In this interview for
Website Planet, John Ahlberg, CEO of Waident, shares the story behind the company’s early beginnings and how it pioneered a proactive approach to IT long before “managed services” became an industry norm. He discusses Waident’s philosophy of Resilient IT, the impact of achieving SOC 2 certification, and how the company’s people-first mindset has built lasting client trust. John also offers real-world examples of how proactive strategies prevent IT disasters and shares his insights on the next major shifts shaping small business technology, from compliance demands to the safe adoption of AI.
How did Waident begin and how has the company evolved since its founding?
Waident was started in 2004, and honestly, it grew out of an opportunity. My last corporate job was as CIO for a commercial real estate investment bank. When that company split up, I decided it was the right time to try something new.
Back then, managed services didn’t really exist. The business models were either “break/fix” or hiring a company that would send a tech to your office one day a week. I wasn’t a fan of that. It wasn’t proactive, and it didn’t solve real business problems.
I had the opportunity to bring on my first client, and I pitched them what I considered a managed service: “Hire me, and I’ll be your IT department.” That was the start of our managed services model before most people even called it that.
Since then, our core focus hasn’t really changed and that’s by design. We still lead with managed services, but we’ve expanded where it makes sense. Over the years, we’ve added managed security, cloud services, and helping clients with AI. What we don’t do is pretend to be experts in everything. Some MSPs build websites, install phone systems, do cabling, and more, but their expertise spreads too thin. We take a different approach.
When clients need something outside of our lane , like a new website, we act as a trusted resource. We connect them with the right strategic partner, guide them through the process, and make sure it gets done right. And importantly, we don’t rely on kickbacks, our loyalty is to the client.
Waident has grown from just 2 of us to about 30 people today.
What does Resilient IT mean to you, and how do you apply it to your clients?
We started calling it “Resilient IT” because it captures how we approach technology. For us, resilience means building systems that are as reliable and redundant as possible. Things will never be perfect. Fiascos happen, but the impact shouldn’t be catastrophic.
Resilient IT is built on five principles I developed back when I was a corporate CIO:
- A People-first, Tech-second Mindset
- Comprehensive Understanding of System Interdependencies
- Extensive Documentation
- Systematic Preventive Testing
- Proven Troubleshooting Protocols and Processes
Combined, these principles create a disciplined but adaptive way of running IT – Resilient IT. Its goal is to keep your people productive, the enterprise running, and your data safe, no matter what fiasco comes your way—be it a pandemic, natural disaster, economic meltdown, IT vendor collapse, supply chain breakdown, or zombie apocalypse.
It aligns technology with business outcomes while anticipating the imperfections of both people and systems. Most importantly, Resilient IT gives you an evergreen lens for making IT decisions that will hold up over time.
How has achieving SOC 2 certification impacted your services and client trust?
We became SOC 2 certified several years ago, and that decision was driven by our clients. Some of our larger institutional customers required it because they themselves are held to very high standards.
For us, the transition wasn’t a huge leap. We’d already been aligning with the NIST cybersecurity framework, so we were doing a lot of the right things. SOC 2 was an investment, but it validated what we were already doing and set us apart from the competition.
Most MSPs our size are not SOC 2 certified. So when clients ask, “Are you SOC 2 or equivalent?” it’s a powerful differentiator. It builds immediate trust. And for small and mid-sized businesses, it’s the best of both worlds: they get a partner that meets enterprise-level standards without sacrificing the right-sized service they want.
Can you share an example of how a proactive approach prevented a major IT issue?
We’ve seen countless situations where being proactive saved a client from major headaches.
One example was in the manufacturing sector. An employee who was leaving tried to sabotage the company by deleting all of their emails. Because Waident was proactively backing up their Office 365 environment, nothing was lost. We were able to restore everything in about an hour. What could have been catastrophic ended up being a non-event.
Another example comes from SSL certificate monitoring. If an SSL certificate expires, it can cause downtime, security issues, and even lost revenue. Fixing it in a hurry is expensive and painful. We document and manage the expiration and renew it before it ever expires.
When onboarding a new client, we ran a proactive scan of their IT environment and discovered a certificate that was due to expire that very month. Their previous IT company had missed it entirely. Catching it early saved them time, money, and reputation.
What major technology shifts do you see ahead for small businesses, and how is Waident preparing?
Security has been the headline for years, and it’s not going anywhere. But the two biggest shifts we see on the horizon are compliance and AI.
- Compliance: More businesses are being asked to meet compliance standards, even if they aren’t formally regulated. Their partners, vendors, or customers expect it. Compliance and security go hand in hand. We help clients understand their compliance requirements and strengthen their security practices accordingly. Sometimes that means working alongside a third-party auditor or vCISO — and we handle the IT side of it.
- AI: The number one question clients ask us is: “What should we be doing with AI?” A close second is: “What are my employees doing with AI that I don’t know about?” The risks are real: data leakage, accidental exposure, or people using tools in ways that put the company at risk. But there’s also a real opportunity. The key is to stay ahead: educate your team, set clear policies, and look for smart, secure ways to adopt AI into your business.
