It wasn’t that long ago that medical doctors learned about the virtues of washing their hands before performing surgery. Over time, this new practice became common, and the idea of not washing your hands was inconceivable.

The same analogy is valid for MSPs. There are many habits and practices employed by MSPs 15 years ago that we would never conceive of doing today (like storing your passwords in a spreadsheet). Even if you are not practicing managed security, there are many best practices all MSPs should be using in their everyday service delivery. Here are just a few of those good cyber hygiene practices.

Risk Assessments

Many MSPs generate a lot of project business doing risk assessment work for customers. All MSPs should be performing those same risk assessment services internally. Risk assessments are essential for a) understanding where threats are likely to attack, and b) identifying any breaches before they get too bad.

Remember, data breach notification is now the law of the land in the United States, Canada, and Europe.

Tighten your Service Contracts and Insurance

Just having that service agreement template you got ten years ago from a conference and the same old errors and omissions policy from the broker who sold you your car insurance is not enough. MSPs need updated agreements that reflect the unique risk of your business model. MSPs also need the right insurance, including policies which cover cyber breaches.

In a perfect world, your services agreements should work collaboratively with your cyber insurance to provide your MSP practice and your customers with the right type of risk mitigation and assurance.

End Sloppy Service Delivery

I remember at one MSPWorld many years ago an MSP saying they did not use contracts, and instead relied on a handshake. While that sentiment is admirable, it is not advisable.

Similarly, MSPs who go beyond the terms of a service agreement and perform services for customers who are not authorized by the MSP can end up being costly mistakes. Going beyond what is articulated in your service agreement could result in your MSP business, taking on a lot of unnecessary and unplanned risk.

MSPs with highly articulated service catalogs are less likely to engage in services which fall outside the service agreement.


There are many ways you can improve and secure your MSP practice. Investigate all of those methods and begin today. Good cyber hygiene is not a wish list; it is imperative that all MSPs should follow. And, if you don’t practice it, your customers will find an MSP who does.

Tags : cyber hygiene,managed services,MSPs

Post A Comment
YouTube Logo | MSPAlliance

Subscribe to MSPAlliance on YouTube!

Explore a world of valuable content, including full-length podcast episodes and clips, thought-provoking special interviews, immersive events, enriching webinars, live streams, and more.

Join our community on YouTube, subscribe to our channel, and elevate your MSP journey!

Mobile and Laptop device image of YouTube MSPAlliance Channel | MSPAlliance

Have questions?

We're here to help! Fill out the form below and we will get back to you as soon as possible.

First Name *
Last Name: *
Contact Email: *
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.





Contact us


510 Meadowmont Village Cir, #289 | Chapel Hill, NC 27517

MSP News

Sign up for MSP News, the weekly newsletter bringing you news and analysis from the managed services industry.