Switching IT service providers: process, risks and a smooth handover without downtime

Changing providers takes effort and should happen for the right reasons. Common, defensible triggers are slow or non-binding response times for incidents, the lack of dedicated contacts, opaque billing, an outdated or undocumented infrastructure, and unresolved security and compliance issues the current partner fails to address.

Equally typical are growth or structural changes: new locations, a generational change in IT leadership, higher demands on availability and data protection, or a move toward cloud and cross-site working. If the existing provider cannot keep pace technically or in terms of staffing, a switch is objectively justified.

Before deciding, honestly assess whether the problem lies with the provider or with unclear expectations, missing service-level agreements or too tight a budget. Some friction can be resolved through a clarifying conversation and sharper service descriptions, which is cheaper and faster than a full switch. But if trust is permanently broken or the technical foundation is not future-proof, the benefit of an orderly fresh start outweighs the effort.

The switch breaks down into five phases. First, the inventory: a complete record of all servers, network components, licenses, cloud services, domains, certificates, contracts and access credentials forms the basis. Without this inventory, no switch can be planned without gaps.

Second, selection and engagement: the new provider reviews the environment, identifies risks and produces a takeover and migration plan with responsibilities, sequence and target dates. Third, the handover: knowledge, documentation and access are transferred in a controlled way. Fourth, the cut-over, the actual switch-over moment, ideally in a maintenance window with low business load. Fifth, stabilization: heightened attention during the first days and weeks until regular operation is demonstrably stable.

A parallel phase has proven effective, in which critical services are temporarily available in duplicate or the old provider remains on standby. This preserves a defined fallback point should anything unexpected occur at cut-over. The overlap costs a little more in the short term but significantly reduces the risk of downtime, usually the cheapest insurance in the entire project.

Outages almost never stem from the technology itself, but from a lack of knowledge about that technology. The most important safeguard is therefore complete, up-to-date documentation: network diagrams, IP addresses, firewall rules, the backup concept, recovery plans, license records and, most critically, an orderly handover of all administrative access and passwords.

Schedule sensitive steps in a maintenance window outside core working hours. Migrate less critical systems first, gather experience, and only switch business-critical services such as mail, ERP or telephony once the procedures are proven. For each migration step, define in advance how success is measured and at what point a rollback is triggered.

Do not forget external dependencies. DNS entries, email routing, domain ownership, SSL certificates and connections to banks, suppliers or authorities often hinge on access only the previous partner knows. These items belong on the list early, because resolving them takes lead time and a forgotten DNS or certificate change is among the most common avoidable disruptions.

The biggest risk is an uncooperative incumbent who releases access reluctantly, incompletely or late. Counter this by fixing the duties to cooperate and a handover date in writing, and by requesting the key credentials as early as possible, not just before the cut-over.

A second risk is knowledge gaps: undocumented quirks, legacy issues or special solutions recorded nowhere. A joint handover workshop helps here and, where needed, a contractually agreed obligation for the previous partner to cooperate beyond the cut-over date. A third risk concerns data and backups: before final shutdown, ensure all data is migrated, validated and secured in a tested backup under your control.

Also consider the legal side: a switch involves processing personal data, so a current data processing agreement with the new provider is part of it. Pay attention to where your data is stored as well. A provider with data centers in Germany - ITS AG operates two geo-redundant sites in Frankfurt am Main - noticeably simplifies compliance with data protection and regulatory requirements.

First check your existing contract: notice period, minimum term, automatic renewal and any special termination rights. Determine the earliest possible termination date and plan the switch so that you do not pay twice in parallel while the migration is still incomplete.

Pay attention to data return and cooperation after the contract ends. Ideally the old contract obliges the provider to return data, documentation and access in an orderly, reusable standard format. If such a clause is missing, negotiate the handover early and in writing to avoid later blockages.

For the new contract, define clear service levels: incident response times, availability, escalation paths and dedicated contacts. Binding, measurable commitments are the core of a dependable provider relationship. ITS AG typically responds to incidents in under 30 minutes on business days, confirms receipt within two hours and replies personally within one business day, via a dedicated contact rather than an anonymous hotline.

Duration depends on complexity. A manageable environment with few servers and clear documentation can often be handed over within [to be confirmed: a few weeks]. With multiple sites, custom line-of-business applications or a pending cloud migration, [to be confirmed: several months] is realistic. The cut-over itself sits in a short maintenance window; the lead time for planning and handover accounts for the larger share.

On costs, distinguish the one-off takeover and migration effort from the ongoing service afterward. One-off costs cover analysis, handover, migration and, where applicable, the parallel phase. Reputable quotes itemize these positions transparently rather than offering a lump sum without a defined scope. Concrete figures depend heavily on the individual case and should be determined in an initial consultation based on the inventory.

Weigh the benefit: an orderly switch costs lead time but permanently reduces the risks of downtime, opaque billing and outdated technology. A short parallel phase is usually the most economical safeguard, with marginal extra cost compared to an unplanned outage of business-critical systems.

Before cut-over you should have ticked off: a complete inventory of all systems, licenses and contracts; secured and tested backups under your control; an orderly handover of all administrative access and passwords; clarified ownership of domains, DNS and certificates; and a current data processing agreement with the new provider.

Add the organizational items: a written migration plan with sequence, owners and target dates; a defined fallback point for each critical step; a maintenance window with informed business units; named contacts on both sides during the switch-over; and a planned stabilization window with heightened attention after the cut-over.

Finally the contract view: notice period observed, data return and incumbent cooperation arranged, new service levels agreed in writing. Clearing these points before the cut-over reduces the risk of downtime to a minimum and turns the switch into a controlled project rather than a leap into the unknown.