Menu
English

Open Circle AG – Zurich
Freilagerstrasse 32
8047 Zürich

Open Circle AG – Bern
Lagerhausweg 30
3018 Bern

English
Back
Back
Back
Blog

IT outsourcing: make or buy?

Mann erklärt junger Frau etwas am Computer.

Opinions are divided on the topic of internal vs. external IT. Some entrepreneurs prefer to keep everything in-house, while others rely on the expertise of IT service providers. At first glance, in-house solutions seem simpler, but this can be misleading—especially when it comes to financial aspects. Here you can find out what advantages both approaches offer and whether a hybrid solution might also be a good option.

The most important points in brief

  • Many entrepreneurs shy away from IT outsourcing. The reasons range from the often high initial costs to security and transparency to dependencies.
  • On closer inspection, it becomes clear that all these problems can occur unnoticed with internal solutions and in typical employment relationships.
  • External service providers, on the other hand, usually take immediate action to remedy them.
  • Nevertheless, there are various arguments in favor of a hybrid model—a mix of internal and external IT specialists can also be financially advantageous.
  • In-house specialists are particularly suitable for day-to-day IT tasks, while outsourcing is ideal for larger projects and implementations.

Table of contents

The 5 most common statements and arguments against IT outsourcing

There are many arguments against using external service providers. At first glance, they often sound more convincing than upon closer inspection.

1. Internal staff understand the processes

Your own IT staff know exactly how everything works: they helped build your IT landscape, work with its weaknesses, and know all the workarounds. External service providers would first have to familiarize themselves with everything, which takes time.

That’s true, to a certain extent. On the other hand, external service providers have a lot of experience in familiarizing themselves with unfamiliar IT landscapes. They also recognize opportunities for improvement and potential risks, enabling them to make your IT more secure and modern.

2. External IT service providers are expensive

At first glance, the daily rates charged by external IT service providers appear high. However, a comparison with the actual costs of an internal IT department shows that this also incurs considerable expenses due to various factors:

  • IT specialists are in high demand on the job market, which means that salaries are correspondingly high and staff turnover is high. Recruiting and training cost time and money.
  • Whenever your company wants to use new hardware or software, you have to provide further training for your IT staff.
  • Absences due to illness, vacation, or parental leave also incur costs.

In addition, there may be periods when your IT department has little workload. You still have to pay your employees during these periods. External service providers not only provide transparent billing, but also scale their services in both directions as needed.

IT professionals are generally scarce, and hiring them is expensive.

3. I don’t want dependency

You can easily prevent dependency on external service providers — even more easily than with employees: In everyday work, all employees usually perform their daily tasks without question as long as everything is running smoothly. Many employed IT experts do not document every step of their work.

The result: they themselves know exactly what they are doing, but no one else can understand it. This leads to a gradual development of dependency on individuals. Only in the event of prolonged illness or (worse still) after a resignation does the full extent of this development become apparent.

With external service providers, you can actively reduce dependencies from the outset: Where possible, rely on open-source solutions or products that can be migrated from one provider to another without great effort. Also, look for open standards instead of proprietary technologies, secure contractual access to data and documentation, and keep central architecture decisions within your own company. This will keep your systems flexible and give you the necessary entrepreneurial freedom.

4. The problem with transparency

When outsourcing their IT, many companies worry that they will lose track of what is going on. What do external service providers actually do all day? Do they work efficiently or do they bill for unnecessary hours? And will we even know if problems arise?

This concern is understandable, but in practice it applies more to internal IT departments: Internal IT employees work independently and without formal reporting obligations. Between projects, support requests, and meetings, there is often no time for structured documentation. How long tasks took, which decisions were made and why – this often remains unclear. Not out of malice, but because it gets lost in day-to-day business.

Professional IT service providers value transparency in their work:

  • Regular status reports on work performed
  • Detailed time sheets with specific descriptions of activities
  • Documented solutions and reasons for technical decisions
  • Clear contact persons and escalation paths

The result: you know at all times what is being worked on, how long it will take, and what it will cost. Especially in a technically complex area, this structure creates the control that many fear they will lose when outsourcing – while it often does not even exist in internal IT.

