A recent survey by Syncro reveals that nearly 30% of managed service providers, or MSPs, have experienced preventable data loss incidents in Microsoft 365 environments due to inadequate backup solutions. With 60% of MSPs reporting that Microsoft 365 powers more than 80% of their client base, the complexity of managing data protection and security is becoming increasingly challenging. The survey found that 40% of MSPs cite operational complexity and lack of integrated tools as their top management hurdles, while 28% only review security measures after incidents occur. Michael George, CEO of Syncro, emphasizes the need for MSPs to adopt unified platforms to streamline operations and enhance security.
The pressure on traditional managed service providers is increasing as customers seek new approaches to avoid cyber attacks. Experts from the Canalys Channel Forum highlight that the foundations of managed services may be eroding due to rising security demands. Robin Ody, practice leader at Omdia, emphasized that as managed services become more digitalized, confidence in their safety diminishes. He noted that the top remote monitoring and management providers are now incorporating enhanced security features to help mitigate risks, as managed service providers have become a primary target for cyber threats. With the landscape changing, Ody stresses that every customer must be viewed as a cyber services customer, and the co-managed model is emerging as a preferred strategy for meeting security needs.
Why do we care?
So—nearly a third of MSPs have lost Microsoft 365 data they could’ve prevented. That’s rough. And let’s be honest—if you’re not backing up 365, you’re gambling. Microsoft’s not your backup provider. You are. The survey says 40% of MSPs blame tool complexity—sure, but that’s an excuse. Clients don’t care if your stack’s messy—they care if their email disappears.
And at the Canalys Forum, Robin Ody basically said the quiet part out loud: managed services as we know them are cracking under security pressure. Customers don’t separate IT from cybersecurity anymore. They expect it all handled.
The co-managed model he’s talking about—that’s not a threat, that’s evolution. If you can work with internal IT, share data, and build trust, you win.
Here’s the move: bake 365 backup into every plan, stop selling security as an add-on, and design your services for transparency. Because the next breach your client has? They won’t blame the hacker—they’ll blame you.