Frequently Asked Questions
Answers to common questions about how we work, what we do, and whether we're the right fit for your organization.
About Hexaxia
What does Hexaxia Technologies do?
We're a systems engineering and IT consulting company focused on infrastructure, cybersecurity, and automation. We help organizations design, implement, and manage IT systems that support their business goals, whether that's a growing company needing their first strategic IT partner or an enterprise requiring specialized expertise.
What does "Bespoke IT" mean?
"Bespoke" means custom-made. Most IT providers sell you their preferred vendors and standardized solutions. We take a different approach: we assess your specific needs and recommend solutions that fit, even if they're not the vendors we have partnerships with. Our tagline: "Most IT providers sell you their stack. We build yours."
What size companies do you work with?
We work with organizations of all sizes: growing companies (10-100 employees) needing managed IT services, established mid-market companies (75-500 employees) needing fractional IT leadership and co-managed support, enterprises (250+) requiring specialized consulting, and government agencies at federal, state, and local levels.
What industries do you serve?
We work across industries including professional services (law firms, accounting, consulting), healthcare and medical practices, manufacturing and distribution, financial services, government and public sector, and non-profits and associations. Our technical expertise applies across sectors, though we understand industry-specific compliance requirements (HIPAA, SOC 2, PCI, etc.).
Where are you located?
We're headquartered in Indianapolis, Indiana, but operate as a remote-first company. We serve clients across the United States and can support organizations wherever they're located.
How does IT complexity actually affect my bottom line?
More than most people realize. Complexity shows up as employees spending extra time on workarounds instead of their actual jobs, the same problems getting 'fixed' over and over, projects that stall because nobody fully understands how the systems connect, and vendor bills for tools that overlap or go underused. None of these show up as a single line item, which is why complexity is so easy to ignore, and so expensive over time. When we work with a company, one of the first things we do is help them see where complexity is quietly draining time and money.
Services & Capabilities
What services do you offer?
Our core services include Infrastructure Solutions (servers, networks, storage, virtualization), Security Architecture (firewalls, access controls, compliance), Zero Trust Implementation, Cloud & Hybrid Solutions (AWS, Azure, hybrid environments), Managed Services (ongoing support and monitoring), Systems Engineering (complex system design), and Integration & Automation.
Do you offer 24/7 support?
Support coverage depends on your service agreement. We offer various support tiers from business-hours coverage to 24/7/365 for critical systems. We'll design a support model that fits your needs and budget.
Can you work with our existing IT person/team?
Absolutely. We often augment internal IT teams rather than replace them. Your IT person handles day-to-day operations; we provide strategic planning, specialized expertise, and backup support. Many of our clients find this hybrid model works well.
Do you support Mac/Apple devices?
Yes. While our infrastructure expertise is primarily in Windows and Linux environments, we support mixed environments including Mac endpoints. Modern businesses use diverse technology, and we work with what you have.
What compliance frameworks do you work with?
We have experience with HIPAA (healthcare data protection), SOC 2 (service organization controls), PCI-DSS (payment card security), NIST 800-53/800-171 (federal security frameworks), CJIS (criminal justice information), and FedRAMP/StateRAMP (government cloud security). Compliance support is integrated into our security architecture services.
What's a fractional CIO or CTO?
It's strategic IT leadership on a part-time basis. A full-time CIO or CTO costs $200K+ in salary alone, which doesn't make sense for most companies under 500 employees. A fractional CIO gives you the same caliber of thinking: technology roadmaps, vendor evaluation, budget planning, alignment with business goals, at a fraction of the cost. You get someone in your corner who understands both the technology and the business, without the overhead of a full-time executive.
Why don't you just recommend the same tools to everyone?
Because that's how complexity builds up in the first place. Most IT providers have a standard stack they install for every client. It's simpler for them, not for you. You end up paying for features you don't need, working around limitations that don't fit your business, and locked into vendors that are hard to leave. We evaluate what you actually need and recommend accordingly, even if it means suggesting tools we don't resell. Our job is to reduce your complexity, not add to it.
What's the difference between proactive IT and break-fix?