 

Professional IT service providers are ISO certified

5. The security of sensitive data

Entrusting sensitive company data to external service providers is the biggest hurdle for many decision-makers when it comes to IT outsourcing. And rightly so: data security and compliance are business-critical.

That is precisely why professional IT service providers work with stricter security standards than many internal IT departments:

  • Certifications (ISO 27001, ISO 27017, ISO 27018) with regular internal and external audits
  • DSG and GDPR-compliant contracts with order processing agreements (ABV)
  • Dedicated security and compliance teams that monitor changes in legislation
  • Contractually defined liability in the event of security incidents
  • Regular penetration tests and security updates

Internal IT departments often do not have these resources: Security is one of many tasks alongside day-to-day business. New regulations, patches, or compliance requirements can be overlooked. Not out of negligence, but due to lack of time and expertise.

What’s more, for external service providers, security is not just a technical necessity, but essential to their business model. A single security incident can destroy their reputation, so they invest heavily in prevention.

This speaks in favor of employing external IT service providers

It is clear that there are many arguments in favor of IT outsourcing:

  • Greater security
  • Access to expert knowledge that is lacking within the company
  • Independence from the labor market
  • Scalability as needed
  • Predictable costs

Many of the points mentioned here coincide with the arguments for operating the cloud in professional data centers. Make or buy is often a question of professionalism and priorities.

The perfect interplay between internal and external IT

Many companies successfully rely on a hybrid model that leverages the strengths of both approaches: Internal IT staff are familiar with the corporate culture, established processes, and internal specifics. They are the point of contact for everyday support requests and maintain established systems. Their knowledge of company-specific processes and terminology is valuable for continuity in day-to-day business.

External IT service providers, on the other hand, offer advantages that internal teams cannot provide structurally:

  • Specialized expertise for complex projects and transformations
  • Up-to-date certifications and expertise in new technologies
  • Scalable resources for projects or peak loads
  • Transparent billing and structured documentation
  • An independent view of existing IT structures

Collaboration works best when internal employees act as an interface: they explain the specifics of the IT landscape, identify potential for improvement, and ensure that external expertise is used in a targeted manner.

The result: a lean internal team for operational stability, supplemented by external specialists for strategic projects – without the fixed costs of a large IT department.

Conclusion: Don’t be afraid of the hybrid model

The most common concerns about IT outsourcing are costs, loss of control, lack of transparency, and security risks. These concerns do not apply to professional service providers. On the contrary: structured documentation, contractual safeguards, and specialized expertise often offer more security and control than an internal IT department.

The decision to outsource is not an either/or question, but a strategic consideration: In which areas can you benefit from external expertise, scalability, and transparency?

The next step: analyze your current IT situation. Which areas cause recurring problems? Where is expertise lacking? Where does IT management take up time that should be spent on your core business? A professional IT service provider can show you the potential that outsourcing offers your company in a non-binding initial consultation.

 

Get in touch

Request a non-binding quote for IT outsourcing

Would you like to compare costs? We would be happy to show you the potential benefits of hybrid outsourcing for your business. Request your no-obligation quote today.

Contact us now

Author

Stefan Escher

CEO

You may also be interested in

31. January 2026 Why open source is just as secure as closed source This blog article classifies common security assumptions and shows why open source and security are not mutually exclusive. To the article IT security & access, IT infrastructure, Technology
20. January 2026 Why the cloud is operated in professional data centres This article highlights the advantages of professional data centres over local server operation at the customer's site. To the article IT infrastructure, Cloud & communication
02. October 2025 Risks associated with using AI tools: How to use tools in everyday business life We highlight the five biggest risk areas when using AI tools and show what measures companies need to take. To the article IT security & access, IT infrastructure, Workplace solutions, Cloud & communication
Get advice