A handshake is nice, but in managed services it won’t get you far. Whatever agreements MSPs reach with their customers, everything must be in writing. Otherwise, you’re bound to run into trouble later.

Just ask attorney Robert J. Scott, managing partner at Scott & Scott, a Southlake, Texas-based law firm specializing in technology regulations and contracts. Scott, who has vast experience with managed services contracts and SLAs (service level agreements), says his most common first contact with clients is when they need help with a customer contract.

Often they’ve already tried something else; they may have downloaded a legal template that didn’t quite cover all the potential legal ramifications or perhaps asked a friend or relative who is a lawyer to look over a contract for which the lawyer didn’t have the right kind of expertise.

Then of course there are the MSPs that don’t even have any contracts. Scott says he doesn’t know what percentage of MSPs do this, but one thing is sure: “If it’s more than any, it’s too many.”

In pre-managed services days, providers of IT services and products often didn’t use contracts, relying instead on handshake agreements. But when you enter into an arrangement to provide long-term services and expect to collect fees on a recurring basis, operating without a contract could be a recipe for disaster.

Still, having a contract doesn’t completely exempt you from future trouble, so Scott advises looking for certain red flags while negotiating with a customer:

Scope of Agreement

Every agreement should clearly specify the services it covers and what it excludes. It should address risk and the cost of delivering the services. Any services provided outside of the scope of the contract should be billed separately.

Risk Acceptance

MSPs need to properly manage risk. If a client system is breached, for instance, under certain circumstances the client may seek damages from the service provider. Scott says he tries to put his clients in zero-risk positions. An effective way to accomplish that is by carrying insurance to cover issues such as lost or stolen data. You need to buy enough insurance to satisfy the customer, and you’ll find that customers by and large accept this approach, he says.

Service Commitment

Spell out your commitment to the customer so there is no confusion about your responsibilities.  Through an SLA, MSPs can set expectations on the levels of service they agree to provide, including response times for downtime issues, after-hours availability and penalties for missing agreed-to milestones.

Term and Termination

The term of the agreement must be specified with a beginning and end date. If customers want out of the contract, there should be stipulated reasons as to when they can do so. They shouldn’t be allowed to cancel the agreement just because they found a competitor with a better price. Be sure to specify acceptable grounds for termination, such as the customer going out of business, and penalties for breaking the contract early.

Employee Poaching

One of the disadvantages of having good employees is the risk that someone else will try to hire them. This could happen with customers, who get a first-hand look at your techs and how good they are. Be sure to add a non-solicitation clause to your customer agreements to avoid this type of situation.

Negotiating contracts with customers can be awkward, but a little discomfort upfront can prevent a lot of trouble later on. As Scott says, “The guys that have no contracts at all are living under a rock. Even if you implicitly trust your customers, you have to have written agreements.” And that’s advice no MSP can afford to ignore.

Pedro Pereira is Massachusetts-based freelance writer with two decades of experience covering and analyzing the IT channel and technology. He can be reached at pedrocolumn@gmail.com.