Hackers Actively Exploiting Your Trust in Your Managed Service Provider

What if your managed service provider, the company with access to all your computers and networks and data, was hacked? Your data would be at significant risk of also being compromised.

When searching for an MSP, whether for the first time or to switch IT providers, the cybersecurity of the provider should be a paramount consideration. If they don’t have proactive security measures in place within their office environment, they could become one of your greatest security risks.

But how do you tell if an MSP is security-aware? More important, how can you tell if they can execute the changes needed to make themselves and your business secure?


Every IT provider will tell you they employ the best cybersecurity solutions on the market to protect themselves and their clients. But how can you know?

4 Signs an MSP May be Insecure:

  1. They don’t mention cybersecurity solutions for your business. This means they likely aren’t thinking about security for themselves either.
  2. They don’t offer cybersecurity solutions to clients. Some IT providers rely on a “break-fix” business model. They wait for your systems to break so they can earn money fixing them, rather than proactively supporting you by keeping your IT from breaking in the first place.
  3. All of their technicians are technology generalists. Security is not a part-time job. It takes specialized training. Someone that is good at fixing servers can do security basics, but your business needs more than just basic security measures given today’s cybersecurity threats.
  4. They can’t – or won’t – answer basic questions about their own security status, such as: a. Do they use multi-factor authentication (MFA)?
  5. Do they conduct and pass regularly scheduled security assessments?
  6. Have they found any security vulnerabilities in their systems and remediated them?
  7. Do they have clients who will recommend and substantiate their security practices?

It may be hard to believe, but there are managed IT providers out there who don’t place the importance on cybersecurity it deserves. Fortunately, there are plenty of security-conscious MSPs out there. But even being aware isn’t enough.


Your managed service provider may be aware of cybersecurity, but it’s important that you find a partner who is also able to execute the IT security enhancements. This is important to protect their business and ultimately, yours. When your IT provider clearly understands its reputation relies upon your security and happiness, they’ll remain on top of cybersecurity for your business.

6 Signs you can trust an MSP to protect your business:

  1. They have staff with security as a main or sole part of their job
  2. They can respond intelligently to questions about your industry’s regulatory requirements
  3. They have deployed active security practices within their business including annual security assessments. Preferably they are actively maintaining a HIPAA, PCI, GDPR or similar compliance status. 4. They frequently talk about the need for better cybersecurity for their clients
  4. They offer cybersecurity solutions that fit a range of budgets and business types (not just one solution)
  5. They offer cybersecurity awareness training

An IT provider focused on ensuring clients are secure will emphasize cybersecurity and push your organization to adopt solutions, policies and best practices like:

  • Using multi-factor authentication (MFA)
  • Implementing mobile security practices like mobile application management (MAM)
  • Taking the Fiducial Information Security Assessment (FISA)
  • Completing annual technology and security assessments
  • Conducting regular training for staff


Cybersecurity is one of the top information technology issues businesses should be concerned about right now, aside from daily operations.

At Applied Tech, we have a dedicated security team and actively maintain an internal security program to support our HIPAA, PCI and GDPR regulated customers. Our focus is on constantly improving internal security, which allows us to deliver enhanced security for our clients.

Are you worried your managed service provider doesn’t have the knowledge or ability to implement the cybersecurity solutions you need? Contact us for a free security risk assessment!

Looking for a new managed service provider? Learn more about Applied Tech Managed Services Here!

The Resource Hub

Get Complete Managed Services Insights

Visit our Resource Center for up-to-date news and stories for technology and business leaders.

Three IT Service Techs Working together at desks in office

Move Forward with IT Services for Business

Use managed services for small and mid-sized businesses that help you reach your goals.

Work With Us