Below, we’ve compiled answers to the most common billing questions we receive from our clients to help provide quick and easy solutions. If you don’t find the information you’re looking for or have a specific question or concern, we encourage you to reach out to your account manager directly. They’ll be happy to assist you and ensure your concerns are addressed.
Generally, a Billable User is anyone who has a company email address and uses it as part of their job responsibilities. For example, a maintenance technician who receives work orders via their company email would be considered billable. However, a volunteer who has a company email solely for tracking purposes would not be billable.
An additional way to distinguish between Billable and Non-Billable Users is by assessing their potential exposure to sensitive company data. Specifically, consider whether the user has access to information that should not be made public or data you wouldn’t want them to retain upon leaving the company. Using this guideline, some interns and temporary staff may be categorized as Billable, while others may not, depending on their access to sensitive information.
An additional way to distinguish between Billable and Non-Billable Users is by assessing their potential exposure to sensitive company data. Specifically, consider whether the user has access to information that should not be made public or data you wouldn’t want them to retain upon leaving the company. Using this guideline, some interns and temporary staff may be categorized as Billable, while others may not, depending on their access to sensitive information.
Billable users benefit from the full security stack, including AI-powered anti-phishing measures and comprehensive data backup. In contrast, Non-Billable users receive only the basic protections included with Exchange or Google Workspace, and their email or other data is not backed up.
It’s important to carefully evaluate which users should be categorized as Non-Billable. While this tier may be sufficient for individuals with minimal access to sensitive company information, it leaves gaps in protection and data recovery for those who might still handle critical communications or have indirect exposure to company systems. Any lapse in security or data integrity from a Non-Billable user could potentially create vulnerabilities that impact the broader organization. Therefore, thoughtful consideration of a user's access and responsibilities is essential to maintaining both security and operational resilience.
It’s important to carefully evaluate which users should be categorized as Non-Billable. While this tier may be sufficient for individuals with minimal access to sensitive company information, it leaves gaps in protection and data recovery for those who might still handle critical communications or have indirect exposure to company systems. Any lapse in security or data integrity from a Non-Billable user could potentially create vulnerabilities that impact the broader organization. Therefore, thoughtful consideration of a user's access and responsibilities is essential to maintaining both security and operational resilience.
A Billable Device may refer to any business-owned laptop, desktop, tablet, or mobile device (if you have MDM services from ROI Technology Inc.) that is actively in use and connected to your corporate network, depending on your plan. These devices may be enrolled in our management system, where they are equipped with the security tools and licensing included in your plan. Ensuring all Billable Devices are properly managed and secured is critical to maintaining a strong defense against cyber threats and safeguarding sensitive business data.
An Inventory Device refers to any business-owned device that is not yet connected to the corporate network and has not been put into active service. These are typically new, unused devices stored on-site, such as in a supply room. Since these devices do not contain any corporate data, they pose no IT risk to the business if lost or stolen.
Inventory Devices may or may not appear in the IT portal or on reports; however, rest assured that you are not charged for them. When you're ready to put these devices into service, IT assistance will be required to ensure proper setup and integration into the corporate network.
Inventory Devices may or may not appear in the IT portal or on reports; however, rest assured that you are not charged for them. When you're ready to put these devices into service, IT assistance will be required to ensure proper setup and integration into the corporate network.
No, ROI Technology Inc. requires all corporate-owned devices that have entered service to be fully protected. Allowing some devices to remain unsecured would be like installing smoke alarms in only parts of your home while leaving other areas unprotected. If a fire starts in an unmonitored location, it can quickly spread and endanger the entire building. Similarly, without visibility into every device on the network, we lose the ability to detect and respond to malicious activity at its earliest stages.
This policy has helped ensure that none of our clients have experienced ransomware or a major cybersecurity incident since partnering with us.
This policy has helped ensure that none of our clients have experienced ransomware or a major cybersecurity incident since partnering with us.
No. Once a device is put into service, it must retain full security licensing, even if it is not currently assigned to a user. Devices connected to your corporate network, whether actively in use or not, may contain sensitive data or provide access to critical systems, posing a security risk if lost or stolen.
This policy isn’t about pointing fingers—it's about acknowledging that accidents can happen. For example, an unprotected device classified as 'Inventory' could be unintentionally redeployed. In such cases, a user might start using the device without realizing it lacks the necessary security protections, inadvertently creating a vulnerability. By requiring all devices in service to have full security licensing, we reduce these risks and ensure the integrity of your network.
This policy has helped ensure that none of our clients have experienced ransomware or a major cybersecurity incident since partnering with us.
This policy isn’t about pointing fingers—it's about acknowledging that accidents can happen. For example, an unprotected device classified as 'Inventory' could be unintentionally redeployed. In such cases, a user might start using the device without realizing it lacks the necessary security protections, inadvertently creating a vulnerability. By requiring all devices in service to have full security licensing, we reduce these risks and ensure the integrity of your network.
