surveying, building inspection, and related professional services firms. Owner-led businesses, typically 10-50 users for fully managed work.

  • Do you support CAD and BIM platforms?

    We support the IT infrastructure CAD and BIM platforms run on (workstations, networks, file storage, collaboration tools) and coordinate with the application vendors on application-specific issues.

  • Can you help with federal contract compliance?

    Yes. NIST 800-171 alignment is part of our service catalog. For firms with full CMMC certification needs, we work alongside CMMC consultancies.

  • How do you handle large-file collaboration?

    With deliberate network and storage design. The exact approach depends on whether your team is single-office, multi-office, or distributed; whether you collaborate primarily with internal staff or external consultants; and the size and complexity of your project files.

  • Can you help with project archive management?

    Yes. Tiered storage strategies that keep recent projects on fast storage and older projects on cost-efficient storage, with appropriate retention and recovery practices.

  • What about workstation refreshes?

    A&E workstations have a lifecycle that's tied to project demands and software requirements, not generic three-year corporate cycles. We help you plan refreshes that match how the firm actually uses them.

Agribusiness

  • What kinds of agribusinesses do you support?

    Ag suppliers, processors, packers, equipment dealers, and ag-services firms. Owner-led businesses, typically 10-50 users for fully managed work, 50-200 for co-managed.

  • Can you support multi-site rural operations?

    Yes. Site-to-site networking, rural connectivity options, and centralized management are part of our standard infrastructure work.

  • Do you support seasonal user-count flex?

    Yes. We help structure licensing and infrastructure to handle seasonal swings without paying year-round for peak capacity.

  • Can you help with legacy back-office systems?

    Yes. We support legacy platforms where they're still in place and help build the modernization roadmap when it's time to move.

  • Do agribusinesses really need cybersecurity?

    Yes. Ransomware operators don't avoid agribusiness, and cyber insurance and customer-driven security requirements are increasingly applied. The right layered defense isn't optional anymore.

Aviation & Airports

  • What kinds of aviation businesses do you support?

    Small airports, fixed-base operators (FBOs), flight schools, aviation maintenance shops, and aviation-adjacent businesses. Owner-led and director-led operations across Middle Georgia.

  • Do you handle multi-building campus networks?

    Yes. Admin offices, hangars, FBO terminals, fuel operations, and maintenance facilities connected reliably and securely is part of our standard infrastructure work. Site-to-site connections, point-to-point wireless, and proper segmentation.

  • Can you help with cybersecurity for aviation operations?

    Yes. The standard layered defense (EDR, email security, MFA, security awareness training, verified backups, incident response readiness) plus the documentation that supports aviation operational and regulatory requirements.

  • Do you support aviation-specific software?

    We support the IT infrastructure aviation software runs on (workstations, networks, servers, cloud) and coordinate with the application vendors on application-specific issues.

  • What about FAA-regulated systems or specialized aviation security technology?

    We coordinate with specialized providers where those systems are in scope, with clear lanes between general business IT (our work) and specialized aviation IT (theirs).

  • Can you help with internet failover for aviation operations?

    Yes. Multi-ISP designs, LTE/5G failover, and proper redundancy are part of our network work for aviation clients where uptime matters operationally.

Didn't see your question?

The conversation covers what the page can't.

Talk With A Local IT Expert