EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
Risk Assessment & Dark Web MonitoringIdentify and quantify unknown cyber risks and vulnerabilities
Cloud App SecurityMonitor and manage security risk for SaaS apps
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
Policy ManagementCreate, deploy, and manage client security policies and profiles
Incident Response ServiceOn-tap cyber experts to address critical security incidents
Cybersecurity GlossaryGuide to the most common, important terms in the industry
The ConnectWise Security Responsibility Matrix
This page discusses in general terms the types of roles and responsibilities that exist in a managed service provider (MSP) and/or a managed security service provider (MSSP) environment and does not provide legal advice. It is meant to be educational and illustrative and not prescriptive. We encourage you to consult your own legal counsel to familiarize yourself with the requirements that govern your situation.
You need the right mix of services and skills on your team and the right buy-in and support from your customers to realize maximum value from ConnectWise. A proper focus on laying out your business objectives will enable you to establish, maintain, and extend ConnectWise products and services as a strategic platform for your organization.
This responsibility matrix will address the following key questions:
- As an MSP, how should I lay out my initial offering?
Make sure to define the roles and responsibilities for the services you plan to offer. Make sure to periodically revisit these roles and responsibilities when you implement additional platform capabilities, or when there are significant changes in your business that impact the way you need to manage the platform.
- What are the minimum requirements and related responsibilities for my core platform offerings?
The provided list of items should be covered or at least considered at a minimum
- What are the additional roles and responsibilities to consider adding to my core platform offerings if I add NOC or Help Desk?
The core offering covers the day-to-day management and maintenance using the ConnectWise RMM, ConnectWise Automate®, or ConnectWise Command™ RMM solutions. The NOC/Help Desk offering adds an external set of resources and skills to your organization that enables the execution of tasks related to tickets that are logged. NOC and Help Desk services are not available to ConnectWise Automate users at this time.
The core offering covers the day-to-day management and maintenance using the ConnectWise Automate®, ConnectWise RMM, or ConnectWise Command™ RMM solutions. The NOC/Help Desk offering adds an external set of resources and skills to your organization that enables the execution of tasks related to tickets that are logged.
Here is a non-exhaustive list of our recommended roles and responsibilities.
Data management (classification and retention)
Media disposal and destruction
Backup and restore
Authentication and authorization
Encryption key management
Security logging and monitoring
Business continuity and disaster recovery
Secure SDLC processes
Infrastructure Patching (Cloud)
Compliance: regulatory and legal
Secure configuration of instance
Employee vetting or screening
Escalation process definition
Contacts (Names, Email, Phones)
Incident Response process
Security Incident Response
Security Incident Management