“ Set very clear expectations about the services you ’ ll be providing , or the client may think you ’ re providing services that you ’ re not .”
“ Set very clear expectations about the services you ’ ll be providing , or the client may think you ’ re providing services that you ’ re not .”
- Ann Westerheim , Founder and President , Ekaru
Running an MSP can be risky business . If anything goes wrong with your customer ’ s IT environment , you usually get the blame regardless of who messed up — you , a vendor , or the customer .
That ’ s why the start of the year is a great time to review all your contracts and policies to find outdated clauses , loopholes , inadequate coverage , and other potential headache-inducing issues .
1 . Make Sure Your MSA Clearly Defines Deliverables And Liabilities
The MSA is your business foundation . It should define the relationship with the client , specifying services , liabilities , termination clauses , and dispute resolution . It should also spell out which systems you manage for the client , what services fall under your scope of work , and what constitutes direct damages , says Mike Semel , president of Semel Consulting , a cybersecurity , business continuity , and compliance consultancy , and former MSP .
The MSA should also be very clear about what you don ’ t deliver to customers , says Ann Westerheim , founder and president of Ekaru , an MSP in Westford , Massachusetts . “ Set very clear expectations about the services you ’ ll be providing , or the client may think you ’ re providing services that you ’ re not .”
And make sure the “ Limitation of Liability ” section does not contain language limiting your MSP ’ s liability “ to the amounts paid under this agreement ,” says attorney Bradley Gross , who specializes in IT and cyber law . “ Why ? Because the MSP ’ s liability limit keeps going higher the longer the MSP provides services under the agreement .”
Semel advises limiting exposure to direct damages . “ If you make a mistake and bring down a law firm ’ s systems for two hours , and they bill $ 10,000 per hour , their direct damages would be $ 20,000 .” But if they lose a $ 10 million-a-year client because of the outage , the consequential damages are much higher , so make sure you ’ re on the hook for only the $ 20,000 , he says .
2 . Check Your E & O Policy For Gaping Holes
Your E & O policy should have first- and third-party coverages , Gross says . If a hacker breaches your network and attacks your customers , first-party coverage pays your costs while third-party coverage deals with your customers ’ claims .
And if you have a generic E & O policy , consider getting one tailored to managed services , advises Semel . Be aware , too , that a downloadable template or something you got from a peer might be an ill fit with your specific business and services .
Be sure to read the policy ’ s exclusions . A policy will cover you if a client suffers a breach after a faulty malware scan , but it won ’ t cover you for failing to run the scan , he says .
3 . Review What Costs Your Cyber Insurance Covers
A cyber incident can be expensive , even with insurance . Your policy should cover things like the costs of lawyers , forensic experts , and other services you will require if you ’ re breached or sued , Semel says .
4 . Use An Attorney Who Understands The MSP business
MSPs tend to operate on multiyear agreements , both with vendors and customers . Still , you should revisit them regularly . “ The contract that was perfect three years ago may not be perfect today . Have your contract reviewed at least every two years , even if it costs $ 1,000 [ for an attorney ] and there aren ’ t any changes ,” says Semel .
Finally , it goes without saying : Never forego a contract . Not even for small projects , break / fix work , or unpaid demos , advises Gross .
Pedro Pereira is a writer in New Hampshire who has covered the IT channel for two decades . He has worked for a variety of media companies , including Ziff Davis , CMP Media , The Nielsen Company , and daily newspapers .
MSPSUCCESS . COM | 29