Before You Sign That Client, Make Sure Your MSA Has These Three Protections

Your Master Services Agreement (MSA) is more than a formality. It’s your first line of defense. A strong MSA helps you prevent misunderstandings, enforce payments, and stay compliant. But many small businesses are missing critical protections.

Here are the three most important clauses your MSA should always include:

Protection from Criminal Acts of Third Parties

Cyberattacks, vendor outages, and criminal breaches are real threats. But without the right clause, clients may assume these risks fall on you. Your MSA should clearly state that you are not liable for criminal actions beyond your control, including breaches caused by third-party vendors or external attackers.

Shared Responsibility for Backups and Data

Even if you provide a primary backup service, your client needs to undertake to take a secondary or tertiary backup of key data.

Regulatory Risk Language

Laws like HIPAA, GLBA, and the FTC Safeguards Rule require very specific protections. Your MSA should show that you understand these standards and that your clients have responsibilities too. This sets expectations early and reduces your liability.

No Responsibility for Ignored Security Advice

If you recommend MFA, backups, or other critical security measures and your client declines, your MSA should clearly state that you are not liable for the consequences. This avoids blame when a breach occurs due to their refusal to follow best practices.

How Monjur Helps

Every MSA delivered through Monjur Pilot includes:

  • Attorney-reviewed clauses for cyber risk, vendor failures, and regulatory alignment
  • Language that evolves automatically as rules change
  • Smart Hyperlinks, so these protections show up wherever your contracts live

Want to see how your current MSA compares? Download the Free MSA Checklist and protect your next deal.

Found this useful?
Share it with another MSP founder.
Rob Scott
About the author

Rob Scott

CEO & Co-Founder, Attorney

Attorney with 25+ years of MSP legal experience. Co-Founder of Scott & Scott, LLP and Monjur. Has overseen contracting for 1,000+ MSPs.

Rob Scott is an attorney with more than 25 years of experience in MSP and technology law, and the co-founder of both Scott & Scott, LLP and Monjur. He has overseen customer contracting for more than 1,000 managed service providers and built Monjur to bring attorney-supervised contract intelligence to the MSP industry.

Licensed in Texas since 1999, Rob earned his J.D. from the Maurice A. Deane School of Law at Hofstra University and his B.A. in Economics and Philosophy from Austin College. His practice focuses on software licensing, software audit defense, data privacy, and vendor risk, representing MSPs and enterprise clients in transactions and disputes with major software publishers.

Stop worrying about contracts

Attorney-supervised contract intelligence for MSPs.

We write and update your client contracts, and protect your business, so you don't have to.

See Monjur Pilot in your own MSA.

No slide deck. We'll pull up your actual contract and show you what Pilot would flag.

Schedule 20-minute demo →
1,000+ MSPs · 25+ years of MSP legal