By John Hazard
The MSP Alliance and AIG announced a partnership Oct. 19 to provide
insurance for managed service providers that would extend to user
coverage for mishaps such as stolen laptops, data breaches and hackers.
The package provides comprehensive coverage for specific liabilities
that can't be mitigated through standard contracting procedures, such as
a data breach not due to malpractice, a lost lap top and an intrusion by
a hacker, said MSP Alliance officials and members.
The package would be similar to the bond and insurance possessed by home
contractors, obtained and maintained by the service provider, but
extended to the client as part of the contract, said Robert Scott, an
attorney and partner in the Dallas law firm of Scott & Scott.
Scott represents IT firms and is a board member of MSP alliance.
Payouts would cover actual damages such as lost businesses and
replacement costs, plus such things as monitoring customer's credit
following a leak of financial information, legal fees and public
relations expenses incurred, the organization and members said.
"There are certain risks, 'non-delegable duties,' like keeping an eye on
your employees, that the service provider just can't assume," Scott
Craig Valentine Brenner, CEO of NEDS (New England Data Services), a
Boston-based VAR, was part of such a situation at a previous company and
watched as the company approached financial ruin following a data leak
at one of their customers.
"It can go real bad, real easy," Brenner said. "It's not just the actual
damages, like the fact that the system was down for four hours and no
one could get on, but the potential liability. We didn't even know what
our obligations were from a public disclosure stand point. We could have
been looking at very expensive PR bills."
The situation at the organization, which Brenner declined to identify,
was eventually averted when the individual was found and the breach
Many MSP's have it on their radar screen, but few are taking the
necessary steps, said Charles R. Weaver, president of the MSP Alliance.
The alliance requires certain insurance steps of its membership for
Weaver expects the insurance to be considered another value add and a
selling point for providers.
"It helps to know your service provider is here to stay, that they won't
be driven out of business by a catastrophe at another client site,"
Scott, following his keynote address, "Mitigating Risks with Liability
Insurance," at the MSP Alliance Fall Conference in San Jose, also warned
MSPs to be more vigilant about enforcing SLAs (service-level
"Too often, things happen in the environment that are the client's
responsibility, and the client throws it back on the MSP," Scott said.
"It's time MSPs stood up for themselves. The market is mature enough now
that these guys don't have to take it from customers just to keep the
Visit the InfoSec News store!