MSP Insurance Guide

Generic placeholder image
Rachel Jenkins

Cyberattacks have steadily increased in the past few years, impacting over 155.8 million individuals with data exposure in 2020 alone. It’s no surprise that managed service providers (MSPs) have become more aware of the risks they face. This post examines many of those exposures and the insurance coverage that helps MSPs manage the unique dangers. Let’s dive in.

What Is an MSP?

Managed service providers started in the 1990s, focusing mainly on remote monitoring and management of servers and networks. Since then, MSPs have set themselves apart by transforming and broadening their scope of services offered. MSPs currently handle much of the time-consuming and repetitive tasks of managing IT infrastructure or end-user systems. 

Small businesses and mid-market companies often team with MSPs to help them fill a void in IT systems or roles. Naturally, each MSP contract varies based on a particular company’s needs. MSP involvement comes in a variety of ways, including:

  • Technical support for employees
  • Payroll services
  • Application
  • IT infrastructure management
  • Ongoing IT support
  • Network
  • Compliance and risk management
  • IT cybersecurity software
  • User account administration
  • Contract management

MSPs offer significant value to all-sized businesses by supporting their professional objectives. C-level executives frequently vouch for MSPs’ value, saying that security and compliance should be left to a trusted MSP partner. When an MSP handles IT issues, company leaders can focus on internal roles and overall expansion. 

What Risks Do They Face?

As many companies do nowadays, MSPs face multiple vulnerabilities merely because they deal with online functions. But that’s not all the risks they face. Here are some of the exposures MSPs must navigate. 

Cybersecurity

From ransomware to phishing attacks, cybersecurity is a current hot topic. And for a good reason, too. The average cost of a data breach is roughly $4 million, taking over 200 days to identify an attack. Not even major corporations — Nintendo, Microsoft, Zoom, Twitter, etc.— can sidestep these vicious attacks.

That said, it’s no surprise MSP clients depend on them more and more for cybersecurity protection. Not only protection, but they also turn to MSPs for employee training regarding security risks and best cybersecurity practices. One slip-up could ruin a professional relationship for years to come.  

So, cybersecurity has been advanced to the top of most MSPs’ agenda and list of services offered. It’s an issue that can no longer be ignored. MSPs are called upon to build specialized cloud architectures, handle data backup, and provide mitigation tools, to name a few. Standing out in a crowd of other MSPs means having superior cybersecurity protection to meet the growing customer demand.

Downtime

When all goes well with systems and networks, it makes for happy business owners. However, if you flip the script and part of the network fails, MSPs are immediately alerted. Additionally, business owners often expect MSPs to respond swiftly to fix the issue STAT. It’s a tall order to fulfill — sometimes a 24/7 job.

For MSPs with a hefty customer base, crunch time could only be a matter of minutes or hours to finish the job. After all, businesses that can’t operate successfully will lose potential income. Worse yet, they might lose customers. Sometimes, business owners point the finger at their MSP partner, and MSPs must have an answer for them. The business’s financial and reputational damage is at stake. A disaster recovery plan is critical to an MSP’s success. 

Regulatory Compliance

Keeping up with the Joneses might seem like an easier task than maintaining regulatory compliance. For MSPs, it’s all part of the gig. The good news is that MSP who are up-to-date on regulatory knowledge are in high demand. 

Keep in mind that data privacy, cybersecurity, and breach notification stipulations impact most MSPs in today’s world. For example, data handling laws affect MSPs and clients worldwide. Offering even the essential services means MSPs must be current on data privacy laws and security rules. 

Similarly, MSPs offering specialized services must have vast regulatory knowledge to handle the extra load. Many MSP provide highly customized services, with varying service tiers and packages. So, specializing in services often means having additional knowledge.

What Type of Insurance Do MSPs Need? 

While each MSP is slightly different from the next, the following are a handful of must-have policies all MSPs need to stay protected and move forward. 