Break-fix is exactly what it sounds like: something breaks, you call someone, they fix it, you get a bill. It's reactive, and it means you're always one outage away from a bad day. Proactive IT means monitoring, maintaining, and improving your systems continuously so problems get caught before they cause downtime. It costs more per month but typically costs far less per year, and it means your team spends their time working, not waiting for IT to come back online.
Working With Us
How do engagements typically start?
We start with a conversation, usually a 30-minute call to understand your situation, challenges, and goals. If there's a potential fit, we might do a discovery session or assessment to understand your environment better. From there, we propose a specific engagement scope. No pressure, no obligation.
Do you require long-term contracts?
It depends on the service. Project work has defined scope and ends when complete. Managed services are typically month-to-month or annual agreements with reasonable termination terms. Advisory/consulting is flexible, often ongoing but can be paused. We'd rather earn your business every month than lock you into something that doesn't work.
How quickly can you start?
It depends on the engagement scope and our current capacity. For urgent needs, we can often begin within a week. For larger projects, we typically start within 2-4 weeks. We'll be honest about availability during our initial conversation.
What's your typical response time?
Response times depend on your service agreement and issue severity. Critical issues: 15-30 minutes. High priority: 1-2 hours. Normal requests: Same business day. Low priority: 1-2 business days. Specific SLAs are defined in your service agreement.
Pricing & Billing
How much do your services cost?
Pricing depends on scope, complexity, and engagement model. We don't publish fixed pricing because every situation is different. Project work is scoped and quoted based on requirements. Managed services have a monthly fee based on users, devices, and service level. Advisory/consulting is hourly or retainer-based. Our initial consultation is free.
Do you offer fixed-price projects?
Yes, for projects with well-defined scope. We prefer fixed-price when possible because it aligns incentives: we're motivated to deliver efficiently, and you have cost certainty. For less-defined work, time-and-materials may make more sense.
What payment terms do you offer?
Standard terms are net-30 for invoiced work. For projects, we typically structure payments as 30-40% at project start, 30-40% at milestone, and balance at completion. We're flexible and can work with your procurement processes.
Technical Questions
What cloud platforms do you work with?
We work with all major cloud platforms: Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). We also work with hybrid and multi-cloud environments. Our recommendation depends on your requirements. We're not incentivized to push any particular platform.
Do you support remote/hybrid workforces?
Yes. Remote and hybrid work requires thoughtful infrastructure design: secure access, collaboration tools, endpoint management. We design systems that work regardless of where your people are located.
Can you help with a migration from our current IT provider?
Yes, we handle provider transitions regularly. We'll coordinate with your existing provider (or work around them if necessary), document the current environment, and manage the transition to minimize disruption.
What happens if something breaks outside business hours?
Depends on your service level. For managed services clients with 24/7 coverage, we respond to critical issues any time. For business-hours support, we have on-call escalation for true emergencies. The specifics are defined in your service agreement.
What is 'technical debt' and why should I care?
Technical debt is what builds up when IT problems get patched over instead of properly fixed. Think of it like deferred maintenance on a building: skip the roof repair long enough and eventually you're dealing with water damage, mold, and a much bigger bill. In IT, it looks like workarounds that slow your team down, systems that break every time you try to change something, and projects that take twice as long because everything is tangled together. It's one of the biggest hidden drivers of complexity in a business, and it directly erodes efficiency and profitability. We help companies identify where technical debt is costing them and build a realistic plan to pay it down.
What does 'right-sized' IT mean?
It means your technology matches your actual business needs, not undersized and not oversized. Undersized IT means outages, security gaps, and your team constantly fighting the tools instead of using them. Oversized IT means you're paying enterprise prices for capabilities you'll never use, with complexity that makes everything harder to manage. Right-sized means choosing solutions that fit where you are today and can grow with you, without paying a complexity tax for things you don't need yet.
For Technical Teams
What does your infrastructure-as-code approach look like?