This policy has helped ensure that none of our clients have experienced ransomware or a major cybersecurity incident since partnering with us.
Setting up a new user is less about the specific device and more about configuring access for the incoming user. During this process, we establish the user’s accounts in Office 365 or Google Workspace, Active Directory, and other business-critical systems. Once onboarding is complete, the user can typically log into any corporate-owned device as needed. However, their experience may differ if device-specific customizations, such as pre-installed applications or personalized settings, have not yet been applied.
While some MSPs charge higher rates based on the number of people or devices, we take a different approach. Our billing structure is designed to be more transparent and flexible: we bill separately for each user and each device at a modest rate.
This means your device count might be higher if you have shared devices (like a conference room computer) or if some users have multiple devices (such as both a laptop and a desktop).
This granular structure ensures fairness and cost control. It minimizes expenses when staffing changes occur and provides greater predictability for your IT budget—allowing you to plan with confidence while maintaining flexibility.
This means your device count might be higher if you have shared devices (like a conference room computer) or if some users have multiple devices (such as both a laptop and a desktop).
This granular structure ensures fairness and cost control. It minimizes expenses when staffing changes occur and provides greater predictability for your IT budget—allowing you to plan with confidence while maintaining flexibility.
We finalize Billable User and Device counts between the 15th and 18th of each month. If a user is terminated or a device is decommissioned after the 15th, it may still appear on your next bill but will be removed the following month—unless the position is backfilled or an inventory device is put into service as a replacement. To ensure a user is removed from the next bill, we require at least two full business days' notice for offboarding to allow sufficient time for processing.
The best way to maintain tight control over your monthly charges is to submit user onboarding and offboarding requests as soon as you’re aware of an upcoming staff change. The most common billing concern we hear is about charges for users who have already departed. In almost every case, this happens because IT was not informed that the user was no longer employed.
To ensure IT is properly notified of staff changes, please use the designated Admin Requests form in the IT portal. This is the only guaranteed method for processing such requests, as relying on other methods—like emails or verbal communication—can lead to errors. After all, we’re all human!
To ensure IT is properly notified of staff changes, please use the designated Admin Requests form in the IT portal. This is the only guaranteed method for processing such requests, as relying on other methods—like emails or verbal communication—can lead to errors. After all, we’re all human!
Most billing calculations are done automatically, with a human reviewing before releasing invoices to clients. The most common reasons for fluctuations are staff changes, devices being decommissioned or put into service, or discovery of devices in service that were not previously known (user acquired, not disclosed during onboarding, etc).
See the Service Modification section of our MSA here.
See the Service Modification section of our MSA here.
For project and labor invoices:
- Credit cards (CC fee added)
- ACH (no fee)
- Paper Check ($10 flat handling fee)
For monthly recurring service invoices:
- Credit cards (CC fee added)
- ACH Autopayment ($20 DISCOUNT)
- ACH (you initiate - no fee, no discount)
- Paper Check ($10 flat handling fee)
We will NOT need any online banking login details for any ACH transactions, whether you initiate or we initiate. If you choose to provide required account details for autopayment, data is stored securely with only limited access to key personnel.
- Credit cards (CC fee added)
- ACH (no fee)
- Paper Check ($10 flat handling fee)
For monthly recurring service invoices:
- Credit cards (CC fee added)
- ACH Autopayment ($20 DISCOUNT)
- ACH (you initiate - no fee, no discount)
- Paper Check ($10 flat handling fee)
We will NOT need any online banking login details for any ACH transactions, whether you initiate or we initiate. If you choose to provide required account details for autopayment, data is stored securely with only limited access to key personnel.
Simply put, to encourage more people to use ACH. Paper checks waste time, paper, and add unnecessary complexity to a simple transaction.
ACH is arguably more secure than a paper check, while requiring the exact same information that would already have been printed and mailed on a paper check.
We offer both autopayment in exchange for a $20 discount (on monthly recurring services only - contact your account manager) or if you don't want to share account information with us directly, you can manually initiate ACH via a link in the emailed invoice(s).
We will NOT need any online banking login details for any ACH transactions, whether you initiate or we initiate. If you choose to provide required account details for autopayment, data is stored securely with only limited access to key personnel.
ACH is arguably more secure than a paper check, while requiring the exact same information that would already have been printed and mailed on a paper check.
We offer both autopayment in exchange for a $20 discount (on monthly recurring services only - contact your account manager) or if you don't want to share account information with us directly, you can manually initiate ACH via a link in the emailed invoice(s).
We will NOT need any online banking login details for any ACH transactions, whether you initiate or we initiate. If you choose to provide required account details for autopayment, data is stored securely with only limited access to key personnel.
We consider ACH to be more secure than mailing a paper check. The information printed on the front of a paper check is the same information required to pay an invoice via ACH.
See below for a quick diagram of information typically required to authorize an ACH transaction.
See below for a quick diagram of information typically required to authorize an ACH transaction.