MSPs sell their book. The vendors they're authorized on. The platforms they're certified on. The products they have margin on.
The infrastructure they're about to recommend for your business is shaped by all of that before you walk in the room.
This Playbook covers what that actually means for you: how to size the right MSP for your company, what security capabilities a small MSP genuinely cannot deliver regardless of what they tell you, why outsourcing IT decision-making to someone with a vested interest is one of the most expensive mistakes a growing company makes — and the one rule that keeps you from getting locked into the wrong stack for the next three years.
You should be leading the MSP. Not the other way around.
WHAT RISK IS YOUR MSP RELATIONSHIP HIDING FROM YOU?
Nine questions from the other side of the table.
The structural problems in MSP relationships don't surface through bad service. They surface during an incident, a renewal, or a transition — when it's too late to fix them cheaply. The questions below come from the channel mechanics buyers don't see and the contract terms written to protect the MSP, not you. Answer them against what you actually know — not what you were told when you signed.
1. Has your MSP ever told you to buy something they can't sell you?
Before an MSP can represent a product, they need manufacturer authorization — certifications, volume commitments, and in many cases contractual restrictions on recommending competitive solutions. A good MSP will tell you when the right answer is outside their stack. If yours never has, that silence tells you whose interests the relationship is optimized for.
2. Did you know your deal was registered before you finished evaluating?
When an MSP begins working with you on a project, they register that opportunity with the manufacturer. First-come, first-serve. That registration locks out every other MSP from accessing the same discount tier on your account — and it happened before you chose them. If you talked to multiple MSPs during evaluation, every one of them registered your deal. The mechanism exists entirely to protect the MSP's position. You were the last to know it existed.
3. Can your MSP show you documented instances where they recommended less?
Reduced scope, reduced spend, reduced complexity — because it was the right business decision for you. The difference between a vendor and an advisor is evidence, not claims. Ask for examples. If they can't produce them, or if the conversation gets uncomfortable when you ask, you already have your answer.
4. When did you last test after-hours escalation — and what failed?
Don't trust the escalation path on paper. Trust the last time it was tested. A real test reveals whether response times are theoretical or actual, whether the on-call rotation functions, and whether the chain holds when the primary contact is unavailable. "I think someone gets paged" is not an escalation path. It's an assumption — and you won't find out the difference until you're in an incident at 2am.
5. Have you tested recovery — or are you paying for backup?
Backup means your data is being copied somewhere. Recovery means you've proven you can restore it — in what timeframe, to what state, under what conditions. Ask for the date of the last full recovery test, the documented RTO and RPO, and what failed during testing. If the answer is "the backups are there but we haven't verified restoration" — you will find out whether recovery works during the incident that requires it.
6. Can you see your own environment without asking your MSP to show it to you?
Ticket queue, patch status, endpoint coverage, active alerts, asset inventory, contract and renewal dates, open risk exceptions — can you pull any of this independently, without requesting a report or scheduling a call? If that visibility requires your MSP's cooperation, you don't control the environment — you're just paying for it.
7. If you left your MSP today, what would you actually own?
Documentation, admin credentials, tenant access, configuration runbooks, license ownership, domain control — who holds these, formally? Most buyers in stable MSP relationships have never thought about this question. Many MSP contracts are structured so that exit requires the MSP's cooperation — cooperation that is much harder to get when the relationship is adversarial. The time to understand your exit position is before you need one.
8. Are security responsibilities formally documented — or assumed by both sides?
There should be a written delineation: exactly what the MSP monitors, what they respond to, what they escalate to you, and what stays your team's responsibility. The most common failure isn't capability — it's that the MSP believes endpoint detection is covered while the client believes the MSP is monitoring for active threats. Neither assumption gets tested until an incident makes the gap visible.
9. When your contract renews, does the pricing go up automatically — and by how much?
Standard MSP contracts include annual escalation clauses. They're buried in the terms, rarely surfaced in the sales process, and compound quietly. A 5% annual escalation on a $200K contract is $10,000 more in year two. After five years you're paying 28% more than you signed for without a single change in scope. Find your escalation clause before the renewal conversation starts — not during it. During it, the MSP already knows the number. You're catching up.
What your answers tell you:
If you paused on two or more of these, the issue usually isn't performance. It's that the relationship was structured on the MSP's terms — their authorized stack, their deal registration, their escalation documentation, their contract language — and no one was representing your interests when it was set up. That's a structural problem, not a character one. It shows up at the next incident, renewal, or transition. The question is whether you address it before or after that moment forces it.
Find your situation:
→ Your MSP relationship isn't delivering what was promised — but you're not sure if it's bad enough to act on.
Vendor Relationship — what's at stake and what to do about it →
→ Your contract renewal is coming up and you want to know if the terms and pricing are fair before you re-sign.
Contract Renewal — what the auto-renewal window means for you →
→ You inherited this MSP. You didn't choose them, and you're not sure the infrastructure they built is right for where the business is going.
New Leadership — what to do when you inherit vendor relationships you didn't choose →
→ You're evaluating MSPs now and want a shortlist based on actual fit — not who marketed hardest.
Sourcing & Selection — how we build the shortlist →
If none of those fit exactly — that's what the first conversation is for. No pitch. No prep. Just answers.
Get Started →
