News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
9d8314c6 69c9 497a 9d5a e569bcee9de3

The dominant structural mechanism explored in this episode centers on governance gaps in access management and the resulting liability transfer to MSPs. The discussion highlights how fragmented identity stacks, unmanaged access, and reliance on manual tracking expose MSPs to growing contractual, operational, and legal risk. Companies and technologies referenced include Microsoft 365, Google Workspace, Okta, ConnectWise, and specific access governance solutions targeting the channel. The ConnectWise 2026 Threat Report identifies credential abuse as a core attack vector, underscoring how unaddressed authorization and access drift remain a structural exposure area.

The episode cites multiple indicators and supporting data. According to the ConnectWise 2026 Threat Report, credential abuse is now the primary attack vector, with attackers commonly exploiting active and orphaned accounts left unmanaged in client environments. Fragmented identity stacks complicate the onboarding and offboarding process, with onboarding often requiring 45 minutes per client as technicians navigate numerous access portals. The prevalence of shadow IT, orphaned accounts, and missed deprovisioning windows was discussed as persistent drivers of both operational overhead and increased incident risk.

Supporting developments include community-documented scenarios where multi-factor authentication (MFA) was present but insufficient to prevent breaches, particularly when privilege escalation or temporary exclusions remain unaddressed. Examples such as the Reddit phishing event and Microsoft’s handling of MFA via VOIP demonstrate how authentication is distinct from governance, and that temporary access or exceptions frequently become permanent, heightening exposure. Regulatory environments—including healthcare, finance, and government—were cited as adding further requirements for explicit governance controls and auditable access policies, while manual spreadsheet tracking often fails to meet these demands.

The operational implications for MSPs include the need to move beyond basic practice such as MFA and endpoint protection, toward purpose-built tools and processes that provide continual visibility, auditable controls, and policy enforcement for client access. Without this, MSPs face increased administrative burden, billing discrepancies, contractual liability, and reputational risk. As regulatory audits become more demanding and clients demand clearer evidence of governance, service providers must reconcile the tradeoffs between increased process complexity and the need for automated, enforceable identity governance. This shift challenges existing pricing models, requiring MSPs to justify and potentially repackage their service offerings in the context of risk management and operational maturity.

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories