An MSP said something to me this week, and I thought it was good enough to relay to all of you here. What does it mean to be “as compliant as your clients?” Here are my thoughts on this matter.
Minimum Level of Compliance
There is, what I would call, a minimum level of compliance for all MSPs. Beyond MSP best practices, MSPs should all behave with at least a minimal amount of concern for the numerous laws which impact MSPs and their customers.
In particular, data privacy laws are undoubtedly impacting nearly every MSP on the planet. I suppose there are a few remote geographies where these laws do not yet exist. Beyond these exceptions, most MSPs should operate their businesses with a sense of achieving data privacy compliance.
Advanced Compliance
Beyond this minimal compliance level, there is a growing body of MSPs who service customers directly impacted by regulation or who have a heightened sense of privacy and security. For these clients, the MSPs servicing them must have a keen sense of those regulations and attempt to operate in a compliant fashion with those laws.
For example, if you are serving financial institutions, you should be aware of all the regulations and practices impacting that customer base. Furthermore, you should be implementing those same practices within your MSP business. As most MSPs are considered an extension of their customer’s IT departments, enforcing the same compliance rules within their MSP practice is a good idea.
In closing, MSPs who embrace the compliance pressures of their customers will be more capable of adding new clients in those same regulated markets. MSPs who understand the compliance needs of customers and implement those practices internally will more easily withstand compliance scrutiny of their MSP practice.