Relinquishing admin rights to a Managed Service Provider can feel uncomfortable for some business owners. This hesitation is natural—your technology is critical to your operations. Here’s how to build confidence in this partnership.
Building Trust With Your MSP
Working with an MSP requires a significant level of trust. You’re granting access to your critical systems, sensitive data, and operational infrastructure. This relationship encompasses both technical expertise and human partnership.
Understanding how to build and maintain healthy trust is essential for successful outcomes.
Here at TUCU, we are a Managed Services Provider for small business in Toronto and Durham Region, and we find that our clients feel comfortable once they understand what “monitoring” and “management” really looks like.
Trust takes time to build and seconds to shatter. We respect that.
Let’s shed light on this important topic to help you build a strong relationship with your MSP.
Clear Service Agreements
The foundation of trust begins with comprehensive agreements. Look for:
Service Level Agreements
- Clearly defined response times (usually called a Service Level Agreement (SLA) that is a part of your Master Service Agreement (MSA)
- Resolution expectations
- Escalation procedures
- Your responsibilities
- The MSP’s responsibilities
Scope Of Services
- Detailed coverage descriptions
- What you opted in or out of for your service plan (varies by client, depends on your needs and budget)
- Exclusions and limitations of each service offered
- Responsibility boundaries
Security & Privacy Policies
- Access management protocols
- Data handling guidelines
- Privacy and non disclosure agreements
Transparency
Ensure your MSP provides visibility in to your IT systems.
Data Ownership:
- Clear data policies
- Access continuity
- Information portability
- Intellectual property protection
Exit Terms
- Clear service cancellation language
- Clear service terms and duration of term, if any
Exit Strategy:
- Offboarding process
- Knowledge transfer (what is included/excluded)
- Transition procedures (what is inlcuded/billable)
- Timeline expectations
Building the Relationship
Develop a strong working relationship through:
- Regular check-ins
- Strategic planning meetings (quarterly or annually)
- Clear communication channels
- Feedback mechanisms
Gradual Implementation
Try A Phased Approach
Consider a gradual approach to MSP services:
Assessment Phase:
- Initial discovery
- Current state analysis
- Risk identification
- Recommendations for next 3-18 months, laid out in stages
Pilot Projects:
- Limited scope implementation
- Focused improvements
- Measurable outcomes
- Process refinement
Expanded Engagement:
- Broader service implementation
- Deeper integration
- Strategic planning
- Continuous improvement
As an example, a gradual onboarding approach might look like this:
- Start with non-critical systems or basic computer management. This gives you time to get to know one another, and also gives your staff time to adapt to new ways to contact and access support services.
- Expand into more robust security controls like Identity Management as confidence grows.
- Finally, move on to data security controls project.
Maintaining Business Control
Emergency Access Planning
Even with the most trusted MSP relationship, business continuity demands emergency access provisions. This “Break Glass” approach ensures you’re never locked out of your own systems.
Secured Emergency Credentials
Implement a secure process for emergency access:
- Secured admin credentials
- Physical storage solutions
- Access authorization processes
- Usage documentation
Crisis Management:
This is a collaborative effort where you would create your company documents with support from the IT provider. You would also train your staff internally.
- Emergency contact protocols
- Service disruption procedures
- Alternate access methods
- Recovery processes
Regular Testing:
- Scheduled backup verification
- Regular documentation updates
- You may wish to add team phishing tests or cybersecurity awareness training to your service plan
Evaluating MSP Security Practices
Your MSP should demonstrate robust security through:
Internal Practices:
- In house staff or outsourced services?
- Staff screening processes
- Access controls
- Policy enforcement
External Protections:
- Client separation practices
- Data protection measures
- Breach prevention
- Incident response capabilities
Evaluating MSP Security Practices
Establish appropriate limits through:
Access Controls:
- Role-based permissions
- Time-limited access
- Activity monitoring
- Authentication requirements
Approval Processes:
- Change management
- Major modifications
- System updates
- Security changes
Documentation Requirements:
- Process documentation
- Access records
- Configuration management
- Recovery procedures
Common Challenges and Solutions
Trust Barriers
Address common concerns.
If you are experiencing a perceived loss of control:
- Establish clear boundaries
- Implement approval processes
- Maintain visibility
- Develop emergency access
If you have had previous bad experiences:
- Start with limited scope
- Build through small wins
- Maintain transparency
If you have security concerns, ask questions to understand your MSP’s approach to security. They are not all the same.
Next Steps
To build a trusted MSP relationship:
- Define your expectations clearly
- Evaluate potential partners with an apples to apples approach
- Establish comprehensive agreements
- Implement phased adoption
- Create emergency access provisions
- Schedule regular relationship reviews
- Trust your gut
Ready to build a better MSP relationship? Contact us to discuss your needs and concerns.
Editor’s Note: This article is part of our business technology series. For related guidance, see our articles on Zero Trust Security Best Practices, Data Protection Strategies, and How To Switch IT Providers.
