Client
Pontem Group
Industry
Fire Suppression & Code Consulting
Location
Vancouver, BC
Team Size
30 employees
The Situation
Pontem Group is a fire suppression and code consulting firm in Vancouver. Thirty people, four principals, serious technical work: fire simulation, code analysis, CAD drawings that take hours to produce and seconds to corrupt if something goes wrong.
The four principals were doing their own IT. Not because they wanted to. Because someone had to, and they were the ones who knew enough to muddle through. Between client work, project management, and running a growing firm, they were also managing software renewals, setting up laptops, troubleshooting network issues, and fielding questions from staff when something stopped working.
It was costing them more than they realized.
A referral brought Huntertech in. The brief was simple: take IT off the principals' plates so they could focus on the work they actually built the firm to do. What we found when we got there was more than anyone expected.
What We Found
The Hardware Situation
The team was running high-end gaming laptops. On paper, powerful machines with dedicated GPUs marketed as capable of handling demanding software. In practice, a procurement decision that made everything worse.
The laptops didn't have Thunderbolt ports. To get dual monitors, the team was using DisplayLink docks, which bypass the GPU entirely and render everything through software. The GPU they paid a premium for was completely unused for any display work. Every 3D view, every render, every CAD operation was running on software acceleration.
One of the RTX 4000 laptops was defective. It bluescreened any time the GPU was engaged. Nobody sent it back. It just became the machine that person used carefully.
The laptops ran hot under sustained load, had poor battery life, and were heavy enough that nobody wanted to carry them home. They stayed in the office. When someone needed to work remotely they figured something else out.
One staff member was running Pyrosim fire simulations. These are 24-hour render jobs on complex models. His laptop was unusable for the duration. He checked email on his phone and waited. Sixteen gigabytes of RAM across most of the fleet. Not enough for the workloads they were running.
The Software Situation
Six Bluebeam licenses. Different renewal dates. Spread across 20 employees with no centralized tracking. Someone had to remember when each one renewed, chase down the right contact, and sort out the billing. Nobody's job, so it fell to whoever noticed first, which was usually one of the principals.
Microsoft 365 licenses with no audit trail. Software either over-licensed on seats that hadn't been used in months or under-licensed on tools people needed. No one had looked at this systematically.
Password management was a text file. Shared credentials for shared accounts. No single sign-on. Every system its own login. Staff memorized what they could and wrote down the rest.
The Security Situation
Local admin rights on every machine. Staff installed what they needed, updated what they thought to update, and left the rest. No centralized patch management, no endpoint detection, no way to know what was actually running across the fleet.
Devices were unencrypted. No BitLocker, no centralized device management. A lost laptop was a data breach waiting to be discovered.
Phishing emails were arriving regularly. Staff were handling them on their own judgment with no filtering, no escalation path, and no training on what to do when something slipped through.
Network equipment had been installed by a third party. None of the principals had administrative access to it. If something went wrong with the network, the options were call the original installer, guess, or wait.
What We Did
The goal wasn't to rebuild everything for the sake of it. It was to fix what was actually broken, match the tools to the workflow, and get IT off the principals' plates permanently.
Hardware
We matched hardware to workload instead of buying one spec for everyone.
Standard users moved to Lenovo ThinkPads: 32GB RAM, business-grade build quality, proper warranty and support. Lighter, longer battery life, Thunderbolt docks with real GPU passthrough. Every machine was upgraded to Windows 11 Pro. Around $500 less per device than what they had been paying. Not because we found cheaper hardware, but because we sell at MSRP with no markup. Their previous vendor had been charging a premium on top of already overpriced machines.
Power users, including the fire simulation engineer and senior CAD staff, got Lenovo Legion workstations or high-spec desktops. Proper hardware for sustained heavy workloads, with real warranty support. Staff who needed mobility got thin and light laptops that remote into their workstations when they need full power. The Pyrosim engineer runs his simulations on a machine that can handle it and uses his laptop normally while it runs.
The DisplayLink docks went away. USB4 and Thunderbolt docks replaced them. GPU acceleration works the way it's supposed to.
Software and Licensing
Full audit of every software license across the firm. Consolidated the six Bluebeam licenses into a single managed account with one renewal date. Eliminated unused Microsoft 365 seats. Standardized application versions across the team so everyone was running the same tools at the same version.
This isn't exciting work. It's the kind of thing that accumulates invisibly when IT is nobody's actual job, and costs real money and real time until someone sits down and sorts it out.
Security
Deployed Huntress EDR and ITDR across the fleet. BitLocker encryption on every device. Removed local admin rights and replaced the ad hoc installation process with managed software deployment. Staff request what they need and it gets deployed properly.
Implemented proper password management and single sign-on through Entra ID. No more text files, no more shared credentials, no more eleven different logins for eleven different systems. Staff log in once.
Phishing filtering with a clear escalation policy. If something suspicious gets through, there's a defined process for reporting it and getting a fast answer rather than a judgment call from someone who isn't sure.
Network
Regained administrative access to the network equipment. Not a dramatic change, but a critical one. The firm now controls its own infrastructure.
The Results
| Metric | Result |
|---|---|
| Hours recovered annually | 1,000+ |
| Hardware cost per device | ~$500 less vs previous vendor |
| Device encryption coverage | 100% |
| Security incidents since deployment | Zero |
| Hardware-related support tickets | Down 90% |
| License costs | Down 20% |
| Support resolution time | 80% faster |
The 1,000 hours is not a round number chosen for impact. It comes from adding up what the principals were actually doing each week: managing renewals, setting up machines, troubleshooting network issues, handling software problems, fielding staff questions. Multiplied across four people and fifty-two weeks, the number is conservative.
What Changed for Staff
Laptops that don't overheat. Machines people actually take home. A fire simulation engineer who can use his computer while a job runs. Software that's the same version across the whole team. One login for everything. A number to call when something breaks, with a response the same day.
What Changed for the Principals
They stopped doing IT.
That's the whole story. Four people who were spending meaningful hours every week on work that wasn't their job, wasn't their expertise, and wasn't moving the firm forward. They handed it off completely.
When we finished the initial transition, one of the principals said: "We should have done this sooner."
They had no idea how much time they were spending. They had no idea how good it could be. Both of those things are normal. It's hard to see the cost of something you've just accepted as part of running a business.
A Note on How This Was Billed
The hardware standardization, license audit, security deployment, and network access recovery were not billed as separate projects. That work is part of onboarding. We don't charge project labour.
Hardware is purchased by the client at our cost. We don't mark it up. Their previous vendor had been charging above MSRP, which is why the same calibre of device ended up around $500 cheaper when they bought through us.
One monthly fee. No invoices for setup, no charges for the migration work.