Is your MSP putting you at risk?

Is Your MSP Putting Your Business at Risk?

Why Constant Global Admin Access Is Still a Threat—And How GDAP Stops It

Over the past few months, we’ve spoken with several businesses who have faced the same worrying problem with their Managed Service Provider (MSP): the provider had permanent Global Admin access to their Microsoft 365 environment — and in some cases, had been reusing the same admin password across multiple customers.

This creates a huge, unnecessary risk. If that MSP is ever compromised, attackers could instantly gain full access to your company’s email, data, devices, security settings and more.

Fortunately, modern Microsoft security practices make this totally avoidable. The solution is something called Granular Delegated Admin Privileges (GDAP).

The Problem (In Plain English)

Here’s the pattern we’ve seen recently:

MSPs with 24/7 Global Admin access to every customer tenant.
Passwords reused across multiple clients, making a single breach catastrophic.
No tracking or time limits on what the MSP can access.

This approach was common years ago, but it is no longer considered safe. Both Microsoft and the UK’s National Cyber Security Centre (NCSC) now warn against permanent admin access due to the increasing rise in supply‑chain attacks.

The Modern Fix: GDAP

Granular Delegated Admin Privileges (GDAP) gives MSPs only the access they need — and only when they need it.

Here’s how GDAP protects your business:

Least-privilege access: Only the minimum permissions required for the task.
Time‑limited admin roles: Access can expire after a few hours.
Full audit trails: You know exactly who did what and when.
No password reuse: Each tenant relationship requires unique credentials.
Limits blast radius: If the MSP is compromised, your environment stays secure.

This aligns with NCSC best practice for securing SME environments in the UK.

Why Small Businesses Need to Take This Seriously

Cybercriminals have shifted their strategy. Instead of attacking a single small business, they now target MSPs because compromising one provider can unlock access to dozens of companies at once.

If your MSP:

uses a single admin account across multiple customers, or
keeps Global Admin roles active permanently

… then your business could be exposed without you even realising it.

How Easterly IT Services Helps

We work with small businesses across East Anglia to put safe, modern security practices in place. That includes:

Moving every customer to GDAP as standard
Time‑bound and audited admin access
Transparent access logs
Regular security reviews
Following NCSC guidance and Microsoft best practice

There are no hidden keys, no unlimited privileges and no insecure shortcuts.

✔ Free Microsoft Security Check

If you’d like clarity, we can run a quick, free check of your Microsoft 365 environment and show you:

What permissions your MSP currently has
Whether they’re using permanent Global Admin roles
Signs of password reuse
Immediate steps to reduce your risk

It’s quick, it’s free and it gives you peace of mind.

Get in Touch

Why Small Businesses Need to Take This Seriously

Cybercriminals have shifted their strategy. Instead of attacking a single small business, they now target MSPs because compromising one provider can unlock access to dozens of companies at once.

If your MSP:

uses a single admin account across multiple customers, or
keeps Global Admin roles active permanently

… then your business could be exposed without you even realising it.

How Easterly IT Services Helps

We work with small businesses across East Anglia to put safe, modern security practices in place. That includes:

Moving every customer to GDAP as standard
Time‑bound and audited admin access
Transparent access logs
Regular security reviews
Following NCSC guidance and Microsoft best practice

There are no hidden keys, no unlimited privileges and no insecure shortcuts.

✔ Free Microsoft Security Check

If you’d like clarity, we can run a quick, free check of your Microsoft 365 environment and show you:

What permissions your MSP currently has
Whether they’re using permanent Global Admin roles
Signs of password reuse
Immediate steps to reduce your risk

It’s quick, it’s free and it gives you peace of mind.

Get in Touch

Is your MSP putting you at risk?

Is Your MSP Putting Your Business at Risk?

The Problem (In Plain English)

The Modern Fix: GDAP

Why Small Businesses Need to Take This Seriously

How Easterly IT Services Helps

✔ Free Microsoft Security Check

Why Small Businesses Need to Take This Seriously

How Easterly IT Services Helps

✔ Free Microsoft Security Check

more posts:

Agentic AI: The Next Leap in Enterprise AI (Beyond ChatGPT and Copilots)

Passkeys vs. Passwords: Why The Future of Secure Logins is Password‑Free

Is your MSP putting you at risk?

Is Your MSP Putting Your Business at Risk?

The Problem (In Plain English)

The Modern Fix: GDAP

Why Small Businesses Need to Take This Seriously

How Easterly IT Services Helps

✔ Free Microsoft Security Check

Why Small Businesses Need to Take This Seriously

How Easterly IT Services Helps

✔ Free Microsoft Security Check

more posts:

Why a NAS Might Be the Best Investment Your Small Business Makes This Year

Agentic AI: The Next Leap in Enterprise AI (Beyond ChatGPT and Copilots)

Passkeys vs. Passwords: Why The Future of Secure Logins is Password‑Free