We treat infrastructure the same way good software teams treat application code: version-controlled, peer-reviewed, and reproducible. Terraform for provisioning, Ansible for configuration management, and CI/CD pipelines to enforce consistency across environments. The goal isn't automation for its own sake. It's eliminating the drift and undocumented changes that make environments fragile over time. When we inherit an environment, we typically start by codifying the current state before making changes, so there's always a known-good baseline to roll back to.
How do you approach zero trust implementation?
Incrementally. Zero trust isn't a product you install. It's an architecture you build toward. We start with identity: making sure authentication and authorization are solid, MFA is enforced, and least-privilege access is actually least-privilege. From there we work outward: network segmentation, device posture checks, encrypted communications between services, and continuous verification rather than perimeter-based trust. Most environments we walk into have some zero trust elements already in place without calling it that. We assess what's there, identify the highest-risk gaps, and build a phased roadmap rather than a forklift replacement.
How do you handle cloud migrations?
We don't treat migration as a lift-and-shift exercise unless that's genuinely the right move. We start with workload analysis: what should move to the cloud, what should stay on-prem, and what needs to be rearchitected before it goes anywhere. We evaluate against actual requirements: latency sensitivity, data residency, compliance constraints, cost modeling at realistic scale. Not just what looks good in a vendor demo. Migration happens in waves with rollback plans at every stage. We've moved workloads to AWS, Azure, and GCP, and we've also moved workloads back on-prem when the math stopped working. The right answer depends on your situation, not our preferences.
What's your approach to security architecture?
Defense in depth, but pragmatic about it. We design security controls in layers: identity, endpoint, network, application, data, so that no single failure creates a breach. But we also recognize that security has to be usable or people work around it. We base our architecture on NIST frameworks, implement logging and monitoring that actually gets reviewed, and run regular access audits. For incident response, we make sure there's a tested plan before something happens, not a scramble afterward. We're also honest about what we see: if your environment has gaps, we'll tell you directly and help you prioritize based on real risk, not fear.
Can your team work in our existing toolchain?
Yes. We're not going to walk in and replace your Git workflows, monitoring stack, or ticketing system just because we prefer something else. We adapt to your environment. If you're running Prometheus and Grafana, we'll work in Prometheus and Grafana. If you're on Azure DevOps, we'll use Azure DevOps. Where we do push back is when a tool is actively causing problems or creating security risk. In those cases we'll make a recommendation, explain why, and let you decide. We've worked across enough environments to be productive in most toolchains without a ramp-up period.
How do you handle multi-vendor and heterogeneous environments?
That's most of what we see. Pure single-vendor environments are rare in practice, especially in the mid-market. We design for interoperability from the start: standard protocols, well-documented integrations, API-first where possible. When systems don't natively talk to each other, we build the glue, whether that's middleware, custom scripts, or an integration platform. The key is making sure that glue is maintainable and documented, not a single engineer's tribal knowledge. We also keep an eye on vendor lock-in: if a tool's value comes primarily from making it hard to leave, that's a red flag, not a feature.
Getting Started
I'm not sure if I need your services. Can I just ask a question?
Of course. Reach out via our contact form or give us a call. We're happy to have a quick conversation and point you in the right direction, even if that direction isn't us.
What should I have ready for our first conversation?
Nothing required, but helpful information includes: number of employees/users, current IT setup (internal, outsourced, or hybrid), main challenges or goals, and any upcoming deadlines or pressures. Don't worry if you don't have all the details. The first conversation is about understanding your situation, not conducting an audit.
How do I know if IT complexity is a problem for my business?
A few warning signs: your team has workarounds for things that should just work, the same issues keep coming back after being 'fixed,' you're not confident you know what you're paying for across all your IT vendors, projects take longer than they should because systems don't talk to each other, or you've been told you need a major upgrade but aren't sure why. If two or more of those sound familiar, complexity is probably costing you more than you think. We offer a straightforward assessment that helps you see where the drag is and what to do about it.
What if we're not a good fit?
We'll tell you. If we're not the right solution for your needs, we'll say so and try to point you toward better options. We'd rather have that conversation upfront than waste your time (and ours).
Questions by Solution Type
Looking for answers specific to your organization type? Each solution page has detailed FAQs tailored to your needs.