It is healthy, if not necessary, to look inward and assess where you are so as not to become stale, complacent, or worse, irrelevant. It is time for us to do the same with the managed services profession. While I have not wavered in 21 years regarding my belief in the managed services business model or in the MSPs who carry out this valiant work, we must look inward and assess what we could be doing better. Improvement is always possible.

In the wake of the ransomware attack on MSP supply chain vendors, MSPs from around the world have been consistent in their proclamation that something must be done. What that something is will take some effort. But, self-examination is required if we are going to learn from this attack (in actuality, a series of attacks that have culminated with the Kaseya breach) and make changes that will improve the status of the MSP and the customers they serve.

MSP Security

Like other professions such as medical, legal, accounting, and engineering, MSPs also face constant and ongoing education to maintain basic competency and effectiveness. In this regard, I would say we have done well, but much more is needed.

MSPs have mastered technical proficiency long ago. What we need now is a renewed focus on the security threats facing MSPs (and, by extension, their clients).

Customer Security

As difficult as this is to say, end-user security is the Wild West. There is no consistency (save for a few highly regulated industries) regarding internal security practices or business resiliency. Particularly amongst small and medium-sized organizations, there are some horrible gaps in cybersecurity practices, even despite the presence of an MSP. How could this be?

As outsourced guardians of IT management and security, MSPs can only make recommendations; they cannot force action upon the client. Many of the devastating ransomware attacks we have seen in the past few years were exacerbated by these organizations’ poor state of IT and cybersecurity readiness. Attempts by MSPs to push readily available measures such as MFA and regular data backups are vetoed by these organizations for either convenience or financial reasons.

MSP Supply Chain Security

MSPAlliance stands with the hundreds of hardware and software companies supplying technology and services to the tens of thousands of MSPs worldwide. However, our solidarity with these technology vendors does not obviate the need for greater security, transparency, and accountability from these same companies.

MSP supply chain vendors are part of the managed services ecosystem. It is not right, fair, or wise for MSPs to go through greater audit, review, scrutiny, and certification than the vendors who supply the tools used by those same MSPs.


Written By: Charles Weaver is the CEO and co-founder of the MSPAlliance

Tags : Change,Improvements,Managed Service Provider,MSPs,Security,transparency

Post A Comment
YouTube Logo | MSPAlliance

Subscribe to MSPAlliance on YouTube!

Explore a world of valuable content, including full-length podcast episodes and clips, thought-provoking special interviews, immersive events, enriching webinars, live streams, and more.

Join our community on YouTube, subscribe to our channel, and elevate your MSP journey!

Mobile and Laptop device image of YouTube MSPAlliance Channel | MSPAlliance

Have questions?

We're here to help! Fill out the form below and we will get back to you as soon as possible.

First Name *
Last Name: *
Contact Email: *
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.





Contact us


510 Meadowmont Village Cir, #289 | Chapel Hill, NC 27517

MSP News

Sign up for MSP News, the weekly newsletter bringing you news and analysis from the managed services industry.