General Liability Insurance 

What it covers:

This policy covers the organization from some of the fundamental risks of running an organization, such as “slip-and-fall” claims, damage to a third party’s property, products liability claims, damage to rented space, and personal or advertising injury claims. 

Why you need it:

It forms the foundation of a risk management program. On top of protecting the company from legal liability caused by bodily injury or property damage, this coverage is usually required in contracts like office leases and vendor agreements. 

Cyber Liability Insurance 

What it covers:

This coverage protects your organization from lawsuits, fines, and penalties arising from a hacking attack or data breach. It can also reimburse the company for its direct expenses, such as breach notification costs, credit monitoring, data restoration, and forensic analysis. 

Why you need it:

If you collect any personal or organizational information, have a “login” feature on your site, integrate with another organization’s systems in any way, have employees who could fall for phishing scams, generate online content (i.e., blog posts), or rely heavily on email communications, you need cyber liability insurance. 

Professional Liability Insurance

What it covers:

Also referred to as “Errors & Omissions” or “malpractice” insurance. It covers financial services companies if an act, error, or omission committed in the course of the company’s performance of professional services is alleged to have caused a financial loss for a third party.

Why you need it:

Complex litigation is expensive, and there’s a lot to go wrong for financial services companies in particular. The policy responds to the threat of professional service disputes by paying legal fees and judgments or settlements resulting from a lawsuit for an alleged failure in providing professional services.

What Is Covered and What’s Not?

Naturally, different insurance policies cover various events. Many business owners confuse general liability (GL) with their E&O policy, for example. However, the two policies cover very different things. GL covers tangible risks, such as bodily injuries and property damage, whereas an E&O policy covers more putative risks, such as accusations of inferior work or service.

Additionally, MSPs and business owners must know where their insurance policy ends and the other party’s policy begins. Of course, this element will change based on the professional relationship and contract. 

One thing to consider is whether the policy addresses first- or third-party coverage (or both). Also, what do the policy limits cover precisely, or are they sublimated? Also, is the policy adequate for the contract or partnership (i.e., per occurrence vs. per aggregate)? These are all questions and concerns for an experienced insurance specialist. Each partnership is different, so what’s covered and what’s not will vary from contract to contract. 

Understanding the details of what coverage your company needs can be a confusing process. Founder Shield specializes in knowing the risks your industry faces to make sure you have adequate protection. Feel free to reach out to us, and we’ll walk you through the process of finding the right policy for you. 


Want to know more about insurance for MSPs? Talk to us! You can contact us at ​info@foundershield.com​ or create an account ​here​ to get started on a quote.

Related Articles

September 14 • Risk Management Tips

Tech Companies: What to Expect Going Public Post-Pandemic

After a nerve wracking pandemic year, many tech companies anticipate going public. Here’s what to expect from IPOs in the future.

unicorn companies
September 7 • Risk Management TipsSeries B

5 Highest-Valued Unicorn Companies of 2021

Despite a threatened economy, many startups paved the way forward. Here’s a roundup of the top 5 unicorn companies making waves in today’s market.

cyber-liability-insurance
August 31 • Cyber Liability

Cyber Liability Insurance Guide

Cyber liability insurance can seem confusing — but it doesn’t have to be. Here are several crucial cyber coverage guidelines for startups and technology companies.

venture-capital-funding
August 24 • Risk Management Tips

How the Pandemic Impacts the Flow of Venture Capital Funding

Like most things in life, the pandemic impacted venture capital funding — but how? Let’s review the influence of this health crisis.

late-stage companies
August 10 • Risk Management Tips

7 Types of Late-Stage Investors to Know

Late-stage companies pursing funding must understand the types of investors in the game. Here’s some insider info.

ransomware manufactures
August 3 • Cyber LiabilityRisk Management Tips

Ransomware Insights: Why Hackers Are Targeting Manufacturers

With ransomware attacks on the rise, why are manufacturers taking the brunt of it? Here’s our take on the situation, along with helpful tips.